securecheckout.sandbox.hit-pay.com Open in urlscan Pro
54.255.63.98 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.sidekickopen01.com/Ctc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3...
Effective URL:
https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout
Submission: On November 03 via manual (November 3rd 2023, 7:31:23 am UTC) from SG — Scanned from SG

Summary HTTP 230 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 30 IPs in 3 countries across 21 domains to perform 230 HTTP transactions. The main IP is 54.255.63.98, located in Singapore, Singapore and belongs to AMAZON-02, US. The main domain is securecheckout.sandbox.hit-pay.com.
TLS certificate: Issued by R3 on October 19th 2023. Valid for: 3 months.

This is the only time securecheckout.sandbox.hit-pay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700:440... 2606:4700:4400::ac40:91c3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	54.255.63.98 54.255.63.98	16509 (AMAZON-02) (AMAZON-02)
3	18.138.0.88 18.138.0.88	16509 (AMAZON-02) (AMAZON-02)
69	151.101.192.176 151.101.192.176	54113 (FASTLY) (FASTLY)
1	13.35.149.62 13.35.149.62	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4003:c05::5f	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c01::5e	15169 (GOOGLE) (GOOGLE)
4	2404:6800:400... 2404:6800:4003:c01::61	15169 (GOOGLE) (GOOGLE)
72	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4003:c06::5c	15169 (GOOGLE) (GOOGLE)
2	2403:e800:e80... 2403:e800:e80b::2a63:8c8b	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
2	2a03:2880:f00... 2a03:2880:f00c:300:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:bb59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c02::9a	15169 (GOOGLE) (GOOGLE)
6	2404:6800:400... 2404:6800:4003:c04::5e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4cba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e6a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:599a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.74.114.251 52.74.114.251	16509 (AMAZON-02) (AMAZON-02)
1	13.250.226.27 13.250.226.27	16509 (AMAZON-02) (AMAZON-02)
3	52.89.37.98 52.89.37.98	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f10... 2a03:2880:f10c:381:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2404:6800:400... 2404:6800:4003:c1a::71	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c0f::9a	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c1a::93	15169 (GOOGLE) (GOOGLE)
230	30

2 2606:4700:4400::ac40:91c3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

t.sidekickopen01.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 54.255.63.98 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

securecheckout.sandbox.hit-pay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.sandbox.hit-pay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.138.0.88 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-0-88.ap-southeast-1.compute.amazonaws.com

analytics.staging.hit-pay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

69 151.101.192.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.149.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-149-62.syd1.r.cloudfront.net

js.pusher.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c05::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c01::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c01::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c06::5c (Singapore, Singapore)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2403:e800:e80b::2a63:8c8b (Hong Kong)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00c:300:face:b00c:0:3 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bb59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c02::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2404:6800:4003:c04::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4cba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e6a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:599a (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.114.251 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: api-52-74-114-251.stripe.com

api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.250.226.27 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-226-27.ap-southeast-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.89.37.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-37-98.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10c:381:face:b00c:0:25de (Singapore, Singapore)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2404:6800:4003:c1a::71 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c1a::93 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
145	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 api.stripe.com — Cisco Umbrella Rank: 13282 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5203 r.stripe.com — Cisco Umbrella Rank: 3546 m.stripe.com — Cisco Umbrella Rank: 1249	2 MB
29	hit-pay.com securecheckout.sandbox.hit-pay.com analytics.staging.hit-pay.com api.sandbox.hit-pay.com	3 MB
21	google.com pay.google.com — Cisco Umbrella Rank: 2685 analytics.google.com — Cisco Umbrella Rank: 157 play.google.com — Cisco Umbrella Rank: 28 www.google.com — Cisco Umbrella Rank: 2	424 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6003	5 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	147 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	308 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	3 KB
2	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 4607 forms.hscollectedforms.net — Cisco Umbrella Rank: 4689	26 KB
2	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2155	21 KB
2	google.com.vn www.google.com.vn — Cisco Umbrella Rank: 9624	562 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	89 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	sidekickopen01.com 1 redirects t.sidekickopen01.com — Cisco Umbrella Rank: 90249	3 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3361	1 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3050	4 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2150	21 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2386	1 KB
1	pusher.com js.pusher.com — Cisco Umbrella Rank: 15122	18 KB
230	21

	Domain	Requested by
67	js.stripe.com	securecheckout.sandbox.hit-pay.com js.stripe.com
54	r.stripe.com	js.stripe.com
22	securecheckout.sandbox.hit-pay.com	t.sidekickopen01.com securecheckout.sandbox.hit-pay.com
18	q.stripe.com	t.sidekickopen01.com
14	play.google.com	www.gstatic.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	js.stripe.com pay.google.com t.sidekickopen01.com www.gstatic.com
4	api.sandbox.hit-pay.com	securecheckout.sandbox.hit-pay.com
4	www.googletagmanager.com	securecheckout.sandbox.hit-pay.com www.googletagmanager.com js.hsadspixel.net
4	fonts.googleapis.com	securecheckout.sandbox.hit-pay.com
3	px.ads.linkedin.com	3 redirects
3	m.stripe.com	m.stripe.network
3	analytics.staging.hit-pay.com	securecheckout.sandbox.hit-pay.com
2	api.stripe.com	js.stripe.com
2	js.hs-banner.com	js.hs-scripts.com securecheckout.sandbox.hit-pay.com
2	www.google.com.vn	securecheckout.sandbox.hit-pay.com
2	analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	t.sidekickopen01.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	t.sidekickopen01.com	1 redirects
1	www.google.com	securecheckout.sandbox.hit-pay.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.hubapi.com	securecheckout.sandbox.hit-pay.com
1	px4.ads.linkedin.com	securecheckout.sandbox.hit-pay.com
1	www.linkedin.com	1 redirects
1	forms.hscollectedforms.net	securecheckout.sandbox.hit-pay.com
1	www.facebook.com	securecheckout.sandbox.hit-pay.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	js.hs-scripts.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	js.pusher.com	securecheckout.sandbox.hit-pay.com
230	36

This site contains links to these domains. Also see Links.

Domain
stripe.com
webhook.site
hitpayapp.com
www.hitpayapp.com
pay.azupay.com.au

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-18` - `2024-05-16`	a year	crt.sh
dashboard.sandbox.hit-pay.com R3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
analytics.staging.hit-pay.com R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
js.pusher.com Amazon RSA 2048 M01	`2023-04-13` - `2024-05-11`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
sandbox.hit-pay.com R3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.com.vn GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
api.stripe.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout
Frame ID: BC6F2B3D7AA08E04045C828513471347
Requests: 62 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 7B1649ED0DD2C00CE788977E00E3C224
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 09B54B0CE1C237C6B3DBA07EA5A3CD59
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-07688f7db2014d6e642f0b60ec8836d8.html
Frame ID: 559C07A41E6F5666D5F049EF06ED8485
Requests: 57 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-876cc5312c75815cc97d07ae3e55a3ba.html
Frame ID: 3BC5CABCFFA2FA336A3B54CFEC15CF8B
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-27deebbc67d89e68ee13c3e67ffd3ecb.html
Frame ID: 0C3A9EF99EB5B728077C0B02FD8E37D1
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html
Frame ID: 8F8C05FB76FD1D822757969609D3D2DE
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
Frame ID: 4329AC72BCF4C7F8B4CC89ACC5D118A4
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
Frame ID: E7B83A5B133D1CFF0CFC1BB0A369F68B
Requests: 8 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 2320A229397DBE6644EE0DD45611DF1C
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html
Frame ID: BE0C5EB81109B21F79B958954E8D5C82
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html
Frame ID: 7F9870CA8E8C7AD6B56758F4DDD8659E
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Checkout - HitPay

Page URL History Show full URLs

https://t.sidekickopen01.com/Ctc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7... Page URL
https://t.sidekickopen01.com/events/public/v1/encoded/track/tc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X... HTTP 307
https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

230
Requests

100 %
HTTPS

70 %
IPv6

21
Domains

36
Subdomains

30
IPs

3
Countries

6337 kB
Transfer

14404 kB
Size

20
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://stripe.com/docs/testing
Title: link

Search URL Search Domain Scan URL

URL: https://webhook.site/
Title: webhook.site

Search URL Search Domain Scan URL

URL: https://hitpayapp.com/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://www.hitpayapp.com/privacypolicy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.hitpayapp.com/termsofservice
Title: Terms

Search URL Search Domain Scan URL

URL: https://pay.azupay.com.au/howto
Title: How to make a PayID payment?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.sidekickopen01.com/Ctc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3_-3hH8Zz5S7N2JJTs49LknzW49B8gw1NFQW5W3k39fZ9bnR_jW4lz6mb6l6MXjW460BZ24x-WzbW1dy5Tx2FCy5TW52yMJx1X1ZWtW53w-Z41bKghgW5S2-gf79PtxhW48BJGZ3jxjLYW65_XJr8kQmVrW6RKV2y5zqFZ8W6Pzd8C8vLbSYW58twky575HglW6pYXS73KMwgXW4kfG3L5XPMH4W25-fG55Yj0ptW2jSMw26C-3LdW5kzzY646LH0QVXlRTC8xJS6PVPyLjB7sqsNFW6nl87W2ln-MJW52mQn45LzWqGW5RdN443rCH9hN4hwW1zmqFKyf52YnMj04 Page URL
https://t.sidekickopen01.com/events/public/v1/encoded/track/tc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3_-3hH8Zz5S7N2JJTs49LknzW49B8gw1NFQW5W3k39fZ9bnR_jW4lz6mb6l6MXjW460BZ24x-WzbW1dy5Tx2FCy5TW52yMJx1X1ZWtW53w-Z41bKghgW5S2-gf79PtxhW48BJGZ3jxjLYW65_XJr8kQmVrW6RKV2y5zqFZ8W6Pzd8C8vLbSYW58twky575HglW6pYXS73KMwgXW4kfG3L5XPMH4W25-fG55Yj0ptW2jSMw26C-3LdW5kzzY646LH0QVXlRTC8xJS6PVPyLjB7sqsNFW6nl87W2ln-MJW52mQn45LzWqGW5RdN443rCH9hN4hwW1zmqFKyf52YnMj04?_ud=2cb64287-c0ae-466f-b4e5-38385cc42474&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 161

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4968626%26time%3D1698996677242%26url%3Dhttps%253A%252F%252Fsecurecheckout.sandbox.hit-pay.com%252Fpayment-request%252F%2540hit-studio%252F9939d0e7-1438-4a37-b46f-517a5f3b128e%252Fcheckout%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQL7LW1KHPzOCQAAAYuUF-zv2zcXx-fXRNYQ9EFG7TT770gdcGKQN0iJYge0d-OW9HtDBk5F8Xs-

230 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3_-3hH8Zz5S7N2JJTs49LknzW49B8gw1NFQW5W3k39fZ9bnR_jW4lz6mb6l6MXjW460BZ24x-WzbW1dy5Tx2FCy5TW52yMJx1X1ZWtW53w-Z41bKghgW5S2-gf79...
t.sidekickopen01.com/Ctc/GG+23284/d2ybdY04/ 8 KB
3 KB 1133ms
1107ms Document
text/html 2606:4700:4400::ac40:91c3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sidekickopen01.com/Ctc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3_-3hH8Zz5S7N2JJTs49LknzW49B8gw1NFQW5W3k39fZ9bnR_jW4lz6mb6l6MXjW460BZ24x-WzbW1dy5Tx2FCy5TW52yMJx1X1ZWtW53w-Z41bKghgW5S2-gf79PtxhW48BJGZ3jxjLYW65_XJr8kQmVrW6RKV2y5zqFZ8W6Pzd8C8vLbSYW58twky575HglW6pYXS73KMwgXW4kfG3L5XPMH4W25-fG55Yj0ptW2jSMw26C-3LdW5kzzY646LH0QVXlRTC8xJS6PVPyLjB7sqsNFW6nl87W2ln-MJW52mQn45LzWqGW5RdN443rCH9hN4hwW1zmqFKyf52YnMj04

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:91c3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 8202ea9afc3a91b1-SIN
content-encoding: br
content-type: text/html;charset=utf-8
date: Fri, 03 Nov 2023 07:31:14 GMT
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 18
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-7d997f8c5-75r5f
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 5440651b-c123-4edc-9bf0-c950f5d678fe
x-request-id: 5440651b-c123-4edc-9bf0-c950f5d678fe
x-robots-tag: none

GET
H/1.1

200
OK

Primary Request checkout Show response
securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/
Redirect Chain

https://t.sidekickopen01.com/events/public/v1/encoded/track/tc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3_-3hH8Zz5S7N2JJTs49LknzW49B8gw1NFQW5W3k39f...
https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

38 KB
9 KB

277ms
249ms

Document
text/html

54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Requested by

Host: t.sidekickopen01.com
URL: https://t.sidekickopen01.com/Ctc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3_-3hH8Zz5S7N2JJTs49LknzW49B8gw1NFQW5W3k39fZ9bnR_jW4lz6mb6l6MXjW460BZ24x-WzbW1dy5Tx2FCy5TW52yMJx1X1ZWtW53w-Z41bKghgW5S2-gf79PtxhW48BJGZ3jxjLYW65_XJr8kQmVrW6RKV2y5zqFZ8W6Pzd8C8vLbSYW58twky575HglW6pYXS73KMwgXW4kfG3L5XPMH4W25-fG55Yj0ptW2jSMw26C-3LdW5kzzY646LH0QVXlRTC8xJS6PVPyLjB7sqsNFW6nl87W2ln-MJW52mQn45LzWqGW5RdN443rCH9hN4hwW1zmqFKyf52YnMj04

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

73b016ef7d62ceceed8b045730ee36b4e1d6eeb84eac31fbcc6aa7e33c5cae94

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://t.sidekickopen01.com/Ctc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3_-3hH8Zz5S7N2JJTs49LknzW49B8gw1NFQW5W3k39fZ9bnR_jW4lz6mb6l6MXjW460BZ24x-WzbW1dy5Tx2FCy5TW52yMJx1X1ZWtW53w-Z41bKghgW5S2-gf79PtxhW48BJGZ3jxjLYW65_XJr8kQmVrW6RKV2y5zqFZ8W6Pzd8C8vLbSYW58twky575HglW6pYXS73KMwgXW4kfG3L5XPMH4W25-fG55Yj0ptW2jSMw26C-3LdW5kzzY646LH0QVXlRTC8xJS6PVPyLjB7sqsNFW6nl87W2ln-MJW52mQn45LzWqGW5RdN443rCH9hN4hwW1zmqFKyf52YnMj04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Nov 2023 07:31:15 GMT
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Origin
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Request-ID: 2023-11-03/01hea1frn6m3c511x6875dv7je

Redirect headers

access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-ray: 8202eaa21dd691b1-SIN
date: Fri, 03 Nov 2023 07:31:15 GMT
link: <https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout>; rel="canonical"
location: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout
referrer-policy: no-referrer
server: cloudflare
vary: origin
x-content-type-options: nosniff
x-envoy-upstream-service-time: 29
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-served-by-pod: iad02/event-tracking-td/envoy-proxy-7d997f8c5-75r5f
x-evy-trace-virtual-host: all
x-hubspot-correlation-id: 910659fe-9649-46ec-85c0-9e1bf3c1c055
x-request-id: 910659fe-9649-46ec-85c0-9e1bf3c1c055
x-robots-tag: none

GET
H/1.1 200
OK umami.js Show response
analytics.staging.hit-pay.com/ 3 KB
2 KB 83ms
38ms Script
application/javascript 18.138.0.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.staging.hit-pay.com/umami.js

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

18.138.0.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-0-88.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

ef16539c1d38c323f79d96e30ead5634e9d1ef6fe3edb28078291415ab43de35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:15 GMT
Content-Security-Policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Content-Encoding: gzip
Last-Modified: Wed, 30 Nov 2022 16:47:24 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"a6e-184c96f97cb"
X-Frame-Options: SAMEORIGIN
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
X-DNS-Prefetch-Control: on
Cache-Control: public, max-age=0
Vary: Accept-Encoding
Connection: keep-alive
Accept-Ranges: bytes

GET
H/1.1 200
OK app.js Show response
securecheckout.sandbox.hit-pay.com/dist/ 2 MB
2 MB 7ms
6ms Script
application/javascript 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9738467f6955f47e5542f15510e9cd654da44f2ad165f9dc26167e7744c8082d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 12 Oct 2023 08:35:54 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "6527afea-249a58"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2398808

GET
H/1.1 200
OK app.css
securecheckout.sandbox.hit-pay.com/dist/css/ 399 KB
400 KB 31ms
20ms Stylesheet
text/css 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securecheckout.sandbox.hit-pay.com/dist/css/app.css?id=0626e9ef2acb17e39df0ede143d83400

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3255f9c25e0dff0617f509966623372bd66227d4656a98a2602ffba3fe4a5e4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:15 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Tue, 03 Oct 2023 10:01:00 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "651be65c-63c91"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 408721

GET
H2 200 / Show response
js.stripe.com/v3/ 552 KB
153 KB 33ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e87141bc7b8bd845e4105d2d8b09f7757eff484be9ecc72115389d018f586aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:15 GMT
via: 1.1 varnish
age: 44
x-cache: HIT
content-length: 156266
x-request-id: 6296e692-b74c-4a8d-a87e-2f03f53c323b
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 21:31:34 GMT
server: Fastly
etag: "c7f010e93d9a117ca5d90a4a8a8a82b8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 96868

GET
H2 200 / Show response
js.stripe.com/terminal/v1/ 234 KB
55 KB 33ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/terminal/v1/

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

683f9a751acc4e72db3b7198187617d060fc084ecb797ca79aac3d653829d7cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:15 GMT
via: 1.1 varnish
age: 174
x-cache: HIT
content-length: 55698
x-request-id: 684a58be-0813-4a71-9cee-ef89b1cc4685
x-served-by: cache-qpg1233-QPG
last-modified: Fri, 20 Oct 2023 16:59:17 GMT
server: Fastly
etag: "8808c70c829c5e6cc7fde292582ac9b2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 pusher.min.js Show response
js.pusher.com/7.0/ 64 KB
18 KB 419ms
119ms Script
application/javascript 13.35.149.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.pusher.com/7.0/pusher.min.js
Requested by: Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.149.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-149-62.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5075d6ff784f2d5de13cac7bfc1befc486db62e37d98b28ff249c8fc46cd7b96

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 12:05:03 GMT
content-encoding: gzip
via: 1.1 f7807c0a57cfa18eb5f00429067b5f6a.cloudfront.net (CloudFront)
last-modified: Fri, 04 Feb 2022 15:47:58 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1
age: 1365973
etag: W/"50ad48267f5c084cceb88264d13effe0"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: max-age=2592000
x-amz-cf-id: IVjzfzq6lH7OPgEgII0sIn5Dkgj0Nm-A985CFkLwf3BLvFC6tMJVaw==

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
820 B 66ms
31ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Heebo:wght@300;400;500;600;700&display=swap

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/css/app.css?id=0626e9ef2acb17e39df0ede143d83400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

994871173283780379facf4a49eba42ee824f81934a59551bc14c46f4905d1a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 07:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 07:31:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 07:31:15 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
819 B 67ms
32ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/css/app.css?id=0626e9ef2acb17e39df0ede143d83400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 07:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 06:37:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 07:31:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
799 B 68ms
33ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@200%3B400%3B500%3B600%3B700

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/css/app.css?id=0626e9ef2acb17e39df0ede143d83400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5819a181eb54148e5cff9bdad4db48bf13ad3f04eb5b5f8b58e284a082021c02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 07:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 07:31:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 07:31:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
578 B 67ms
33ms Stylesheet
text/css 2404:6800:4003:c05::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nobile:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/css/app.css?id=0626e9ef2acb17e39df0ede143d83400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7a4e0358e381f26d1114e2bd35c3d62f424584c13dd42223634537fad645475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 03 Nov 2023 07:31:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 07:31:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 03 Nov 2023 07:31:15 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 19ms
4ms Font
font/woff2 2404:6800:4003:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@200%3B400%3B500%3B600%3B700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://securecheckout.sandbox.hit-pay.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 06:04:14 GMT
x-content-type-options: nosniff
age: 178021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 31 Oct 2024 06:04:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 220 KB
73 KB 32ms
19ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NW5HN32

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f117c6d365a185756c30499c84fbb08c5e48b0886e6d493543fcb8bc2b4b648e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74423
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 07:31:16 GMT

GET
H/1.1 200
OK 8015.85d709681a781b83.js Show response
securecheckout.sandbox.hit-pay.com/dist/js/ 288 KB
288 KB 6ms
5ms Script
application/javascript 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securecheckout.sandbox.hit-pay.com/dist/js/8015.85d709681a781b83.js

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cd1408cf00466a8d1d3f633f84bd09c35f5d42a3e5970498c59c72661b99dfec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Tue, 03 Oct 2023 10:01:00 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "651be65c-47eba"
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 294586

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 7B16 200 B
840 B 19ms
18ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 4788386
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:16 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 219117
x-content-type-options: nosniff
x-request-id: de5ef27b-b403-41d4-885d-90e932f28f15
x-served-by: cache-qpg1233-QPG

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7B16 631 B
702 B 17ms
16ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 4788384
x-cache: HIT
content-length: 399
x-request-id: 47e74b59-da38-4f98-b071-257c3854c7bf
x-served-by: cache-qpg1233-QPG
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 172629

POST
H2 200 csp-report
q.stripe.com/ Frame 7B16 0
717 B 809ms
418ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676920368
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676919645
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7B16 0
718 B 769ms
378ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676918885
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676918355
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 09B5 930 B
1 KB 13ms
3ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 108
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:16 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 241
x-content-type-options: nosniff
x-request-id: 9ad8832b-b1a3-40a9-89c9-6ca41abeeaca
x-served-by: cache-qpg1233-QPG
x-timer: S1698996676.281273,VS0,VE0

GET
H2 200 controller-07688f7db2014d6e642f0b60ec8836d8.html Show response
js.stripe.com/v3/ Frame 559C 325 B
744 B 5ms
5ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-07688f7db2014d6e642f0b60ec8836d8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3eb3fd2865ed74de16c40f0a1767a29d89c40bd122015d4aa062874d868223f2

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 51
cache-control: max-age=60
content-encoding: br
content-length: 188
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:16 GMT
etag: "07688f7db2014d6e642f0b60ec8836d8"
last-modified: Thu, 02 Nov 2023 20:54:59 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 25
x-content-type-options: nosniff
x-request-id: ac3f8acc-9b51-40ef-8f81-2f5e4b96f458
x-served-by: cache-qpg1233-QPG

GET
H2 200 payment-request-inner-google-pay-876cc5312c75815cc97d07ae3e55a3ba.html Show response
js.stripe.com/v3/ Frame 3BC5 408 B
1 KB 5ms
4ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-876cc5312c75815cc97d07ae3e55a3ba.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ef2da7f3d49c4ea52782c56571d57d7b61bd97f91a6a9f9eaa8eb318dd6f7b06

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://securecheckout.sandbox.hit-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37825
cache-control: max-age=31536000
content-encoding: br
content-length: 221
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:16 GMT
etag: "876cc5312c75815cc97d07ae3e55a3ba"
last-modified: Thu, 02 Nov 2023 20:55:16 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 558
x-content-type-options: nosniff
x-request-id: 0d5ba8fb-05fd-4016-8789-17faf90b9334
x-served-by: cache-qpg1233-QPG

GET
H2 200 payment-request-inner-browser-27deebbc67d89e68ee13c3e67ffd3ecb.html Show response
js.stripe.com/v3/ Frame 0C3A 344 B
976 B 3ms
3ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-27deebbc67d89e68ee13c3e67ffd3ecb.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c44042bda035c2f1687062580a871a0ebec5661247a634f0cee6e51e13c42db3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 54
cache-control: max-age=60
content-encoding: br
content-length: 202
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://www.google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:16 GMT
etag: "27deebbc67d89e68ee13c3e67ffd3ecb"
last-modified: Thu, 02 Nov 2023 20:55:16 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-content-type-options: nosniff
x-request-id: 09448788-d93c-4f1e-a761-51519248b059
x-served-by: cache-qpg1233-QPG

GET
H/1.1 200
OK webfa-solid-900.woff2
securecheckout.sandbox.hit-pay.com/fonts/vendor/@fortawesome/fontawesome-free/ 76 KB
77 KB 6ms
6ms Font
application/octet-stream 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securecheckout.sandbox.hit-pay.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/css/app.css?id=0626e9ef2acb17e39df0ede143d83400

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://securecheckout.sandbox.hit-pay.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Mon, 30 May 2022 10:27:01 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "62949bf5-131bc"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78268

GET
H/1.1 200
OK tick.svg
securecheckout.sandbox.hit-pay.com/images/ 456 B
859 B 4ms
4ms Other
image/svg+xml 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://securecheckout.sandbox.hit-pay.com/images/tick.svg

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

f1f017be5382119d698a4e12259c81ea23cf3aede63669c3915d357379d40754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-1c8"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 456

GET
H2 200 elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html Show response
js.stripe.com/v3/ Frame 8F8C 798 B
1 KB 5ms
5ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

9fad5c0bfc89c3ea8dfd2ab91647608ab2044402c1bd61250c5e76a9f567c741

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37825
cache-control: max-age=31536000
content-encoding: br
content-length: 361
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:16 GMT
etag: "4d5aaf5ff3090ec0cddb7291c36c1267"
last-modified: Thu, 02 Nov 2023 20:55:00 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1092
x-content-type-options: nosniff
x-request-id: c0b76119-17e8-4b67-b684-2c7b5d6d1738
x-served-by: cache-qpg1233-QPG

GET
H2 200 elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html Show response
js.stripe.com/v3/ Frame 4329 672 B
489 B 11ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ce6bebeccae72dfe632f52750c60ad8bed7ff341508c27c1b95224bb483ca5c0

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37733
cache-control: max-age=31536000
content-encoding: br
content-length: 334
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:16 GMT
etag: "ddb68e6114393b1c5f1cc03520aa54bc"
last-modified: Thu, 02 Nov 2023 20:55:00 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 19
x-content-type-options: nosniff
x-request-id: b9181c90-3d76-4489-b327-2b9138a256c5
x-served-by: cache-qpg1233-QPG

GET
H2 200 elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html Show response
js.stripe.com/v3/ Frame E7B8 672 B
456 B 9ms
6ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ce6bebeccae72dfe632f52750c60ad8bed7ff341508c27c1b95224bb483ca5c0

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37733
cache-control: max-age=31536000
content-encoding: br
content-length: 334
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:16 GMT
etag: "ddb68e6114393b1c5f1cc03520aa54bc"
last-modified: Thu, 02 Nov 2023 20:55:00 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 19
x-content-type-options: nosniff
x-request-id: 8bd8b4e7-18ff-484e-9512-5a78a1421324
x-served-by: cache-qpg1233-QPG

OPTIONS
H/1.1 204
No Content charge-completed
api.sandbox.hit-pay.com/v1/business/96439134-ecdb-4fa4-b47c-d4559b1438ca/plugin/charge/9a85d954-aa0d-49e4-ab43-f0bed8c62ebe/ Frame 0
0 102ms
71ms Preflight
text/html 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sandbox.hit-pay.com/v1/business/96439134-ecdb-4fa4-b47c-d4559b1438ca/plugin/charge/9a85d954-aa0d-49e4-ab43-f0bed8c62ebe/charge-completed

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://securecheckout.sandbox.hit-pay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: x-csrf-token,x-requested-with
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://securecheckout.sandbox.hit-pay.com
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Nov 2023 07:31:16 GMT
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none

GET
H/1.1 200
OK paynow-new.svg
securecheckout.sandbox.hit-pay.com/icons/payment-methods/ 11 KB
12 KB 10ms
6ms Image
image/svg+xml 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-methods/paynow-new.svg

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

887d0d5a20388275989df29b5b904ccefaa471cab3b3b864d1783f8284dc4160

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-2d23"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11555

GET
H/1.1 200
OK card-new2.svg
securecheckout.sandbox.hit-pay.com/icons/payment-methods/ 2 KB
3 KB 11ms
6ms Image
image/svg+xml 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-methods/card-new2.svg

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e5dcb19074e5f046e5f3efe69bc4bb66998513c2ead34f1c46a7cda1a78052e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-93a"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2362

GET
H/1.1 200
OK banks-2.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
3 KB 13ms
5ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-2.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

3eeb070fa2485ea21a405627eca42ee9578711726958ec35e4005f09a29df861

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-91d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2333

GET
H/1.1 200
OK banks-dbs.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
3 KB 19ms
5ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-dbs.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dde1cab6d702075b4b19de793256eb6eefb2d90ebbd9d3dbd5ca084c0e189197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-8a6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2214

GET
H/1.1 200
OK banks-gpay.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
2 KB 19ms
5ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-gpay.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

ae33cd4fb1c2398db653771221261aaf33ffa95575306a62dc967c33daa4f7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-654"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1620

GET
H/1.1 200
OK banks-ocbc-pay-anyone.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
2 KB 27ms
5ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-ocbc-pay-anyone.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

98575a35a706635169284310a81d451719bca2f2b6e577aa0f64403b4af1ecd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-823"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2083

GET
H/1.1 200
OK banks-uob.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
3 KB 8ms
7ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-uob.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

514fdd784dcad231ffd0f4cf6635b957e22535527d8552cc77bff683da86f584

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-960"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2400

GET
H/1.1 200
OK banks-singapore.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
2 KB 8ms
6ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-singapore.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

8ed1359081c33a77726e1e461df5b2fbae019391951303ae227bf81d0eebc6af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-7f8"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2040

GET
H/1.1 200
OK banks-city.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
3 KB 9ms
4ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-city.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

008be6c11194d237bdfb2eebe8726a465d760d77af0a2112b50250743212165d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-880"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2176

GET
H/1.1 200
OK banks-hsbc.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
2 KB 14ms
5ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-hsbc.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

1e6eb6158193568a222163f6ee024a0336f2e6420bc49a94449aa0b8640f25da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-724"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1828

GET
H/1.1 200
OK banks-maybank.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 2 KB
3 KB 13ms
4ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-maybank.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

16c10ce133100119f8a0daa6958a7aba617924f0c1bbf7519a42136bd7454f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-9df"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2527

GET
H/1.1 200
OK banks-china.png
securecheckout.sandbox.hit-pay.com/icons/payment-banks/ 3 KB
3 KB 7ms
6ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-banks/banks-china.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

66276308ea9a0248a4b0a18b60f32d4e1ace126947958b756b679d9b36056b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-a40"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2624

GET
H/1.1 200
OK visa-small.png
securecheckout.sandbox.hit-pay.com/icons/payment-brands/ 5 KB
6 KB 7ms
6ms Image
image/png 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-brands/visa-small.png

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

585565d995a6d994a39cb7088dbbe778013a57a7bda41dd35a7e8e7f57615693

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-15c6"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5574

GET
H/1.1 200
OK master.svg
securecheckout.sandbox.hit-pay.com/icons/payment-brands/ 635 B
1 KB 6ms
6ms Image
image/svg+xml 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-brands/master.svg

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

6ec5d6a9e83e9ea5a71d966cc9df0ae12a4dc0a199768393050a45af35843983

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-27b"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 635

GET
H/1.1 200
OK amex.svg
securecheckout.sandbox.hit-pay.com/icons/payment-brands/ 1 KB
2 KB 7ms
7ms Image
image/svg+xml 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-brands/amex.svg

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

0ddfbc2136a2439ef81fb8f9187a9f1ff309101e52686068e9420591d2431009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Thu, 07 Jan 2021 15:52:13 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "5ff72e2d-5eb"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1515

GET
H/1.1 200
OK unionpay.svg
securecheckout.sandbox.hit-pay.com/icons/payment-brands/ 4 KB
4 KB 5ms
4ms Image
image/svg+xml 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securecheckout.sandbox.hit-pay.com/icons/payment-brands/unionpay.svg

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c49d5666c8526e0aa4cc654c34098be84518a8b3d41e489e4a7c33fa52b41e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Last-Modified: Sat, 12 Jun 2021 07:35:55 GMT
Server: nginx
X-Permitted-Cross-Domain-Policies: none
ETag: "60c463db-f7a"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3962

GET
H/1.1 200
OK charge-completed Show response
api.sandbox.hit-pay.com/v1/business/96439134-ecdb-4fa4-b47c-d4559b1438ca/plugin/charge/9a85d954-aa0d-49e4-ab43-f0bed8c62ebe/ 19 B
741 B 117ms
115ms XHR
application/json 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sandbox.hit-pay.com/v1/business/96439134-ecdb-4fa4-b47c-d4559b1438ca/plugin/charge/9a85d954-aa0d-49e4-ab43-f0bed8c62ebe/charge-completed

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9fc1ff9a500d82004833c32e8b876f80aa08f41f814b4f3827c68776dd6a6daf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: cm8rS42DbHrponGSZzS7omVOk6NOTsr3hTf8GN9b
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Content-Security-Policy: frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-ID: 2023-11-03/01hea1fsyckxn7rm5na7c7yf4a
Referrer-Policy: no-referrer
Server: nginx
X-RateLimit-Remaining: 58
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://securecheckout.sandbox.hit-pay.com
Cache-Control: must-revalidate, no-cache, no-store, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60

POST
H/1.1 201
Created create-payment-intent Show response
api.sandbox.hit-pay.com/v1/business/96439134-ecdb-4fa4-b47c-d4559b1438ca/plugin/charge/9a85d954-aa0d-49e4-ab43-f0bed8c62ebe/ 853 B
2 KB 224ms
224ms XHR
application/json 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sandbox.hit-pay.com/v1/business/96439134-ecdb-4fa4-b47c-d4559b1438ca/plugin/charge/9a85d954-aa0d-49e4-ab43-f0bed8c62ebe/create-payment-intent

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

9f2236d1eae7254a211a5f588f8fff17f31ada416250baa4ddc4d4664b81d9fa

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: cm8rS42DbHrponGSZzS7omVOk6NOTsr3hTf8GN9b
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 03 Nov 2023 07:31:16 GMT
Content-Security-Policy: frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
Connection: keep-alive
X-Request-ID: 2023-11-03/01hea1fsyrjb1qxmpk34j7c9f8
Referrer-Policy: no-referrer
Server: nginx
X-RateLimit-Remaining: 58
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://securecheckout.sandbox.hit-pay.com
Cache-Control: no-cache, private
Access-Control-Allow-Credentials: true
X-RateLimit-Limit: 60

OPTIONS
H/1.1 204
No Content create-payment-intent
api.sandbox.hit-pay.com/v1/business/96439134-ecdb-4fa4-b47c-d4559b1438ca/plugin/charge/9a85d954-aa0d-49e4-ab43-f0bed8c62ebe/ Frame 0
0 88ms
79ms Preflight
text/html 54.255.63.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.sandbox.hit-pay.com/v1/business/96439134-ecdb-4fa4-b47c-d4559b1438ca/plugin/charge/9a85d954-aa0d-49e4-ab43-f0bed8c62ebe/create-payment-intent

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

54.255.63.98 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-255-63-98.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-csrf-token,x-requested-with
Access-Control-Request-Method: POST
Origin: https://securecheckout.sandbox.hit-pay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token,x-requested-with
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: https://securecheckout.sandbox.hit-pay.com
Access-Control-Max-Age: 0
Cache-Control: no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 03 Nov 2023 07:31:16 GMT
Referrer-Policy: no-referrer
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none

GET
H2 200 shared-d6a40aa6ad859d26b11b3cb80358ed9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 559C 532 KB
129 KB 6ms
5ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-07688f7db2014d6e642f0b60ec8836d8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/controller-07688f7db2014d6e642f0b60ec8836d8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 38121
x-cache: HIT
content-length: 131697
x-request-id: 1560c733-7da6-47d7-9b99-77834eb6bcd4
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ee8e8e1d5200113f8fd70485f5aba85e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7312

GET
H2 200 controller-93255d577032efaa97e89c9a1bdddc9f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 559C 654 KB
170 KB 4ms
4ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-93255d577032efaa97e89c9a1bdddc9f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-07688f7db2014d6e642f0b60ec8836d8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

473ba95b4fa3ffd8731a5940b6183fcce240498bcef2a31b40e3bce40ef99cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/controller-07688f7db2014d6e642f0b60ec8836d8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 38121
x-cache: HIT
content-length: 173709
x-request-id: 29ba26b1-1c78-48b2-aecf-cf4e77bfc641
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:11 GMT
server: Fastly
etag: "ab41123aca029975c52d776648ab5ec3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7145

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 3BC5 117 KB
36 KB 125ms
85ms Script
application/javascript 2404:6800:4003:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-876cc5312c75815cc97d07ae3e55a3ba.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2ca074e06b24a5adbed403260d9a354a1d13d2eb95f13c59740e3c378f5a0c3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-ODh1MSRLqx50BGZB5LPE6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-ODh1MSRLqx50BGZB5LPE6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 03 Nov 2023 07:31:16 GMT

GET
H2 200 shared-d6a40aa6ad859d26b11b3cb80358ed9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3BC5 532 KB
129 KB 31ms
30ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-876cc5312c75815cc97d07ae3e55a3ba.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-876cc5312c75815cc97d07ae3e55a3ba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 38121
x-cache: HIT
content-length: 131697
x-request-id: 70137cda-db9a-40d9-ac56-0fa5aa6ed696
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ee8e8e1d5200113f8fd70485f5aba85e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7313

GET
H2 200 payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 3BC5 10 KB
4 KB 37ms
37ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-6c6158356aa2fb0fad6988bd4dd189af.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-876cc5312c75815cc97d07ae3e55a3ba.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-876cc5312c75815cc97d07ae3e55a3ba.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 828468
x-cache: HIT
content-length: 4272
x-request-id: 8168ddda-377e-4b94-aefa-375c7253a9ac
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 24 Oct 2023 17:19:12 GMT
server: Fastly
etag: "947a5566a308873ad0fd8dbfdd9c81cf"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3539

GET
H2 200 shared-d6a40aa6ad859d26b11b3cb80358ed9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0C3A 532 KB
129 KB 30ms
29ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-27deebbc67d89e68ee13c3e67ffd3ecb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-27deebbc67d89e68ee13c3e67ffd3ecb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 38121
x-cache: HIT
content-length: 131697
x-request-id: 89482aae-c8ff-4e07-8ad2-12553f589bdd
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ee8e8e1d5200113f8fd70485f5aba85e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7314

GET
H2 200 payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 0C3A 12 KB
5 KB 29ms
29ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-be0e242b8c475d6fe5c6b08997031928.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-27deebbc67d89e68ee13c3e67ffd3ecb.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-27deebbc67d89e68ee13c3e67ffd3ecb.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 3852784
x-cache: HIT
content-length: 4877
x-request-id: 3754b51f-d305-43cc-879b-9a706c35cccf
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 19 Sep 2023 17:14:23 GMT
server: Fastly
etag: "330666bb238cf77ae96a867563ebc09a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8602

GET
H2 200 shared-d6a40aa6ad859d26b11b3cb80358ed9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8F8C 532 KB
129 KB 32ms
30ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 38121
x-cache: HIT
content-length: 131697
x-request-id: 611655cf-43f3-47e0-b89a-fb03a6b369a3
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ee8e8e1d5200113f8fd70485f5aba85e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7315

GET
H2 200 ui-shared-b6b86772cda0e4bb1c8af020019043df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8F8C 380 KB
109 KB 32ms
31ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b6b86772cda0e4bb1c8af020019043df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e7bdf434d274498345dc79890efa95efe763a450b5355cfc4a269abd12c6f5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 37824
x-cache: HIT
content-length: 111893
x-request-id: 886efede-7cda-4fb1-afad-08ba90a71a21
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:15 GMT
server: Fastly
etag: "2124d9825af14e37118492365c521a5b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1253

GET
H2 200 elements-inner-card-a1a65c7d31f301b5200b8dbd0fafde5f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 8F8C 49 KB
14 KB 43ms
43ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-a1a65c7d31f301b5200b8dbd0fafde5f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

32772602c44291855865e61110869a53305c3351f390dbe3f209ea8bfd17df64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 51239
x-cache: HIT
content-length: 13558
x-request-id: 5556aeb9-8c0d-4a63-89c4-9e313a4d4730
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 17:12:20 GMT
server: Fastly
etag: "d7b56a996582324ee5b4483b04dedad1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1070

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 8F8C 20 KB
3 KB 31ms
30ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 8766331
x-cache: HIT
content-length: 3304
x-request-id: e1e6466b-edec-48d5-9f8e-0e391aae0959
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 24 Jul 2023 20:23:04 GMT
server: Fastly
etag: "b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8405

GET
H2 200 elements-inner-card-de3d82752e334539cc74c26294525473.css
js.stripe.com/v3/fingerprinted/css/ Frame 8F8C 12 KB
2 KB 30ms
30ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-de3d82752e334539cc74c26294525473.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e62edfdb0575acbdce5c582447530e931df30ba86e9036e93c58cc7944ed56c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 1941365
x-cache: HIT
content-length: 1811
x-request-id: f9d279cf-ffeb-4757-8d14-458a0faf8828
x-served-by: cache-qpg1233-QPG
last-modified: Wed, 11 Oct 2023 20:04:16 GMT
server: Fastly
etag: "c3f0079066a9db411821d0838d892a89"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6563

GET
H2 200 shared-d6a40aa6ad859d26b11b3cb80358ed9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4329 532 KB
129 KB 31ms
29ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 38121
x-cache: HIT
content-length: 131697
x-request-id: 78f94295-7e4b-47b3-9d01-50e44d788a7f
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ee8e8e1d5200113f8fd70485f5aba85e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7316

GET
H2 200 ui-shared-b6b86772cda0e4bb1c8af020019043df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4329 380 KB
109 KB 31ms
30ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b6b86772cda0e4bb1c8af020019043df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e7bdf434d274498345dc79890efa95efe763a450b5355cfc4a269abd12c6f5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 37824
x-cache: HIT
content-length: 111893
x-request-id: e08000ad-6d17-4a8e-8271-e194225248b8
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:15 GMT
server: Fastly
etag: "2124d9825af14e37118492365c521a5b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1254

GET
H2 200 elements-inner-fpx-bank-038548abc85ca33f6cebdccf4370444b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 4329 14 KB
6 KB 43ms
42ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-fpx-bank-038548abc85ca33f6cebdccf4370444b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fba3bfc491ba1ba67a89589079b39f92222acc2d511dafd2975ebf9d0eafc8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 49750
x-cache: HIT
content-length: 5524
x-request-id: b7f914ac-5e5d-414c-8cd6-7c7d11181059
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 17:12:20 GMT
server: Fastly
etag: "70cdb363845931459cbef2bc80d3fa91"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 4329 20 KB
3 KB 30ms
29ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 8766331
x-cache: HIT
content-length: 3304
x-request-id: 80490671-a30d-4372-9815-d694088e5567
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 24 Jul 2023 20:23:04 GMT
server: Fastly
etag: "b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8406

GET
H2 200 shared-d6a40aa6ad859d26b11b3cb80358ed9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E7B8 532 KB
129 KB 44ms
43ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 38121
x-cache: HIT
content-length: 131697
x-request-id: d4f54036-51da-4b92-9fe3-0ab11a1aa777
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ee8e8e1d5200113f8fd70485f5aba85e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7317

GET
H2 200 ui-shared-b6b86772cda0e4bb1c8af020019043df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E7B8 380 KB
109 KB 43ms
42ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b6b86772cda0e4bb1c8af020019043df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e7bdf434d274498345dc79890efa95efe763a450b5355cfc4a269abd12c6f5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 37824
x-cache: HIT
content-length: 111893
x-request-id: f7e3e2a1-62c0-43df-807f-c9804c6efad7
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:15 GMT
server: Fastly
etag: "2124d9825af14e37118492365c521a5b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1255

GET
H2 200 elements-inner-fpx-bank-038548abc85ca33f6cebdccf4370444b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E7B8 14 KB
5 KB 39ms
39ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-fpx-bank-038548abc85ca33f6cebdccf4370444b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

fba3bfc491ba1ba67a89589079b39f92222acc2d511dafd2975ebf9d0eafc8f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 49750
x-cache: HIT
content-length: 5524
x-request-id: 3f485758-12d6-49f4-86b2-af624901163d
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 17:12:20 GMT
server: Fastly
etag: "70cdb363845931459cbef2bc80d3fa91"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame E7B8 20 KB
3 KB 43ms
43ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 8766331
x-cache: HIT
content-length: 3304
x-request-id: 9d020eb9-3641-456e-9aae-8927497d2fac
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 24 Jul 2023 20:23:04 GMT
server: Fastly
etag: "b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8407

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
88 KB 22ms
21ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q2XTP3W7YM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5HN32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6364ba7ab356e08f3183d1708a7650516fbbc553675e52b772d76f3216dbc36d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89946
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Nov 2023 07:31:16 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 135ms
41ms Script
application/javascript 2403:e800:e80b::2a63:8c8b
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5HN32

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2403:e800:e80b::2a63:8c8b , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

Software

Resource Hash

672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 31 Oct 2023 08:37:21 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=64495
accept-ranges: bytes
content-length: 3840

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 59ms
15ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Nov 2023 07:31:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: xbKaqKnqplnuvo5aY1y7BqutWfye1EtiT8InN9xhxliSH+35369u65In18RXAG6LZwsaqfGC1k1OSfpRtr2P6Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 21602426.js Show response
js.hs-scripts.com/ 2 KB
1 KB 62ms
28ms Script
application/javascript 2606:4700::6810:bb59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21602426.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5HN32

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bb59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e8c3a5896dcc8e863d97caf2903920942f66e075cf00c690d7e63bf0ed93ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: 0e553a73-31d4-4e30-b3a5-110e78648abc
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2012
age: 23
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0e553a73-31d4-4e30-b3a5-110e78648abc
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 07:30:53 GMT
server: cloudflare
x-trace: 2BBB3686FA497BBB8717FDC16D5E59AE5F5E1A3B19000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://dashboard.hit-pay.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-dmm4c
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8202eaac580e401a-SIN
expires: Fri, 03 Nov 2023 07:32:16 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 09B5 0
491 B 522ms
384ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676919114
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1698996676918386
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 09B5 87 KB
15 KB 48ms
42ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Fri, 03 Nov 2023 07:31:16 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 270
x-cache: HIT
content-length: 15509
x-request-id: f49f0711-b5aa-4ee3-ae52-6520a899b3b7
x-served-by: cache-qpg1233-QPG
server: Fastly
x-timer: S1698996677.513439,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 484

POST
H2 200 csp-report
q.stripe.com/ Frame 559C 0
717 B 550ms
417ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676919112
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676918583
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3BC5 0
717 B 534ms
405ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676920061
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676919282
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 3BC5 0
717 B 520ms
392ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676919184
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676918798
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0C3A 0
717 B 543ms
417ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676919703
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676918686
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 0C3A 0
717 B 511ms
385ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676919179
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676918585
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8F8C 0
717 B 526ms
405ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676920240
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676919631
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 8F8C 0
717 B 512ms
391ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676920209
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676919549
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4329 0
717 B 499ms
381ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676919859
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676919534
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 4329 0
717 B 510ms
393ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676919593
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676919215
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E7B8 0
717 B 520ms
406ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676920475
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676919399
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E7B8 0
717 B 518ms
404ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996676920143
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996676919330
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 559C 474 B
368 B 21ms
4ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3132a53898012113b22a2bf416c8b75687faf7e8816d8be8c8ef005d290cdcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-07688f7db2014d6e642f0b60ec8836d8.html
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 297
x-request-id: 08218572-bc6e-453c-b3bd-4a34e3053e06
x-served-by: cache-qpg1265-QPG
last-modified: Thu, 02 Nov 2023 21:31:34 GMT
server: Fastly
etag: "46627dd42752d463edb077a815515ded"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 31

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 559C 474 B
608 B 7ms
3ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3132a53898012113b22a2bf416c8b75687faf7e8816d8be8c8ef005d290cdcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-07688f7db2014d6e642f0b60ec8836d8.html
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 297
x-request-id: 2c7ae50f-3c6b-4c97-a61a-64cb6c72ffd7
x-served-by: cache-qpg1265-QPG
last-modified: Thu, 02 Nov 2023 21:31:34 GMT
server: Fastly
etag: "46627dd42752d463edb077a815515ded"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 31

POST
H2 204 collect
analytics.google.com/g/ 0
258 B 21ms
5ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Q2XTP3W7YM&gtm=45je3b11v884855218z8862565399&_p=1698996676198&_gaz=1&gcd=11l1l1l1l1&cid=1662585049.1698996677&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dl=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&sid=1698996676&sct=1&seg=0&dt=Checkout%20-%20HitPay&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1783
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q2XTP3W7YM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 07:31:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securecheckout.sandbox.hit-pay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 15ms
4ms Ping
text/plain 2404:6800:4003:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Q2XTP3W7YM&cid=1662585049.1698996677&gtm=45je3b11v884855218z8862565399&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q2XTP3W7YM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c02::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 07:31:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securecheckout.sandbox.hit-pay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.vn/ads/ 42 B
408 B 27ms
10ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.vn/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Q2XTP3W7YM&cid=1662585049.1698996677&gtm=45je3b11v884855218z8862565399&aip=1&z=1948653999

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 07:31:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21602426/ 78 KB
21 KB 38ms
22ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21602426/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21602426.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a97da3cf3c6b662e9aeaa6628d091fb17bc087d8ba7f9bd643f9aeb85182c288

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
x-amz-version-id: u9eL0MGESlTXjRn6_2uPghte7uDtFctf
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: CA0KJT112FPANAMT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 32b14a5e-1065-49fa-b4d7-0a392d11b1ff
age: 155
x-envoy-upstream-service-time: 43
x-amz-id-2: 3NW7dTyT0J9UMlhoWys991xhmQOgOpWjWPp+2tnPQxavEETSSKTstowvxbdycNu01bgr7uhtRHs=
x-evy-trace-listener: listener_https
x-request-id: 32b14a5e-1065-49fa-b4d7-0a392d11b1ff
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 19:02:11 GMT
server: cloudflare
etag: W/"152b894eb59daa50d6b04bcbb2c30fad"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://www.hitpayapp.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-jgkmt
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8202eaadfb33601a-SIN
expires: Fri, 03 Nov 2023 07:33:41 GMT

GET
H2 200 21602426.js Show response
js.hs-analytics.net/analytics/1698996600000/ 66 KB
21 KB 1350ms
1334ms Script
text/javascript 2606:4700::6810:4cba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1698996600000/21602426.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21602426.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4cba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f44966d0c51383ee069d1df96d010a3305fb1a743631499b7dc75e86658cbb7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:18 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: Q7ZKN7K58XGH3ZC8
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: fefab7e9-f38f-412a-8726-0e161898b99d
x-envoy-upstream-service-time: 23
x-amz-id-2: 2Cd8p/d3rDlN3004OcvaLTW7YD2qHBYJh38GM/UWQPe7eGlH7JHIoLnVPyGrqtO7N/acP7jrjRQ=
x-evy-trace-listener: listener_https
x-request-id: fefab7e9-f38f-412a-8726-0e161898b99d
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 15:45:01 GMT
server: cloudflare
etag: W/"3d8dc4bd55ede2a7994f6af4c211f8fb"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-gcx66
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8202eaadffc73de8-SIN
expires: Fri, 03 Nov 2023 07:36:17 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ 6 KB
4 KB 29ms
13ms Script
application/javascript 2606:4700::6811:e6a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21602426.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e6a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
x-amz-version-id: MNLx4JOx3WSJAJIp0HalotEMdYQEQdMj
via: 1.1 fb1dc2e3bf4105b403e3bfa3a5067970.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 391
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.494/bundles/pixels-release.js&cfRay=8202e11759bc3dc9-SIN
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 0d96a479-f78a-4b6e-8991-4865401c3739
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 0d96a479-f78a-4b6e-8991-4865401c3739
last-modified: Fri, 27 Oct 2023 13:56:49 UTC
server: cloudflare
etag: W/"14edbc97b72939e54b0993394190ecf8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-g8f86
cf-ray: 8202eaadff393dc8-SIN
x-amz-cf-id: V6sb97qIfrTYoSTFOTqlhz37UsKuP9pucOR5HrzFnQZnLIB0t_yAVg==
x-hs-target-asset: adsscriptloaderstatic/static-1.494/bundles/pixels-release.js

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 69 KB
25 KB 300ms
283ms Script
application/javascript 2606:4700::6811:599a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hscollectedforms.net/collectedforms.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21602426.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://securecheckout.sandbox.hit-pay.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
x-amz-version-id: XYPPFvciWFKtpS2hNgrEqmNT6fxOdL.H
via: 1.1 73c5607bdb5db0d651e25c848846d554.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-amz-cf-pop: IAD12-P3
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 198cfd71-8fa4-4bae-b155-31406a3eae6a
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.433/bundles/project.js&cfRay=8202eaae0b263d8f-SIN
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 198cfd71-8fa4-4bae-b155-31406a3eae6a
last-modified: Mon, 23 Oct 2023 13:11:34 UTC
server: cloudflare
etag: W/"7864f8fd485be672e98358eb894b6fd7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-sgzbx
cf-ray: 8202eaae0b263d8f-SIN
x-amz-cf-id: KSVjadEyP1L01LMjTJXeO03xVZigmXZSgC-CQI_6D_hP8wEbt3MmaQ==
x-hs-target-asset: collected-forms-embed-js/static-1.433/bundles/project.js

GET
H2 200 425852341832294 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f00c:300:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/425852341832294?v=2.9.138&r=stable&domain=securecheckout.sandbox.hit-pay.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5373695bd5c237c0739464bdb59bb93ab1ede131ffa3fa7770e952575f935083

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Nov 2023 07:31:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 35377
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Q5mb14cirDH2N8bVwXwwSVGdYA/vwoYUHq1rBWWWl5q9UFYKXKut/u2CQweGaQ6K5jxg9IvPGbaotNKFLg/cgA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 204 bank_statuses
api.stripe.com/v1/fpx/ Frame 0
0 37ms
4ms Preflight 52.74.114.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stripe.com/v1/fpx/bank_statuses?account_holder_type=individual&key=pk_test_60FcfyimVC928dd7hs4dmUTR

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.74.114.251 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

api-52-74-114-251.stripe.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: stripe-version
Access-Control-Request-Method: GET
Origin: https://js.stripe.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: stripe-version
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
access-control-max-age: 300
date: Fri, 03 Nov 2023 07:31:16 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://js.stripe.com
vary: Origin Access-Control-Request-Headers Access-Control-Request-Method

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 4329 474 B
371 B 3ms
3ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3132a53898012113b22a2bf416c8b75687faf7e8816d8be8c8ef005d290cdcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 297
x-request-id: 1702942b-2309-4d36-8cd0-c43472c1cfb1
x-served-by: cache-qpg1265-QPG
last-modified: Thu, 02 Nov 2023 21:31:34 GMT
server: Fastly
etag: "46627dd42752d463edb077a815515ded"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 32

GET
H2 200 bank_statuses Show response
api.stripe.com/v1/fpx/ Frame 4329 589 B
1 KB 247ms
246ms Fetch
application/json 52.74.114.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stripe.com/v1/fpx/bank_statuses?account_holder_type=individual&key=pk_test_60FcfyimVC928dd7hs4dmUTR

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.74.114.251 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

api-52-74-114-251.stripe.com

Software

nginx /

Resource Hash

1f6ee641ebc162b522a5025e00616c51c127d21c1bae098d2f1dcd2dbba0a67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
Stripe-Version: 2020-08-27
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
stripe-version: 2020-08-27
content-security-policy-report-only: report-uri https://q.stripe.com/csp-report?p=v1%2Ffpx%2Fbank_statuses; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
request-id: req_XZ7t673R2a8sb7
content-length: 589
server: nginx
x-stripe-routing-context-priority-tier: api-testmode
vary: Origin
access-control-max-age: 300
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: https://js.stripe.com

GET
H2 200 maybank-598198030f437632adc7016a4f019559.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 15 KB
7 KB 9ms
4ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/maybank-598198030f437632adc7016a4f019559.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3e0aaabdf78a807779bc1fe3c939ea051e509028a42e16b24514b6d8a425675c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 208644
x-cache: HIT
content-length: 6573
x-request-id: ce85da08-93e4-4c78-a5a7-feb7d3af1c25
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 31 Oct 2023 20:34:50 GMT
server: Fastly
etag: "598198030f437632adc7016a4f019559"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 cimb-10338205756c534a7ccab63a59ca4a07.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 407 B
531 B 9ms
5ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/cimb-10338205756c534a7ccab63a59ca4a07.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a96a23350ab80a84179442182f7c309f22a8bf1a2f632f4a63b143f44e4891a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 814043
x-cache: HIT
content-length: 247
x-request-id: 99fd2a46-a360-4670-97ea-02f9dfb3bda6
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 24 Oct 2023 20:06:43 GMT
server: Fastly
etag: "10338205756c534a7ccab63a59ca4a07"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 public_bank-f21b11057e6bc792f4b488f37c4777cf.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 1 KB
605 B 14ms
9ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/public_bank-f21b11057e6bc792f4b488f37c4777cf.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8ea59a6ade54ebc406203c1112336688007c0a39d4b038b33f27d0c4b328183b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 2024243
x-cache: HIT
content-length: 473
x-request-id: bf31de49-401f-451e-9345-b920cb65c3ee
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 10 Oct 2023 20:02:09 GMT
server: Fastly
etag: "f21b11057e6bc792f4b488f37c4777cf"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 48

GET
H2 200 rhb-c3628db51907f05fb6d9277e13941dc3.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 3 KB
1 KB 10ms
6ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/rhb-c3628db51907f05fb6d9277e13941dc3.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

56ceb96dd2300f59303bd974bb63fce99f131d1b15915e29f9755098bdfe167e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 196717
x-cache: HIT
content-length: 1176
x-request-id: f30aa312-5fff-4ae8-84b0-5713b4a2ea82
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 31 Oct 2023 20:34:51 GMT
server: Fastly
etag: "c3628db51907f05fb6d9277e13941dc3"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 hongleong_bank-b40cf00c456ea226a1d8525517d7a68d.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 2 KB
1 KB 14ms
10ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/hongleong_bank-b40cf00c456ea226a1d8525517d7a68d.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3f789263c9aefe1ae05af12b80623958f3997acdbb5308991e2752de3297b529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 1497593
x-cache: HIT
content-length: 1159
x-request-id: 3b1256c8-8311-444e-a213-435d54cafcf8
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 16 Oct 2023 20:06:23 GMT
server: Fastly
etag: "b40cf00c456ea226a1d8525517d7a68d"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 ambank-6fa0d22793d9df116f5d9286b60d1106.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 2 KB
991 B 11ms
7ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/ambank-6fa0d22793d9df116f5d9286b60d1106.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6316684f1910da34cad18c064a5d3be59302b0a7b91cf59e5cdd7beb3e947953

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 2013914
x-cache: HIT
content-length: 840
x-request-id: a3853ce6-28a2-4b20-a41e-9ceb48516062
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 10 Oct 2023 20:02:06 GMT
server: Fastly
etag: "6fa0d22793d9df116f5d9286b60d1106"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 affin_bank-b100dcae5b829206f7be336c7a8a67bc.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 2 KB
1 KB 10ms
6ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/affin_bank-b100dcae5b829206f7be336c7a8a67bc.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

124952226f64422473ca687798f9941a85292a9001c1c327060d019a77e92d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 1502243
x-cache: HIT
content-length: 906
x-request-id: bc85fdd8-8910-4ac2-971b-ba86ea9f0a8b
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 16 Oct 2023 20:06:21 GMT
server: Fastly
etag: "b100dcae5b829206f7be336c7a8a67bc"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 agrobank-aaf423d3db4e914a12a2f3e4f10fad9e.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 310 B
345 B 10ms
6ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/agrobank-aaf423d3db4e914a12a2f3e4f10fad9e.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

94d6d2a3d0055826a72a3fe774881ecdfb61ff6c0e86d1a6e3a0cafbe9fdce24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 812239
x-cache: HIT
content-length: 218
x-request-id: 4a854616-2ae2-4297-9b27-c90f0dad8960
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 24 Oct 2023 20:06:43 GMT
server: Fastly
etag: "aaf423d3db4e914a12a2f3e4f10fad9e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 alliance_bank-e45590c6afd10f5bf573d33cca7025de.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 753 B
649 B 11ms
7ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/alliance_bank-e45590c6afd10f5bf573d33cca7025de.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8a63514be91a2c576ab5a38b180c7fe2e7a9290ba9560547bee34befe5f1a788

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 891581
x-cache: HIT
content-length: 365
x-request-id: 18c718e2-c7de-4066-9536-4020974b2a3f
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 23 Oct 2023 20:02:52 GMT
server: Fastly
etag: "e45590c6afd10f5bf573d33cca7025de"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 bank_islam-422ba408492a38c45b31b875c2d432ec.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 813 B
588 B 11ms
8ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/bank_islam-422ba408492a38c45b31b875c2d432ec.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

0fce3a0ebb77c4dce715a468924f7f04a5afc3794737a5c27649a8bc792a53b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 1420042
x-cache: HIT
content-length: 461
x-request-id: 9bd6ddcc-e51d-497a-8c35-c2a52e529c94
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 17 Oct 2023 20:10:25 GMT
server: Fastly
etag: "422ba408492a38c45b31b875c2d432ec"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 bank_muamalat-8267fae83316e122e81d3e83c4da1c41.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 7 KB
3 KB 16ms
13ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/bank_muamalat-8267fae83316e122e81d3e83c4da1c41.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bae91ff835ad284fb2031739d46f59df9d56e5780b8e8a2de3daded5c1f8aef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 889070
x-cache: HIT
content-length: 3104
x-request-id: fef5f734-99a3-4a79-b804-0df1570764ce
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 23 Oct 2023 20:02:53 GMT
server: Fastly
etag: "8267fae83316e122e81d3e83c4da1c41"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 bank_rakyat-32a99eb091a55cf7cc7690b980bf4e40.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 1 KB
871 B 16ms
14ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/bank_rakyat-32a99eb091a55cf7cc7690b980bf4e40.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

2dde887754d20514d8e24e6b081f3ae313a6aae9dc8ca60a4e17c0fd4e2fb56c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 283853
x-cache: HIT
content-length: 742
x-request-id: f8f4f82d-f5bf-47b4-92a7-d1882663f54b
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 30 Oct 2023 20:12:11 GMT
server: Fastly
etag: "32a99eb091a55cf7cc7690b980bf4e40"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 bank_of_china-a55caf48e39156e0df53756161a827b7.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 1 KB
784 B 16ms
13ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/bank_of_china-a55caf48e39156e0df53756161a827b7.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f4489e494885e27030d155eac69c3c55affdc57f607ee3e6f434a432f9fae5e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 283620
x-cache: HIT
content-length: 655
x-request-id: b4b05868-7e59-4f0f-87d8-f10335ed9bd6
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 30 Oct 2023 20:12:11 GMT
server: Fastly
etag: "a55caf48e39156e0df53756161a827b7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 bsn-617c8b86c7a3749f815df6085d90c8f4.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 12 KB
5 KB 17ms
14ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/bsn-617c8b86c7a3749f815df6085d90c8f4.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5f45aa62a5047d9f3e06c3d936b4c2a927b03bf51fc8d68de1ac790661d3fac9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 1499244
x-cache: HIT
content-length: 5354
x-request-id: a6d6bce5-e0f6-4f7e-98c5-04a8c15e66d2
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 16 Oct 2023 20:06:22 GMT
server: Fastly
etag: "617c8b86c7a3749f815df6085d90c8f4"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 hsbc-4628986fee0f6be0481f2cd7893ec32c.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 289 B
503 B 16ms
14ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/hsbc-4628986fee0f6be0481f2cd7893ec32c.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

c720549381f8447b531054d5e989836dc4e03f52f2bacf78f84c9b1c510ad86b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 196717
x-cache: HIT
content-length: 219
x-request-id: 8ef28fac-28ff-47e3-8683-1d0f31c92114
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 31 Oct 2023 20:34:49 GMT
server: Fastly
etag: "4628986fee0f6be0481f2cd7893ec32c"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 kfh-e24a8a957467926d45923d2fefc42ed7.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 17 KB
8 KB 13ms
11ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/kfh-e24a8a957467926d45923d2fefc42ed7.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e87d7ab81b7da9eef1a343d98826741e662125a9c92f56b603f7bd95a5f7cee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 1503443
x-cache: HIT
content-length: 7534
x-request-id: b8919b78-26e3-43e2-8182-101b8fe990d1
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 16 Oct 2023 20:06:23 GMT
server: Fastly
etag: "e24a8a957467926d45923d2fefc42ed7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 ocbc-41fb8a207dbc717b76796af9976efc04.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 3 KB
1 KB 17ms
15ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/ocbc-41fb8a207dbc717b76796af9976efc04.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5b36df846327e15a6d4bd783d36d37029ca202124bed5e3eaa8a0e462f3148e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 279098
x-cache: HIT
content-length: 1160
x-request-id: de27f37f-e5dc-4f71-b187-619422451bb9
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 30 Oct 2023 20:12:13 GMT
server: Fastly
etag: "41fb8a207dbc717b76796af9976efc04"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 standard_chartered-0f9d38da191fe8cbe988fbc817cc3caa.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 6 KB
3 KB 13ms
12ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/standard_chartered-0f9d38da191fe8cbe988fbc817cc3caa.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

40c2d5bba302817f814a00a3e7a422c2e68cdc62b616811c9fa99813cb827511

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 904043
x-cache: HIT
content-length: 2785
x-request-id: 998cf6e3-4465-4244-9c41-8b08e900052e
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 23 Oct 2023 20:02:56 GMT
server: Fastly
etag: "0f9d38da191fe8cbe988fbc817cc3caa"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 uob-57bc76dffc64e46f0324f86ac69e0473.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 3 KB
1 KB 13ms
11ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/uob-57bc76dffc64e46f0324f86ac69e0473.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3b87e8e60f08ccbe01bc8c6e9746cfa18e19e225a6cf0791046e5f399abad590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 887227
x-cache: HIT
content-length: 988
x-request-id: ba0ab569-f593-4fa6-bbd2-31cf69f81555
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 23 Oct 2023 20:02:57 GMT
server: Fastly
etag: "57bc76dffc64e46f0324f86ac69e0473"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 stripe-ba8f693011377915d38b406bf9048b45.svg
js.stripe.com/v3/fingerprinted/img/ Frame 4329 463 B
453 B 18ms
16ms Image
image/svg+xml 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://js.stripe.com/v3/fingerprinted/img/stripe-ba8f693011377915d38b406bf9048b45.svg

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

19d4d54e7ed8aa5153762ed4ee48dd737a50b6df284896caa552606faa00d38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:16 GMT
via: 1.1 varnish
age: 2007507
x-cache: HIT
content-length: 299
x-request-id: 86470708-27ce-4333-a2bd-4d3d3ac4f103
x-served-by: cache-qpg1233-QPG
last-modified: Tue, 10 Oct 2023 20:02:09 GMT
server: Fastly
etag: "ba8f693011377915d38b406bf9048b45"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 8F8C 474 B
372 B 4ms
3ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3132a53898012113b22a2bf416c8b75687faf7e8816d8be8c8ef005d290cdcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 297
x-request-id: 28684cab-8099-438a-ab7d-aeedb2f0637d
x-served-by: cache-qpg1265-QPG
last-modified: Thu, 02 Nov 2023 21:31:34 GMT
server: Fastly
etag: "46627dd42752d463edb077a815515ded"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 33

POST
H2 200 wallet-config Show response
merchant-ui-api.stripe.com/elements/ Frame 559C 2 KB
3 KB 301ms
281ms Fetch
application/json 13.250.226.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/elements/wallet-config

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.250.226.27 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-250-226-27.ap-southeast-1.compute.amazonaws.com

Software

nginx /

Resource Hash

c872bcc71975f35c3f1eac4b5bafc24a65f630941889bcd4bb967c2f04bbd11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-security-policy-report-only: report-uri https://q.stripe.com/csp-report?p=elements%2Fwallet-config; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
cross-origin-resource-policy: same-site
content-length: 1990
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E7B8 474 B
372 B 4ms
3ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3132a53898012113b22a2bf416c8b75687faf7e8816d8be8c8ef005d290cdcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-fpx-bank-ddb68e6114393b1c5f1cc03520aa54bc.html
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:16 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 297
x-request-id: 537529ce-a802-4dbd-aa96-13e290d8cf09
x-served-by: cache-qpg1265-QPG
last-modified: Thu, 02 Nov 2023 21:31:34 GMT
server: Fastly
etag: "46627dd42752d463edb077a815515ded"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34

GET
DATA 200
OK truncated
/ 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95ac45c7b27bed99842b951d6db20b448fb0f94794f33ff437c8b9b3e703ffb0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 34ms
34ms Script
application/x-javascript 2403:e800:e80b::2a63:8c8b
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2403:e800:e80b::2a63:8c8b , Hong Kong, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=13588
accept-ranges: bytes
content-length: 3272

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 213ms
210ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677210031
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677209494
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 211ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677209652
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677209383
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 210ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677209821
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677209445
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 199ms
198ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677209491
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677209328
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 202ms
201ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677209433
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677209274
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 209ms
209ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677209837
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677209596
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 207ms
207ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677209937
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677209808
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 208ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677210763
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677210489
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 209ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677211386
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677211122
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 209ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677212255
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677211943
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 209ms
209ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677212745
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698996677212496
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 208ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677213478
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677213233
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 208ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677214328
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677213707
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 208ms
208ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677214823
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677214279
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 376ms
376ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677397525
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677397396
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 381ms
381ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677397754
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677397583
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 385ms
385ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677397949
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677397615
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 393ms
393ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398088
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677397710
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 375ms
375ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677397949
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677397813
access-control-allow-credentials: true
content-length: 0

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 2320 19 KB
8 KB 81ms
81ms Document
text/html 2404:6800:4003:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84059a9d5813266b91398960ed25f42ee9fda50de7797bd83a0cc84b3ddb0068

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4H6gidY3u0-Yu0_vBm8u_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4H6gidY3u0-Yu0_vBm8u_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 03 Nov 2023 07:31:17 GMT
expires: Fri, 03 Nov 2023 07:31:17 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 6 Show response
m.stripe.com/ Frame 09B5 156 B
670 B 589ms
198ms XHR
application/json 52.89.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.37.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-37-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7b457f6149487edba85ed221ffafe7a9c591554f069cabe443393f5de42e0de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996677644926
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1698996677644442
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 342ms
342ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398056
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677397808
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 338ms
338ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398089
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677397841
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 342ms
342ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398540
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677397928
access-control-allow-credentials: true
content-length: 0

GET
H2 200 cf-location Show response
js.hs-banner.com/v2/ 2 B
163 B 32ms
17ms Fetch
text/plain 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/cf-location
Requested by: Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58d9e33c417379bdf294f2e6907c186c529d7691e73867a82207314837701bea

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: https://securecheckout.sandbox.hit-pay.com
date: Fri, 03 Nov 2023 07:31:17 GMT
server: cloudflare
cf-ray: 8202eab0680191bf-SIN
content-length: 2
vary: Origin, Accept-Encoding
content-type: text/plain;charset=UTF-8

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 347ms
347ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398328
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677398094
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 356ms
356ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398408
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698996677398187
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 332ms
332ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398423
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677398175
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 347ms
347ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398447
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698996677398274
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 334ms
334ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398994
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677398420
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 328ms
328ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398667
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677398434
access-control-allow-credentials: true
content-length: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 8F8C 474 B
395 B 4ms
4ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3132a53898012113b22a2bf416c8b75687faf7e8816d8be8c8ef005d290cdcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-4d5aaf5ff3090ec0cddb7291c36c1267.html
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 297
x-request-id: 10ba5a56-f68f-42c7-9666-3e2544eafdb6
x-served-by: cache-qpg1265-QPG
last-modified: Thu, 02 Nov 2023 21:31:34 GMT
server: Fastly
etag: "46627dd42752d463edb077a815515ded"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 36

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 308ms
308ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398761
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677398527
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 312ms
312ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398745
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 5
x-stripe-client-envoy-start-time-us: 1698996677398632
access-control-allow-credentials: true
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 20ms
4ms Image
text/plain 2a03:2880:f10c:381:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=425852341832294&ev=PageView&dl=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&rl=&if=false&ts=1698996677222&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1698996677221.620696843&ler=empty&it=1698996676795&coo=false&rqm=GET

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Nov 2023 07:31:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 281ms
281ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677398916
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677398670
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 4329 0
274 B 296ms
296ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677399100
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677398785
access-control-allow-credentials: true
content-length: 0

GET
H2 200 json Show response
forms.hscollectedforms.net/collected-forms/v1/config/ 116 B
447 B 288ms
287ms XHR
application/json 2606:4700::6811:599a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21602426&utk=

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:599a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

615ae36965aa12e3bd1819215308e1ab74067f1673ccb1297dab53435bc30e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 4c097996-5b8a-4ef9-9f2e-84f006c33718
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 4c097996-5b8a-4ef9-9f2e-84f006c33718
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://securecheckout.sandbox.hit-pay.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-97z5m
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8202eab0cece3d8f-SIN

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 273ms
273ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677399110
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677398866
access-control-allow-credentials: true
content-length: 0

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4968626%26time%3D1698996677242%26url%3Dhttps%253A%252F%252Fsecurecheckout.sandbox...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5...

0
488 B

188ms
170ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQL7LW1KHPzOCQAAAYuUF-zv2zcXx-fXRNYQ9EFG7TT770gdcGKQN0iJYge0d-OW9HtDBk5F8Xs-
Requested by: Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6DFC7602B2494E4EB62451B4E0AB38C1 Ref B: SIN30EDGE0110 Ref C: 2023-11-03T07:31:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJOn14RctyCiLGgwhbRw==

Redirect headers

date: Fri, 03 Nov 2023 07:31:17 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 971CCF97C4D04BB89F29B27AB5E3F459 Ref B: SIN30EDGE0822 Ref C: 2023-11-03T07:31:17Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4968626&time=1698996677242&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQL7LW1KHPzOCQAAAYuUF-zv2zcXx-fXRNYQ9EFG7TT770gdcGKQN0iJYge0d-OW9HtDBk5F8Xs-
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJOn11cVh6rg5r4aIikg==

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame 2320 158 KB
57 KB 21ms
5ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg1nqnUbfP070IL1oiUfMMh90WAbw/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c58340499a350baa27d2cd293d552b1928db527fe581ed71213683655330a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57442
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 20:30:02 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 8F8C 0
274 B 250ms
250ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677399121
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677398908
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8F8C 0
274 B 270ms
270ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677399105
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 6
x-stripe-client-envoy-start-time-us: 1698996677398996
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 8F8C 0
274 B 258ms
211ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677399184
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677399012
access-control-allow-credentials: true
content-length: 0

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 188 B
1 KB 317ms
303ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21602426

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b90a5f7f416c9fa3f044b722c14a453a49383b80dee5742f1953446d4448b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f06b7e7d-5d20-491f-9a60-8a8e0decf246
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f06b7e7d-5d20-491f-9a60-8a8e0decf246
server: cloudflare
x-trace: 2BE03DC7E9072A58409BD338F2415425DBA036CE62000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://securecheckout.sandbox.hit-pay.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-v4vtl
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OLicB72wpugbV60lUTBVcRJFIJQlFvIO4%2BHQnUavBw%2Fxx%2BcvyEnHgAj6mUM9AHDj7ERt8Z%2BsyvYbOCDaKVkQYeHivVukoEW6Bp8YRCt50b6hrBROYgCu1rmk5ZJhVlQvtMy5iUqymRlz6%2FW"}],"group":"cf-nel","max_age":604800}
cf-ray: 8202eab0fff53dd8-SIN
access-control-allow-headers: *

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 2320 2 KB
2 KB 105ms
104ms Other
text/html 2404:6800:4003:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: t.sidekickopen01.com
URL: https://t.sidekickopen01.com/Ctc/GG+23284/d2ybdY04/JlY2-6q7W95jsWP6lZ3pVW5X2FZL6gx5MFVdNNn94NJv0MW1YmV0q7SwK5HW140jjm4Byyg_W3_-3hH8Zz5S7N2JJTs49LknzW49B8gw1NFQW5W3k39fZ9bnR_jW4lz6mb6l6MXjW460BZ24x-WzbW1dy5Tx2FCy5TW52yMJx1X1ZWtW53w-Z41bKghgW5S2-gf79PtxhW48BJGZ3jxjLYW65_XJr8kQmVrW6RKV2y5zqFZ8W6Pzd8C8vLbSYW58twky575HglW6pYXS73KMwgXW4kfG3L5XPMH4W25-fG55Yj0ptW2jSMw26C-3LdW5kzzY646LH0QVXlRTC8xJS6PVPyLjB7sqsNFW6nl87W2ln-MJW52mQn45LzWqGW5RdN443rCH9hN4hwW1zmqFKyf52YnMj04
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4003:c06::5c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 246ms
211ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677399496
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677399345
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 254ms
219ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677400015
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677399810
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 250ms
221ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677400037
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677399902
access-control-allow-credentials: true
content-length: 0

GET
H2 200 phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js Show response
js.stripe.com/v3/fingerprinted/js/ 129 KB
35 KB 4ms
4ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-f19807cd8cf5390c9afa641cb061e0d6.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 1855592
x-cache: HIT
content-length: 36129
x-request-id: 6c1d40d3-e566-47bb-afee-e2b5995b9264
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 12 Oct 2023 20:01:48 GMT
server: Fastly
etag: "7b4e2a05caba7714610def4c9240cad9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10544

GET
H2 200 elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html Show response
js.stripe.com/v3/ Frame BE0C 73 KB
16 KB 8ms
7ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

05531f433131187b7daee7bf526ce629d9a63bd930b2d30715c85d1e7fabb904

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37733
cache-control: max-age=31536000
content-encoding: br
content-length: 15180
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:17 GMT
etag: "6ebf6196e88da17ae9bb415c0c62a372"
last-modified: Thu, 02 Nov 2023 20:55:00 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 443
x-content-type-options: nosniff
x-request-id: 9a7e619f-558d-49db-8aaf-d0975d1b397d
x-served-by: cache-qpg1233-QPG

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 245ms
222ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677402230
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677401667
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 254ms
233ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677402277
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677401717
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 254ms
233ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677402835
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677402037
access-control-allow-credentials: true
content-length: 0

GET
H2 200 shared-d6a40aa6ad859d26b11b3cb80358ed9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BE0C 532 KB
129 KB 9ms
8ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 38122
x-cache: HIT
content-length: 131697
x-request-id: 888e92bd-da03-4719-b492-3ec0e9e09070
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ee8e8e1d5200113f8fd70485f5aba85e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7319

GET
H2 200 elements-inner-link-button-for-card-27744bf8d0833c927049162f1855b6e9.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BE0C 24 KB
9 KB 9ms
9ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-link-button-for-card-27744bf8d0833c927049162f1855b6e9.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f03756c1563b606565eda844b97eadf0de8e01a1c3719bcf525dd20370a02bc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 740335
x-cache: HIT
content-length: 9575
x-request-id: f22cf855-c92f-4cf0-a314-393bbd1617ce
x-served-by: cache-qpg1233-QPG
last-modified: Wed, 25 Oct 2023 17:49:31 GMT
server: Fastly
etag: "09b2e3ebca39506cca4bbdc2127fc9c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2852

GET
H2 200 elements-inner-link-button-for-card-4b5caabaabe2a1da1413ec969c991641.css
js.stripe.com/v3/fingerprinted/css/ Frame BE0C 25 KB
4 KB 8ms
8ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-link-button-for-card-4b5caabaabe2a1da1413ec969c991641.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

dccf597ae7be773fabafe94246d6235959c5b169c80b0a575a7e55303887cf3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-link-button-for-card-6ebf6196e88da17ae9bb415c0c62a372.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 740335
x-cache: HIT
content-length: 4316
x-request-id: fedf80fd-7a16-48fc-aa0b-3156d88a9e76
x-served-by: cache-qpg1233-QPG
last-modified: Wed, 25 Oct 2023 17:49:19 GMT
server: Fastly
etag: "bd45f5d1d100cfdffbba7a51dba4f34f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2822

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame 2320 73 KB
27 KB 22ms
21ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjWyu9L4CEowSFAw1On7Jvr7CtkqA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/am=EIYY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrg1nqnUbfP070IL1oiUfMMh90WAbw/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e670ed3138ce1631c59261b27fbc1ce77fb9484a3cf6fb4c1055a4ab80c7868b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 05:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94881
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27247
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Nov 2024 05:09:56 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame BE0C 0
717 B 222ms
220ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996677418673
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996677417844
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame BE0C 0
717 B 221ms
219ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996677418567
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996677417925
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 2320 1 MB
376 KB 79ms
79ms XHR
text/html 2404:6800:4003:c06::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c06::5c Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70e25ffd6f0047bed7bc630bbb291efcae9cf6732a755aa84a9608a8c5558d19

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-KAmCL_RRW5tFE61aHjifUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-KAmCL_RRW5tFE61aHjifUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Fri, 03 Nov 2023 07:31:17 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame 2320 9 KB
4 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjWyu9L4CEowSFAw1On7Jvr7CtkqA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d352dd04d825a5c78227fbbd3abe50f686a04fba43dcd8b8a365d78be33722c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 23:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 116249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3931
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 23:13:48 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0D... Frame 2320 37 KB
14 KB 6ms
6ms Script
text/javascript 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.zh.vuVrp1hp8N0.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.ylLQ0DVug9w.L.B1.O/am=EIYY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjWyu9L4CEowSFAw1On7Jvr7CtkqA/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca70ecefe3482623f108e07fdf52f97c0beb7190042ec948ac0cbc76abd78574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 20:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 126074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14053
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 08:39:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 20:30:03 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 68ms
56ms Preflight
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 03 Nov 2023 07:31:17 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2320 131 B
152 B 92ms
69ms XHR
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 log Show response
play.google.com/ Frame 2320 131 B
152 B 113ms
82ms XHR
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
49ms Preflight
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 03 Nov 2023 07:31:17 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2320 131 B
152 B 112ms
84ms XHR
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 59ms
51ms Preflight
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 03 Nov 2023 07:31:17 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2320 131 B
152 B 107ms
78ms XHR
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 57ms
50ms Preflight
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 03 Nov 2023 07:31:17 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 55ms
49ms Preflight
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 03 Nov 2023 07:31:17 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2320 131 B
152 B 112ms
83ms XHR
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 60ms
56ms Preflight
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 03 Nov 2023 07:31:17 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2320 131 B
152 B 95ms
72ms XHR
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 52ms
51ms Preflight
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 03 Nov 2023 07:31:17 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 2320 131 B
152 B 105ms
83ms XHR
text/plain 2404:6800:4003:c1a::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c1a::71 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 194ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677495668
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677495063
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 195ms
195ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677496220
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677495660
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 198ms
197ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677505422
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1698996677505118
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 195ms
195ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677505613
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677505305
access-control-allow-credentials: true
content-length: 0

GET
H2 200 elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html Show response
js.stripe.com/v3/ Frame 7F98 820 B
1 KB 4ms
4ms Document
text/html 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

eb50fc13069f07ccace4edbd421b9c865e19e138938935d2f1990751082cc3dc

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 37825
cache-control: max-age=31536000
content-encoding: br
content-length: 370
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 03 Nov 2023 07:31:17 GMT
etag: "556f8ff62f4df34619452c636b8e4637"
last-modified: Thu, 02 Nov 2023 20:55:00 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 450
x-content-type-options: nosniff
x-request-id: 143b4003-0ade-4911-a09d-aa32c1aa4d96
x-served-by: cache-qpg1233-QPG

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 196ms
195ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677515605
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677514840
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 194ms
194ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677515691
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996677515082
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 192ms
191ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677515856
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677515611
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 258ms
258ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677517347
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677516544
access-control-allow-credentials: true
content-length: 0

GET
H2 200 shared-d6a40aa6ad859d26b11b3cb80358ed9b.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7F98 532 KB
129 KB 7ms
3ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 38122
x-cache: HIT
content-length: 131697
x-request-id: aa98287f-b2ca-4451-946f-7d840ac7c851
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:14 GMT
server: Fastly
etag: "ee8e8e1d5200113f8fd70485f5aba85e"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7320

GET
H2 200 ui-shared-b6b86772cda0e4bb1c8af020019043df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7F98 380 KB
109 KB 10ms
5ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b6b86772cda0e4bb1c8af020019043df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e7bdf434d274498345dc79890efa95efe763a450b5355cfc4a269abd12c6f5e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 37825
x-cache: HIT
content-length: 111893
x-request-id: b498f6a9-9f04-4dad-aad6-e1669042c8e7
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 20:55:15 GMT
server: Fastly
etag: "2124d9825af14e37118492365c521a5b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1256

GET
H2 200 elements-inner-payment-request-692a6152f486945ef5bb1724a8d01deb.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 7F98 72 KB
25 KB 28ms
22ms Script
text/javascript 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-payment-request-692a6152f486945ef5bb1724a8d01deb.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

1396c8b9abee79298b7357f25d545769fdd21e1357558736429de1f648271181

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 51208
x-cache: HIT
content-length: 25800
x-request-id: 9fe826f4-b44f-4d45-a413-b38f90b20519
x-served-by: cache-qpg1233-QPG
last-modified: Thu, 02 Nov 2023 17:12:20 GMT
server: Fastly
etag: "99362a20de6f19b28f565b5951fc7838"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 426

GET
H2 200 ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css
js.stripe.com/v3/fingerprinted/css/ Frame 7F98 20 KB
3 KB 8ms
3ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-1d27f4e2b314637ba4bb9d7ff79c23c7.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 8766332
x-cache: HIT
content-length: 3304
x-request-id: b9af6461-5ae3-48ae-92e5-f9176a6d73d9
x-served-by: cache-qpg1233-QPG
last-modified: Mon, 24 Jul 2023 20:23:04 GMT
server: Fastly
etag: "b361d7109e9925ca18e32c9da528520f"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8408

GET
H2 200 elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css
js.stripe.com/v3/fingerprinted/css/ Frame 7F98 11 KB
3 KB 7ms
3ms Stylesheet
text/css 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-payment-request-6851fb638395ab2ad12082441235bcfa.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 03 Nov 2023 07:31:17 GMT
via: 1.1 varnish
age: 3730906
x-cache: HIT
content-length: 2547
x-request-id: ab331cf0-66b3-4b9a-88e7-0e700ec023b3
x-served-by: cache-qpg1233-QPG
last-modified: Wed, 20 Sep 2023 21:36:03 GMT
server: Fastly
etag: "828ee6578d45b518446bf74a1cc39038"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2538

POST
H2 200 csp-report
q.stripe.com/ Frame 7F98 0
717 B 237ms
230ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996677547114
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996677546394
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 7F98 0
717 B 236ms
230ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996677546838
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1698996677546438
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 7F98 474 B
372 B 9ms
9ms Fetch
application/json 151.101.192.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.192.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

3132a53898012113b22a2bf416c8b75687faf7e8816d8be8c8ef005d290cdcca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-payment-request-556f8ff62f4df34619452c636b8e4637.html
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 21
x-cache: HIT
content-length: 297
x-request-id: 0bfd5e7a-6f5d-4141-99a9-88f055dd761d
x-served-by: cache-qpg1265-QPG
last-modified: Thu, 02 Nov 2023 21:31:34 GMT
server: Fastly
etag: "46627dd42752d463edb077a815515ded"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 37

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 193ms
192ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677611190
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677610544
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 192ms
191ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677613058
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677612903
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 193ms
193ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
x-stripe-server-envoy-start-time-us: 1698996677616443
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1698996677615880
access-control-allow-credentials: true
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
73 KB 16ms
16ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-573291945

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7526d4d47af7480bb20865d34a0f24fab2f4b2844e3ec529cc35c572d7db0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75153
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 07:31:17 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 205 KB
73 KB 19ms
19ms Script
application/javascript 2404:6800:4003:c01::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-573291945&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NW5HN32

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4003:c01::61 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f95f89390091406aa3c63d87c9921bcb681b939899e166fe88656b72e380df8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75125
x-xss-protection: 0
last-modified: Fri, 03 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Nov 2023 07:31:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/573291945/ 3 KB
2 KB 24ms
13ms Script
text/javascript 2404:6800:4003:c0f::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/573291945/?random=1698996677634&cv=11&fst=1698996677634&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100998439&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&hn=www.googleadservices.com&frm=0&tiba=Checkout%20-%20HitPay&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1807675357.1698996678&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-573291945

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c0f::9a Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

243a87d47cd24ebb33613a1d9c8d16c32394b0428a40b7774cc29eb5b41aa16b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 07:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/573291945/ 42 B
455 B 33ms
20ms Image
image/gif 2404:6800:4003:c1a::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/573291945/?random=1698996677634&cv=11&fst=1698994800000&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100998439&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&frm=0&tiba=Checkout%20-%20HitPay&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNeI2fHA2kzwE3W9Azex-Mtx946sMFXA&random=658274606&rmt_tld=0&ipr=y

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::93 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 07:31:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.vn/pagead/1p-user-list/573291945/ 42 B
154 B 12ms
11ms Image
image/gif 2404:6800:4003:c04::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.vn/pagead/1p-user-list/573291945/?random=1698996677634&cv=11&fst=1698994800000&bg=ffffff&guid=ON&async=1&gtm=45be3b11v9100998439&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&frm=0&tiba=Checkout%20-%20HitPay&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNeI2fHA2kzwE3W9Azex-Mtx946sMFXA&random=658274606&rmt_tld=1&ipr=y

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/payment-request/@hit-studio/9939d0e7-1438-4a37-b46f-517a5f3b128e/checkout

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 07:31:17 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 09B5 156 B
669 B 197ms
197ms XHR
application/json 52.89.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.37.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-37-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7b457f6149487edba85ed221ffafe7a9c591554f069cabe443393f5de42e0de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996677860431
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1698996677860024
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 09B5 156 B
669 B 238ms
237ms XHR
application/json 52.89.37.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.37.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-37-98.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

7b457f6149487edba85ed221ffafe7a9c591554f069cabe443393f5de42e0de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:17 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1698996677909510
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1698996677909261
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

OPTIONS
H/1.1 204
No Content collect
analytics.staging.hit-pay.com/api/ Frame 0
0 16ms
8ms Preflight 18.138.0.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.staging.hit-pay.com/api/collect

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

18.138.0.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-0-88.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://securecheckout.sandbox.hit-pay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Content-Security-Policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Date: Fri, 03 Nov 2023 07:31:18 GMT
Server: nginx/1.14.0 (Ubuntu)
Vary: Access-Control-Request-Headers
X-DNS-Prefetch-Control: on
X-Frame-Options: SAMEORIGIN

POST
H/1.1 200
OK collect Show response
analytics.staging.hit-pay.com/api/ 525 B
999 B 29ms
29ms Fetch
text/plain 18.138.0.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.staging.hit-pay.com/api/collect

Requested by

Host: securecheckout.sandbox.hit-pay.com
URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

18.138.0.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-138-0-88.ap-southeast-1.compute.amazonaws.com

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

277d640b021d2d03406175d6ba33a9ee752882f621eec07df25ec6af299eee89

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Referer
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 03 Nov 2023 07:31:18 GMT
Content-Security-Policy: default-src 'self'; img-src *; script-src 'self' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; connect-src 'self' api.umami.is; frame-ancestors 'self';
Server: nginx/1.14.0 (Ubuntu)
ETag: "11q8iwcn8p0el"
X-DNS-Prefetch-Control: on
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 525

POST
H2 200 0 Show response
r.stripe.com/ Frame 559C 0
274 B 194ms
193ms Fetch
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-d6a40aa6ad859d26b11b3cb80358ed9b.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-186-23-98.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Fri, 03 Nov 2023 07:31:18 GMT
x-stripe-server-envoy-start-time-us: 1698996678250308
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1698996678250021
access-control-allow-credentials: true
content-length: 0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 6ms
5ms Ping
text/plain 2001:4860:4802:32::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-Q2XTP3W7YM&gtm=45je3b11v884855218&_p=1698996676198&gcd=11l1l1l1l1&cid=1662585049.1698996677&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1698996676&sct=1&seg=0&dl=https%3A%2F%2Fsecurecheckout.sandbox.hit-pay.com%2Fpayment-request%2F%40hit-studio%2F9939d0e7-1438-4a37-b46f-517a5f3b128e%2Fcheckout&dt=Checkout%20-%20HitPay&en=scroll&epn.percent_scrolled=90&_et=104&tfd=6890
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q2XTP3W7YM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Nov 2023 07:31:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://securecheckout.sandbox.hit-pay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sandbox.hit-pay.com/	1970-01-20 15:56:43	Name: hitpay_session_sandbox Value: eyJpdiI6IkVXTmo4SHhpelhxeGNhcmUwMWJ5cEE9PSIsInZhbHVlIjoiY2syNC9lOVZDM1Y5MTdxSVk2a1g1Y0pqTU4vNDJtM04yYnd6MHJsRitlYkU5aHBDZHZRY0lQTGtYOFJTZ25kVVFVRFhKa3lpankvQjM3TVNtSXNmRmtuR2xxdm1lVnJmNzJWTHBrRVVBVkd6dWpIMjVGN0d1aDdidThUcGkxcXciLCJtYWMiOiIyNmM0MWEwMTk2MmRkODcwNjc1MGRiZDdkN2NlNWIzYTQxYzdkYmMyNGIzNTlmM2FmMDJhNTNlMGZmOGQwMTE1IiwidGFnIjoiIn0%3D
.google.com/	1970-01-20 20:20:07	Name: NID Value: 511=u-1tbINWEXH1KyyV2SACIM5mmhrcHYeE4-sg63fllUIkFrqkc4wwm-zc7zJGvCQlhEj6fMkY4l89vsNL5hH-m1I9Cded9YIiuXkEASjfcI_QhiZ2W2SriKnLNK2X6Qr8FRXdezVXcnofVaaJFGS5bFu-xHYXJc9zSfu2eB0CAHQ
.hit-pay.com/	1970-01-21 01:32:36	Name: _ga Value: GA1.1.1662585049.1698996677
.hit-pay.com/	1970-01-21 01:32:36	Name: _ga_Q2XTP3W7YM Value: GS1.1.1698996676.1.0.1698996676.60.0.0
.hit-pay.com/	1970-01-20 18:06:12	Name: _fbp Value: fb.1.1698996677221.620696843
.linkedin.com/	1970-01-20 18:06:12	Name: li_sugr Value: 37339587-ae63-4d76-95e0-31c279395cf1
.linkedin.com/	1970-01-21 00:42:12	Name: bcookie Value: "v=2&8c614867-7b9c-4548-8360-9fb041822195"
.linkedin.com/	1970-01-20 15:58:03	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2630:u=1:x=1:i=1698996677:t=1699083077:v=2:sig=AQFMapEmClMEvfdG9FpfvLF_hK7dBfH-"
.linkedin.com/	1970-01-20 16:39:48	Name: UserMatchHistory Value: AQJiJ8zB9zxAZQAAAYuUF-uJFMbz0y8Su45aKsH18gfXYE623xzzPEpyjBVixa1ZYmBQ4LBJNuLUjw
.linkedin.com/	1970-01-20 16:39:48	Name: AnalyticsSyncHistory Value: AQKQnV5UE3VgpQAAAYuUF-uKBAX4K2lcrxGjUbjmJT-NcdBZJ4Ueah8CLIoTxnyC6pnMqYwtjAxRql3crI1rYw
.hit-pay.com/	1970-01-20 18:06:12	Name: _gcl_au Value: 1.1.1807675357.1698996678
.doubleclick.net/	1970-01-20 15:56:37	Name: test_cookie Value: CheckForPermission
m.stripe.com/	1970-01-21 01:32:36	Name: m Value: 53f6a7ea-856c-478f-a0b1-484ad5c3cab15c1705
.securecheckout.sandbox.hit-pay.com/	1970-01-21 00:42:12	Name: __stripe_mid Value: 752b72bd-82bf-4d9f-be3a-4be8805549c6fa6b0c
.securecheckout.sandbox.hit-pay.com/	1970-01-20 15:56:38	Name: __stripe_sid Value: dab37f1e-f86e-4953-bb0b-d9560726b497481b10
.www.linkedin.com/	1970-01-21 00:42:12	Name: bscookie Value: "v=1&20231103073117ad40e8ae-fff6-4d2f-88d1-7a39212d52efAQH6bL7aXHpmUbQtTOz-grZdK_Z9wKsb"
securecheckout.sandbox.hit-pay.com/	1970-01-20 20:15:48	Name: __hstc Value: 118695510.44112d3bfa49b9e188a9fb0ccd62ca9f.1698996678148.1698996678148.1698996678148.1
securecheckout.sandbox.hit-pay.com/	1970-01-20 20:15:48	Name: hubspotutk Value: 44112d3bfa49b9e188a9fb0ccd62ca9f
securecheckout.sandbox.hit-pay.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
securecheckout.sandbox.hit-pay.com/	1970-01-20 15:56:38	Name: __hssc Value: 118695510.1.1698996678148

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
rendering	error	URL: https://securecheckout.sandbox.hit-pay.com/dist/app.js?id=3c7f66787087dfd1836c8cece0d92c21(Line 1) Message: Error: <svg> attribute width: Unexpected end of attribute. Expected length, "".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.staging.hit-pay.com
api.hubapi.com
api.sandbox.hit-pay.com
api.stripe.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.pusher.com
js.stripe.com
m.stripe.com
m.stripe.network
merchant-ui-api.stripe.com
pay.google.com
play.google.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.stripe.com
r.stripe.com
securecheckout.sandbox.hit-pay.com
snap.licdn.com
stats.g.doubleclick.net
t.sidekickopen01.com
www.facebook.com
www.google.com
www.google.com.vn
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
13.107.42.14
13.250.226.27
13.35.149.62
151.101.192.176
18.138.0.88
2001:4860:4802:32::181
2403:e800:e80b::2a63:8c8b
2404:6800:4003:c01::5e
2404:6800:4003:c01::61
2404:6800:4003:c02::9a
2404:6800:4003:c04::5e
2404:6800:4003:c05::5f
2404:6800:4003:c06::5c
2404:6800:4003:c0f::9a
2404:6800:4003:c1a::71
2404:6800:4003:c1a::93
2606:4700:4400::ac40:91c3
2606:4700:4400::ac40:991b
2606:4700::6810:4cba
2606:4700::6810:bb59
2606:4700::6811:599a
2606:4700::6811:cbcc
2606:4700::6811:e6a3
2620:1ec:21::14
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
52.74.114.251
52.89.37.98
54.186.23.98
54.255.63.98
008be6c11194d237bdfb2eebe8726a465d760d77af0a2112b50250743212165d
02b90a5f7f416c9fa3f044b722c14a453a49383b80dee5742f1953446d4448b5
05531f433131187b7daee7bf526ce629d9a63bd930b2d30715c85d1e7fabb904
058d2488f4d26d53cf94a6739b9800ac2d9897baa61a920a66e758129fc7b0bb
0ddfbc2136a2439ef81fb8f9187a9f1ff309101e52686068e9420591d2431009
0fce3a0ebb77c4dce715a468924f7f04a5afc3794737a5c27649a8bc792a53b1
124952226f64422473ca687798f9941a85292a9001c1c327060d019a77e92d59
1396c8b9abee79298b7357f25d545769fdd21e1357558736429de1f648271181
16c10ce133100119f8a0daa6958a7aba617924f0c1bbf7519a42136bd7454f27
19d4d54e7ed8aa5153762ed4ee48dd737a50b6df284896caa552606faa00d38d
1e6eb6158193568a222163f6ee024a0336f2e6420bc49a94449aa0b8640f25da
1f44966d0c51383ee069d1df96d010a3305fb1a743631499b7dc75e86658cbb7
1f6ee641ebc162b522a5025e00616c51c127d21c1bae098d2f1dcd2dbba0a67c
200cef31a4664eb38f1293062efc3d5acf8e769cc27242418b198a0aa4b20492
2148aae183c99fd22de0fa5ac66943716f59908dc935b3b3ca7f02cfdeca17f4
243a87d47cd24ebb33613a1d9c8d16c32394b0428a40b7774cc29eb5b41aa16b
277d640b021d2d03406175d6ba33a9ee752882f621eec07df25ec6af299eee89
2cd5192ff8b020b1b320397711a8d5fb40be5e2954fff09a707e092713b7fc03
2dde887754d20514d8e24e6b081f3ae313a6aae9dc8ca60a4e17c0fd4e2fb56c
2f95f89390091406aa3c63d87c9921bcb681b939899e166fe88656b72e380df8
3132a53898012113b22a2bf416c8b75687faf7e8816d8be8c8ef005d290cdcca
3255f9c25e0dff0617f509966623372bd66227d4656a98a2602ffba3fe4a5e4c
32772602c44291855865e61110869a53305c3351f390dbe3f209ea8bfd17df64
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
394724ca0118829643c12fb5a033cb66680e51327ba157677d18dec209278a3d
3b87e8e60f08ccbe01bc8c6e9746cfa18e19e225a6cf0791046e5f399abad590
3e0aaabdf78a807779bc1fe3c939ea051e509028a42e16b24514b6d8a425675c
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb3fd2865ed74de16c40f0a1767a29d89c40bd122015d4aa062874d868223f2
3eeb070fa2485ea21a405627eca42ee9578711726958ec35e4005f09a29df861
3f789263c9aefe1ae05af12b80623958f3997acdbb5308991e2752de3297b529
40c2d5bba302817f814a00a3e7a422c2e68cdc62b616811c9fa99813cb827511
473ba95b4fa3ffd8731a5940b6183fcce240498bcef2a31b40e3bce40ef99cc6
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5033e337e474e5d2818fee21b093eaef81d5f545fd49b5f635b3e1160fa83abe
5075d6ff784f2d5de13cac7bfc1befc486db62e37d98b28ff249c8fc46cd7b96
514fdd784dcad231ffd0f4cf6635b957e22535527d8552cc77bff683da86f584
5373695bd5c237c0739464bdb59bb93ab1ede131ffa3fa7770e952575f935083
54c58340499a350baa27d2cd293d552b1928db527fe581ed71213683655330a6
56ceb96dd2300f59303bd974bb63fce99f131d1b15915e29f9755098bdfe167e
5819a181eb54148e5cff9bdad4db48bf13ad3f04eb5b5f8b58e284a082021c02
585565d995a6d994a39cb7088dbbe778013a57a7bda41dd35a7e8e7f57615693
58d9e33c417379bdf294f2e6907c186c529d7691e73867a82207314837701bea
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5b36df846327e15a6d4bd783d36d37029ca202124bed5e3eaa8a0e462f3148e1
5f45aa62a5047d9f3e06c3d936b4c2a927b03bf51fc8d68de1ac790661d3fac9
615ae36965aa12e3bd1819215308e1ab74067f1673ccb1297dab53435bc30e45
6316684f1910da34cad18c064a5d3be59302b0a7b91cf59e5cdd7beb3e947953
6364ba7ab356e08f3183d1708a7650516fbbc553675e52b772d76f3216dbc36d
66276308ea9a0248a4b0a18b60f32d4e1ace126947958b756b679d9b36056b93
672e173a1961506da81fd51463bb8b4aeacf8be4d484d02dca74b3e3a848ab7c
683f9a751acc4e72db3b7198187617d060fc084ecb797ca79aac3d653829d7cf
6920ff5f2938a1c098ee98adbd1294642a95e1a78b3e9612b4a11da01e97f0ee
6d352dd04d825a5c78227fbbd3abe50f686a04fba43dcd8b8a365d78be33722c
6e8c3a5896dcc8e863d97caf2903920942f66e075cf00c690d7e63bf0ed93ffa
6ec5d6a9e83e9ea5a71d966cc9df0ae12a4dc0a199768393050a45af35843983
70e25ffd6f0047bed7bc630bbb291efcae9cf6732a755aa84a9608a8c5558d19
73b016ef7d62ceceed8b045730ee36b4e1d6eeb84eac31fbcc6aa7e33c5cae94
7b457f6149487edba85ed221ffafe7a9c591554f069cabe443393f5de42e0de9
84059a9d5813266b91398960ed25f42ee9fda50de7797bd83a0cc84b3ddb0068
887d0d5a20388275989df29b5b904ccefaa471cab3b3b864d1783f8284dc4160
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8a63514be91a2c576ab5a38b180c7fe2e7a9290ba9560547bee34befe5f1a788
8ea59a6ade54ebc406203c1112336688007c0a39d4b038b33f27d0c4b328183b
8ed1359081c33a77726e1e461df5b2fbae019391951303ae227bf81d0eebc6af
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
94d6d2a3d0055826a72a3fe774881ecdfb61ff6c0e86d1a6e3a0cafbe9fdce24
95ac45c7b27bed99842b951d6db20b448fb0f94794f33ff437c8b9b3e703ffb0
9738467f6955f47e5542f15510e9cd654da44f2ad165f9dc26167e7744c8082d
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
98575a35a706635169284310a81d451719bca2f2b6e577aa0f64403b4af1ecd7
994871173283780379facf4a49eba42ee824f81934a59551bc14c46f4905d1a6
9f2236d1eae7254a211a5f588f8fff17f31ada416250baa4ddc4d4664b81d9fa
9fad5c0bfc89c3ea8dfd2ab91647608ab2044402c1bd61250c5e76a9f567c741
9fc1ff9a500d82004833c32e8b876f80aa08f41f814b4f3827c68776dd6a6daf
a96a23350ab80a84179442182f7c309f22a8bf1a2f632f4a63b143f44e4891a7
a97da3cf3c6b662e9aeaa6628d091fb17bc087d8ba7f9bd643f9aeb85182c288
ae33cd4fb1c2398db653771221261aaf33ffa95575306a62dc967c33daa4f7d4
b2ca074e06b24a5adbed403260d9a354a1d13d2eb95f13c59740e3c378f5a0c3
b7526d4d47af7480bb20865d34a0f24fab2f4b2844e3ec529cc35c572d7db0c5
bae91ff835ad284fb2031739d46f59df9d56e5780b8e8a2de3daded5c1f8aef6
bd3305cbe248a3e41e6515b13252574e43ca28e21b1a768cae80e883199763c0
c44042bda035c2f1687062580a871a0ebec5661247a634f0cee6e51e13c42db3
c49d5666c8526e0aa4cc654c34098be84518a8b3d41e489e4a7c33fa52b41e17
c720549381f8447b531054d5e989836dc4e03f52f2bacf78f84c9b1c510ad86b
c872bcc71975f35c3f1eac4b5bafc24a65f630941889bcd4bb967c2f04bbd11d
ca70ecefe3482623f108e07fdf52f97c0beb7190042ec948ac0cbc76abd78574
cd1408cf00466a8d1d3f633f84bd09c35f5d42a3e5970498c59c72661b99dfec
ce6bebeccae72dfe632f52750c60ad8bed7ff341508c27c1b95224bb483ca5c0
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dccf597ae7be773fabafe94246d6235959c5b169c80b0a575a7e55303887cf3f
dde1cab6d702075b4b19de793256eb6eefb2d90ebbd9d3dbd5ca084c0e189197
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dcb19074e5f046e5f3efe69bc4bb66998513c2ead34f1c46a7cda1a78052e8
e62edfdb0575acbdce5c582447530e931df30ba86e9036e93c58cc7944ed56c6
e670ed3138ce1631c59261b27fbc1ce77fb9484a3cf6fb4c1055a4ab80c7868b
e7bdf434d274498345dc79890efa95efe763a450b5355cfc4a269abd12c6f5e8
e87141bc7b8bd845e4105d2d8b09f7757eff484be9ecc72115389d018f586aab
e87d7ab81b7da9eef1a343d98826741e662125a9c92f56b603f7bd95a5f7cee9
eb50fc13069f07ccace4edbd421b9c865e19e138938935d2f1990751082cc3dc
ef16539c1d38c323f79d96e30ead5634e9d1ef6fe3edb28078291415ab43de35
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2da7f3d49c4ea52782c56571d57d7b61bd97f91a6a9f9eaa8eb318dd6f7b06
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f03756c1563b606565eda844b97eadf0de8e01a1c3719bcf525dd20370a02bc0
f117c6d365a185756c30499c84fbb08c5e48b0886e6d493543fcb8bc2b4b648e
f1f017be5382119d698a4e12259c81ea23cf3aede63669c3915d357379d40754
f4489e494885e27030d155eac69c3c55affdc57f607ee3e6f434a432f9fae5e0
f7a4e0358e381f26d1114e2bd35c3d62f424584c13dd42223634537fad645475
fba3bfc491ba1ba67a89589079b39f92222acc2d511dafd2975ebf9d0eafc8f5
fc42bb69e9975dc74d50c5bda8cb36384bcd0bc7f6b1a54991c6f2a92251df0e

securecheckout.sandbox.hit-pay.com Open in urlscan Pro 54.255.63.98 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

230 Requests

100 %HTTPS

70 %IPv6

21 Domains

36 Subdomains

30 IPs

3 Countries

6337 kBTransfer

14404 kBSize

20 Cookies

6 Outgoing links

Page URL History

Redirected requests

230 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

securecheckout.sandbox.hit-pay.com Open in urlscan Pro
54.255.63.98 Public Scan

Screenshot
Live screenshot

Full Image

230
Requests

100 %
HTTPS

70 %
IPv6

21
Domains

36
Subdomains

30
IPs

3
Countries

6337 kB
Transfer

14404 kB
Size

20
Cookies

230 HTTP transactions
1 data transactions