payment.farecollection.tech Open in urlscan Pro
2a02:4780:a:761:0:395c:f11f:2b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payment.farecollection.tech/
Submission: On July 05 via automatic, source certstream-suspicious (July 5th 2023, 12:59:36 pm UTC) — Scanned from GB

Summary HTTP 58 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 21 domains to perform 58 HTTP transactions. The main IP is 2a02:4780:a:761:0:395c:f11f:2b, located in Manchester, United Kingdom and belongs to AS-HOSTINGER, CY. The main domain is payment.farecollection.tech.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on July 5th 2023. Valid for: 3 months.

This is the only time payment.farecollection.tech was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a02:4780:a:7... 2a02:4780:a:761:0:395c:f11f:2b	47583 (AS-HOSTINGER) (AS-HOSTINGER)
12	108.138.24.183 108.138.24.183	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c1b::9b	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	146.75.116.157 146.75.116.157	54113 (FASTLY) (FASTLY)
1	2a04:4e42::396 2a04:4e42::396	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
3	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
4	2a02:26f0:780... 2a02:26f0:780::210:a40a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.239.234.229 34.239.234.229	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2600:9000:20e... 2600:9000:20eb:2000:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
58	23

3 2a02:4780:a:761:0:395c:f11f:2b (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER, CY)

payment.farecollection.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 108.138.24.183 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-24-183.fra56.r.cloudfront.net

d2599kud7uucku.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:780::210:a40a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.234.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-234-229.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:2000:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cloudfront.net d2599kud7uucku.cloudfront.net	224 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 544 px4.ads.linkedin.com — Cisco Umbrella Rank: 6544	5 KB
5	google.de www.google.de — Cisco Umbrella Rank: 4752	885 B
5	google.com www.google.com — Cisco Umbrella Rank: 10 region1.analytics.google.com — Cisco Umbrella Rank: 2556	1 KB
5	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130 googleads.g.doubleclick.net — Cisco Umbrella Rank: 57	5 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 914	11 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 390	13 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	270 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	274 KB
3	farecollection.tech payment.farecollection.tech	4 KB
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031	742 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	154 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63	21 KB
1	quora.com q.quora.com — Cisco Umbrella Rank: 4238	421 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 732	726 B
1	t.co t.co — Cisco Umbrella Rank: 511	377 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1562	637 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1396	8 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 768	15 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88	1 KB
58	21

	Domain	Requested by
12	d2599kud7uucku.cloudfront.net	payment.farecollection.tech
5	www.google.de	payment.farecollection.tech
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com
4	www.google.com	payment.farecollection.tech
3	px.ads.linkedin.com	3 redirects
3	bat.bing.com	payment.farecollection.tech bat.bing.com
3	www.facebook.com	payment.farecollection.tech
3	googleads.g.doubleclick.net	www.googletagmanager.com
3	www.googletagmanager.com	payment.farecollection.tech www.googletagmanager.com
3	payment.farecollection.tech	payment.farecollection.tech
2	cdn.linkedin.oribi.io	snap.licdn.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	payment.farecollection.tech connect.facebook.net
2	www.google-analytics.com	payment.farecollection.tech www.google-analytics.com
1	px4.ads.linkedin.com
1	www.linkedin.com	1 redirects
1	region1.analytics.google.com	www.googletagmanager.com
1	q.quora.com
1	analytics.twitter.com	payment.farecollection.tech
1	t.co	payment.farecollection.tech
1	alb.reddit.com	payment.farecollection.tech
1	www.redditstatic.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	payment.farecollection.tech
58	25

This site contains no links.

Subject Issuer	Validity	Valid
payment.farecollection.tech ZeroSSL RSA Domain Secure Site CA	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-04-13` - `2023-07-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-12` - `2023-10-08`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2023-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2022-11-14` - `2023-11-14`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.quora.com R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://payment.farecollection.tech/
Frame ID: 47BE74EF3B58403729C2F235C30EB79D
Requests: 58 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Receipt Payment

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

<input[^>]+_s-xclick

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

58
Requests

98 %
HTTPS

71 %
IPv6

21
Domains

25
Subdomains

23
IPs

4
Countries

784 kB
Transfer

2446 kB
Size

24
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4356620%26time%3D1688561971779%26url%3Dhttps%253A%252F%252Fpayment.farecollection.tech%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ55VBsFHTZEQAAAYkmIvWTiLCTsozSxeHz_dpT84h67hpLoyN9kV_ZmQt9lXvlIQ

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payment.farecollection.tech/ 8 KB
4 KB 369ms
63ms Document
text/html 2a02:4780:a:761:0:395c:f11f:2b
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:761:0:395c:f11f:2b Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed / PHP/5.5.38

Resource Hash

7377c4a5a783a6e3f4ae27921d239f05c685a70ab919152e776507f5f610b8c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 3340
content-security-policy: upgrade-insecure-requests
content-type: text/html
date: Wed, 05 Jul 2023 12:59:30 GMT
platform: hostinger
server: LiteSpeed
vary: Accept-Encoding
x-powered-by: PHP/5.5.38

GET
H/1.1 200
OK bootstrap.css
d2599kud7uucku.cloudfront.net/themes/h2/invoice/ 118 KB
20 KB 320ms
54ms Stylesheet
text/css 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/bootstrap.css?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

47d10f8bd71903511b2eba72db03abad2dab28fe1deb4511c3961285d8c299df

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 07:42:35 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Cf-Polished: origSize=146010
Age: 19015
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Cf-Bgj: minify
Last-Modified: Tue, 04 Jul 2023 06:31:05 GMT
Server: cloudflare
ETag: W/"23a5a-5ffa36d7c565c"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
CF-RAY: 7e1df8e10aed2c79-FRA
X-Amz-Cf-Id: yR3qk0TDmjrVx8Oi4AGVQZxsO2HNunsVlqua8FMY5w5VHF2XJGUzSw==

GET
H/1.1 200
OK style.css
d2599kud7uucku.cloudfront.net/themes/h2/invoice/ 15 KB
4 KB 320ms
55ms Stylesheet
text/css 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/style.css?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

66fdb7b887f939db8b7360383d1e3717c4996063da7eb76dd6db405eee288bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 07:42:35 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Cf-Polished: origSize=20054
Age: 19015
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Cf-Bgj: minify
Last-Modified: Tue, 04 Jul 2023 06:31:05 GMT
Server: cloudflare
ETag: W/"4e56-5ffa36d7c5a44"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=604800
CF-RAY: 7e1df8e14d989a15-FRA
X-Amz-Cf-Id: uo6Ebr9trBdO42iPK_YKD2gztmlLNI4i3HB09Jcuw_XuxA7pMcLdYg==

GET
H2 200 css
fonts.googleapis.com/ 27 KB
1 KB 179ms
62ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 12:59:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 11:35:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jul 2023 12:59:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 185ms
67ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-858978838

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66faf3356da1f3f10d102120e626892e0e34dbc81eec50dec91be42a47eabfea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76590
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jul 2023 12:59:30 GMT

GET
H/1.1 200
OK hostinger.min.js Show response
d2599kud7uucku.cloudfront.net/themes/h2/ 545 KB
157 KB 327ms
62ms Script
application/javascript 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/hostinger.min.js?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

c0692e7bccdb7fa91633d806f5e93b439d18ffb425d5dd3e45d1c0ae26649957

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 06:36:10 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 23000
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Last-Modified: Tue, 04 Jul 2023 06:31:06 GMT
Server: cloudflare
ETag: W/"883f7-5ffa36d8cec86"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=604800
CF-RAY: 7e1d9796696e996c-FRA
X-Amz-Cf-Id: xEnK1-krYI8BM4kmjmB-Q0kwOS36vRaQWYZd0UI__wXWKDEA23T7Aw==

GET
H/1.1 200
OK logo-white.svg
d2599kud7uucku.cloudfront.net/themes/h2/img/ 11 KB
5 KB 57ms
56ms Image
image/svg+xml 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/img/logo-white.svg?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

4721509f02c0dd27e3cb94adc6eadf2bc03799136897f62fba2ecab919d4b779

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: EXPIRED
Via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
Date: Wed, 05 Jul 2023 08:52:49 GMT
X-Amz-Cf-Pop: FRA56-P7
Age: 14801
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Last-Modified: Tue, 04 Jul 2023 06:31:06 GMT
Server: cloudflare
ETag: W/"2b68-5ffa36d8de2a2"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
CF-RAY: 7e161e2abb19925f-FRA
X-Amz-Cf-Id: 6cxh_bKJAsxdi5NFZl5daHOHe80W0THE1PMvqGJyEAOaZ-rCJDX3ww==

GET
H/1.1 200
OK ajax-loading.gif
d2599kud7uucku.cloudfront.net/themes/h2/img/ 8 KB
9 KB 60ms
59ms Image
image/gif 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/img/ajax-loading.gif?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

360d75b332b2b73af10d477279275a13a26278441ed3e1ed6d05075747570998

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 06:42:07 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 1232243
Cf-Polished: origSize=33129, status=webp_bigger
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7921
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Cf-Bgj: imgq:85,h2pri
Last-Modified: Wed, 21 Jun 2023 06:33:27 GMT
Server: cloudflare
ETag: "8169-5fe9df20e19a4"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7daa4509ab7e9036-FRA
X-Amz-Cf-Id: Xz2ufUBwazqy9OGuUPENqzm2EK1HttkLAZzybtCbZOdgTXvx2TVAqw==

GET
H/1.1 200
OK braintree_paypal.png
d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/gateways/ 3 KB
3 KB 114ms
55ms Image
image/png 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/gateways/braintree_paypal.png?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

4b1a75cdca8f4a048f485985583dacc2016333c9775949ee3d5b1daff1cb7782

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 06:42:07 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 1232243
Cf-Polished: origSize=8282
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2561
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Cf-Bgj: imgq:85,h2pri
Last-Modified: Wed, 21 Jun 2023 06:33:30 GMT
Server: cloudflare
ETag: "205a-5fe9df234908d"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7daa4509dede9c10-FRA
X-Amz-Cf-Id: elTMjc1D6fx3-s7zgWPAmkQx2v9lgfVxlKGyhCSTIkjRtaqHFRBfaA==

GET
H/1.1 200
OK coingate.png
d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/gateways/ 11 KB
12 KB 120ms
60ms Image
image/png 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/gateways/coingate.png?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

a24e875654a3de9eb7e8ca5d7e851d22f7a39e8f21de8ec5dec8fd990e0dc8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 06:42:07 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: 1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 1232243
Cf-Polished: origSize=13793
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11373
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Cf-Bgj: imgq:85,h2pri
Last-Modified: Wed, 21 Jun 2023 06:33:30 GMT
Server: cloudflare
ETag: "35e1-5fe9df2349475"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7daa450a99043639-FRA
X-Amz-Cf-Id: JzXFJQfgXLNW3pC_lzXdT7EIaqEq7HLdu_aNZXMBRxAQ_UcSWkkV-w==

GET
H/1.1 200
OK creditcard-default.png
d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/gateways/ 4 KB
5 KB 157ms
56ms Image
image/png 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/gateways/creditcard-default.png?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

70dff92fbbc4a05d052b821b5fead9762ed5d4097d356d46318dcac91dba06a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 06:42:07 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: 1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 1232243
Cf-Polished: origSize=5940
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4507
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Cf-Bgj: imgq:85,h2pri
Last-Modified: Wed, 21 Jun 2023 06:33:28 GMT
Server: cloudflare
ETag: "1734-5fe9df2116d42"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7daa450a7b7f18eb-FRA
X-Amz-Cf-Id: skiIEc49bmGk2CUWFZ-9iW_i7IWGGHKg_YeFMtiGYAWHI7gt4KE96w==

GET
H/1.1 200
OK ssl-badge.png
d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/ 2 KB
3 KB 106ms
57ms Image
image/png 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/ssl-badge.png?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

f86ba5b6d41d226d44096493a44d44328627b11766d8942aa4e1b6e1941a4b9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 21 Jun 2023 06:42:07 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Via: 1.1 4b69099d64ffa1fbe8adbe1235065a14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 1232243
Cf-Polished: origSize=4069
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2224
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Cf-Bgj: imgq:85,h2pri
Last-Modified: Wed, 21 Jun 2023 06:33:30 GMT
Server: cloudflare
ETag: "fe5-5fe9df23488bd"
X-Frame-Options: sameorigin
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 7daa450a4d849b31-FRA
X-Amz-Cf-Id: 40u9InasH22qBuC-pJnZ2RPVSQ1AdxcdwmC4k24G8N6vO7-oZp7RjA==

GET
H/1.1 200
OK 24-7.svg
d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/ 2 KB
1 KB 103ms
55ms Image
image/svg+xml 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/24-7.svg?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

6747fd15ef355e496c156288c6810414e31ae3fc92433b8d277fb4dd4ba53b0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
CF-Cache-Status: EXPIRED
Via: 1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
Date: Wed, 05 Jul 2023 11:23:52 GMT
X-Amz-Cf-Pop: FRA56-P7
Age: 5738
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Last-Modified: Tue, 04 Jul 2023 06:31:05 GMT
Server: cloudflare
ETag: W/"73e-5ffa36d7c6214"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
CF-RAY: 7e16a0e73832043a-FRA
X-Amz-Cf-Id: Ej22jRXxqhAFhigbrW7E9seuWUPQ19INVHDJ3jxzqaRjDom21AfcDg==

GET
H/1.1 200
OK secure-payments.svg
d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/ 2 KB
2 KB 62ms
55ms Image
image/svg+xml 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/secure-payments.svg?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

1f9de41841bd46a0c49f0f317902a44158b3965bddbb199d2cfb24b33a2b711b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 06:40:56 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: EXPIRED
Content-Encoding: gzip
Via: 1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 22714
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Last-Modified: Tue, 04 Jul 2023 06:31:06 GMT
Server: cloudflare
ETag: W/"6e6-5ffa36d905795"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
CF-RAY: 7e1d9e925cd735e8-FRA
X-Amz-Cf-Id: CGI3QgAQ2eVOXTj4podx82EOInQN4t708ccomd87ehV-Pg1FWZkOYw==

GET
H/1.1 200
OK money-back.svg
d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/ 2 KB
2 KB 55ms
54ms Image
image/svg+xml 108.138.24.183
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://d2599kud7uucku.cloudfront.net/themes/h2/invoice/images/money-back.svg?v=10.3.20

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

108.138.24.183 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-24-183.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

66132a83218550e5103c59eb338e57f8a5494f055711916462480f94431c20fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 11:23:52 GMT
Strict-Transport-Security: max-age=7776000; includeSubDomains, max-age=2592000
X-Content-Type-Options: nosniff
CF-Cache-Status: HIT
Content-Encoding: gzip
Via: 1.1 df327bd0c8709a81ade8602ac9ef16e0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-P7
Age: 5738
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge,chrome=1
Last-Modified: Tue, 04 Jul 2023 06:31:06 GMT
Server: cloudflare
ETag: W/"9e5-5ffa36d9053ad"
X-Frame-Options: sameorigin
Vary: Accept-Encoding
Content-Type: image/svg+xml
CF-RAY: 7e1f3d071c453656-FRA
X-Amz-Cf-Id: tLPoeikaTU14GM9JrBor7zqsilWeTniD9DUwqcCOxDyZZP5nfIixmQ==

GET
H2 404 toastr.min.js
payment.farecollection.tech/scripts/toastr/ 0
0 62ms
61ms Script
text/html 2a02:4780:a:761:0:395c:f11f:2b
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.farecollection.tech/scripts/toastr/toastr.min.js

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:4780:a:761:0:395c:f11f:2b Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

Software

LiteSpeed /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:30 GMT
content-encoding: br
content-security-policy: upgrade-insecure-requests
last-modified: Thu, 18 Nov 2021 19:13:42 GMT
server: LiteSpeed
etag: "999-6196a5e6-36ee4236eeb264fd;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 404 toastr.min.css
payment.farecollection.tech/scripts/toastr/ 0
0 62ms
60ms Stylesheet
text/html 2a02:4780:a:761:0:395c:f11f:2b
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL: https://payment.farecollection.tech/scripts/toastr/toastr.min.css
Requested by: Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:4780:a:761:0:395c:f11f:2b Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:30 GMT
content-encoding: br
last-modified: Thu, 18 Nov 2021 19:13:42 GMT
server: LiteSpeed
etag: "999-6196a5e6-36ee4236eeb264fd;br"
vary: Accept-Encoding
content-type: text/html
accept-ranges: bytes
platform: hostinger
content-length: 912

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 170ms
53ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Jul 2023 12:35:22 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1448
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jul 2023 14:35:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 421 KB
113 KB 291ms
175ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KL4FQVG

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06f51d5c287b3e67aea53635eeb3c71f4dc10cfb1fd621a7eded8ff76ba26fd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 115750
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jul 2023 12:59:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 165ms
55ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jul 2023 12:59:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46863
x-xss-protection: 0
pragma: public
x-fb-debug: lW+vGgsG/JaxfTsLOt8icchrQKISjPMSdnK97OTXXQJyzL4sjXWDTC2AiX73X/c1aVRJmJMHmunO8qOJevUUCg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 47 KB
48 KB 171ms
56ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i&subset=cyrillic,cyrillic-ext,greek,greek-ext,latin-ext,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://payment.farecollection.tech
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 01 Jul 2023 00:21:44 GMT
x-content-type-options: nosniff
age: 391066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48412
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Jun 2024 00:21:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
217 B 62ms
62ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1455671773&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.farecollection.tech%2F&ul=en-us&de=UTF-8&dt=Receipt%20Payment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=2076751277&gjid=966281257&cid=1309295656.1688561971&uid=21957406&tid=UA-26575989-10&_gid=1979759355.1688561971&_r=1&_slc=1&cd1=21957406&cd3=active&z=105121325

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.farecollection.tech/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.farecollection.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
357 B 170ms
55ms XHR
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-26575989-10&cid=1309295656.1688561971&jid=2076751277&uid=21957406&gjid=966281257&_gid=1979759355.1688561971&_u=YEBAAEAAAAAAACAAI~&z=2146990714

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payment.farecollection.tech/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Jul 2023 12:59:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.farecollection.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858978838/ 3 KB
2 KB 214ms
97ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858978838/?random=1688561970915&cv=11&fst=1688561970915&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Receipt%20Payment&auid=1040775223.1688561971&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-858978838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

228cc698ad80471165b5dc3c831c9f640b8d37d734fff34e93b411470413c791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 190ms
54ms Script
application/javascript 146.75.116.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL4FQVG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-eddf8230039-FRA

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 23 KB
8 KB 158ms
43ms Script
application/javascript 2a04:4e42::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL4FQVG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Thu, 15 Jun 2023 20:49:59 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7409

GET
H2 200 233182517365050 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 57ms
56ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/233182517365050?v=2.9.111&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0bfe2fc13f15c598d39360babf7fb0a1cdef22ad6c338d3e846d440a19a7f42f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Jul 2023 12:59:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110012
x-xss-protection: 0
pragma: public
x-fb-debug: crQIZ/0e2IehdidHZLUB95PoRVk5zv7Q5QRAGmYyy63nf/AkEg7ccX+mQ5v9yx0iOVeieDWjlE943NLKoLBZWg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 197ms
80ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26575989-10&cid=1309295656.1688561971&jid=2076751277&_u=YEBAAEAAAAAAACAAI~&z=1659290952

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 203ms
86ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-26575989-10&cid=1309295656.1688561971&jid=2076751277&_u=YEBAAEAAAAAAACAAI~&z=1659290952

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/858978838/ 42 B
455 B 113ms
69ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858978838/?random=1688561970915&cv=11&fst=1688558400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&frm=0&tiba=Receipt%20Payment&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2605397578&rmt_tld=0&ipr=y

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858978838/ 42 B
455 B 111ms
66ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858978838/?random=1688561970915&cv=11&fst=1688558400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&frm=0&tiba=Receipt%20Payment&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2605397578&rmt_tld=1&ipr=y

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 272ms
145ms Image
image/gif 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1688561971173&id=t2_4kt3tlg0&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=bc5e288a-7d5b-4f01-b241-a50550ce79a9&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by: Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:31 GMT
via: 1.1 varnish
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server: Varnish
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 165ms
54ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=233182517365050&ev=PageView&dl=https%3A%2F%2Fpayment.farecollection.tech%2F&rl=&if=false&ts=1688561971181&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1688561971179.718274669&cs_est=true&it=1688561971033&coo=false&exp=a1&rqm=GET

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jul 2023 12:59:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 166ms
55ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=233182517365050&ev=AddPaymentInfo&dl=https%3A%2F%2Fpayment.farecollection.tech%2F&rl=&if=false&ts=1688561971183&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1688561971179.718274669&it=1688561971033&coo=false&exp=a1&rqm=GET

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jul 2023 12:59:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 250ms
143ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=30e66a78-ee72-408c-bbde-2ff4c5f2122c&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=e1e0d203-e502-4c5a-a61e-03da91395745&tw_document_href=https%3A%2F%2Fpayment.farecollection.tech%2F&tw_iframe_status=0&txn_id=o4sxu&type=javascript&version=2.3.29

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 99
date: Wed, 05 Jul 2023 12:59:30 GMT
strict-transport-security: max-age=0
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: e575252589e8de7e
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7abcf5cdcdfb4b8bd82bb0eca552c17f4cbda6fd4bd14f8a85644b5156648c6f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
726 B 261ms
149ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=30e66a78-ee72-408c-bbde-2ff4c5f2122c&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=e1e0d203-e502-4c5a-a61e-03da91395745&tw_document_href=https%3A%2F%2Fpayment.farecollection.tech%2F&tw_iframe_status=0&txn_id=o4sxu&type=javascript&version=2.3.29

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 05 Jul 2023 12:59:30 GMT
strict-transport-security: max-age=631138519
server: tsa_f
content-type: image/gif;charset=utf-8
x-transaction-id: 296f02070cbea85d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 756f3ffeb397237ca82a904fb75dee99b38e6e3c9716e2321f0855a5347d2a0b
content-length: 43

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/858978838/ 3 KB
2 KB 102ms
101ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858978838/?random=1688561971497&cv=11&fst=1688561971497&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Receipt%20Payment&auid=1040775223.1688561971&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL4FQVG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f4fd580af5f5e5d438c159f35c89991e0f4c45cf0ca4586d4471112b2a7d10d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/743689991/ 3 KB
2 KB 184ms
184ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/743689991/?random=1688561971501&cv=11&fst=1688561971501&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&hn=www.googleadservices.com&frm=0&tiba=Receipt%20Payment&auid=1040775223.1688561971&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL4FQVG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9342dbb6e5cc4629e75910780c33bf45a5362dbb1429d7b9ac65ac08cc0228a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
772 B 213ms
55ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL4FQVG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=31008
accept-ranges: bytes
content-length: 560

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 214ms
80ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: payment.farecollection.tech
URL: https://payment.farecollection.tech/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 05 Jul 2023 12:59:30 GMT
last-modified: Thu, 11 May 2023 18:08:27 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C9DDC2A92DBE4F2C8DFFDE1EA0F2F2CC Ref B: FRA31EDGE0216 Ref C: 2023-07-05T12:59:31Z
etag: "80df77953384d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 12183

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
85 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-73N1QWLEMH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL4FQVG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5b1287b159385c16a1c72d793cc9ee79af95e86a37d758dbfa4803e596f723d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87181
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jul 2023 12:59:31 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/90942a8c7e804ef8bdbe5aef27b18fa2/ 43 B
421 B 508ms
119ms Image
image/gif 34.239.234.229
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/90942a8c7e804ef8bdbe5aef27b18fa2/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fpayment.farecollection.tech%2F

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.239.234.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-239-234-229.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 12:59:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,b57425844718933519faa5c02214a19d,10.0.0.80,35672,82.199.130.44,,134964744070,1,1688561971.955,0.002,,.,0,0,0.000,0.004,-,0,0,197,165,82,10,35796,,,,,,-,
Content-Type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
262 B 178ms
61ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-73N1QWLEMH&gtm=45je36s0&_p=1455671773&_gaz=1&cid=1309295656.1688561971&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1688561971&sct=1&seg=0&dl=https%3A%2F%2Fpayment.farecollection.tech%2F&dt=Receipt%20Payment&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-73N1QWLEMH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.farecollection.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 57ms
55ms Ping
text/plain 2a00:1450:400c:c1b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-73N1QWLEMH&cid=1309295656.1688561971&gtm=45je36s0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-73N1QWLEMH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payment.farecollection.tech
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 80ms
79ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-73N1QWLEMH&cid=1309295656.1688561971&gtm=45je36s0&aip=1&z=1361412031

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/858978838/ 42 B
108 B 69ms
69ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/858978838/?random=1688561971497&cv=11&fst=1688558400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&frm=0&tiba=Receipt%20Payment&fmt=3&is_vtc=1&random=1684610280&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/858978838/ 42 B
108 B 67ms
67ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/858978838/?random=1688561971497&cv=11&fst=1688558400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&frm=0&tiba=Receipt%20Payment&fmt=3&is_vtc=1&random=1684610280&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/743689991/ 42 B
108 B 66ms
66ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/743689991/?random=1688561971501&cv=11&fst=1688558400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&frm=0&tiba=Receipt%20Payment&fmt=3&is_vtc=1&random=3039755252&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/743689991/ 42 B
108 B 67ms
67ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/743689991/?random=1688561971501&cv=11&fst=1688558400000&bg=ffffff&guid=ON&async=1&gtm=45He36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayment.farecollection.tech%2F&frm=0&tiba=Receipt%20Payment&fmt=3&is_vtc=1&random=3039755252&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 12:59:31 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 56ms
54ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=47947
accept-ranges: bytes
content-length: 4807

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
772 B 56ms
55ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KL4FQVG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Jun 2023 17:35:57 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=31008
accept-ranges: bytes
content-length: 560

GET
H2 204 25052732.js Show response
bat.bing.com/p/action/ 0
118 B 180ms
180ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/25052732.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Wed, 05 Jul 2023 12:59:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 821EE42F4CD740F5B388090167008EFB Ref B: FRA31EDGE0216 Ref C: 2023-07-05T12:59:31Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
286 B 79ms
78ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=25052732&Ver=2&mid=927d4621-c140-4461-8be9-7c1f74ee35c2&sid=c89039701b3311eea22e0101e35798a8&vid=c89066301b3311ee99b07d0aff2c1dc1&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Receipt%20Payment&p=https%3A%2F%2Fpayment.farecollection.tech%2F&r=&lt=1612&evt=pageLoad&sv=1&rn=727670

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 05 Jul 2023 12:59:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 01453A5A4467451EBA6DCD97074411F4 Ref B: FRA31EDGE0216 Ref C: 2023-07-05T12:59:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4356620/domain/payment.farecollection.tech/ 36 B
377 B 340ms
198ms XHR
application/json 2600:9000:20eb:2000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4356620/domain/payment.farecollection.tech/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://payment.farecollection.tech/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:32 GMT
content-encoding: gzip
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: RTAcVgBfTpycBXOfFADHS-szYlsozwjMVQgY1eLsD69N-3onb4CZEw==

GET
H2 200 insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 55ms
54ms Script
application/x-javascript 2a02:26f0:780::210:a40a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.beta.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:780::210:a40a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Jun 2023 22:23:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=47947
accept-ranges: bytes
content-length: 4807

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4356620%26time%3D1688561971779%26url%3Dhttps%253A%252F%252Fpayment.farecollection...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ55VBsFHTZEQAAAYkmIvWT...

0
265 B

364ms
207ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ55VBsFHTZEQAAAYkmIvWTiLCTsozSxeHz_dpT84h67hpLoyN9kV_ZmQt9lXvlIQ
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:32 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9EC6E3D017B04FDAA7333FDCFA1BBA28 Ref B: FRAEDGE1712 Ref C: 2023-07-05T12:59:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/vPiUlTrtKxud9q2UDA==

Redirect headers

date: Wed, 05 Jul 2023 12:59:32 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 55159506CEBF438C9AEE2472D3D177D3 Ref B: FRAEDGE1516 Ref C: 2023-07-05T12:59:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=4356620&time=1688561971779&url=https%3A%2F%2Fpayment.farecollection.tech%2F&tm=gtmv2&cookiesTest=true&liSync=true&e_ipv6=AQJ55VBsFHTZEQAAAYkmIvWTiLCTsozSxeHz_dpT84h67hpLoyN9kV_ZmQt9lXvlIQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX/vPiPLXUg8WNDEN+u7g==

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/4356620/domain/payment.farecollection.tech/ 36 B
365 B 280ms
199ms XHR
application/json 2600:9000:20eb:2000:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/4356620/domain/payment.farecollection.tech/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:2000:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://payment.farecollection.tech/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 12:59:32 GMT
content-encoding: gzip
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: VqvVGU1eh5l9ZhQO9gYi7t56hl-xrPnrSDUocw4_z36Uw4F0i9sFsw==

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 55ms
54ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=233182517365050&ev=Microdata&dl=https%3A%2F%2Fpayment.farecollection.tech%2F&rl=&if=false&ts=1688561972684&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Receipt%20Payment%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=2&o=30&fbp=fb.1.1688561971179.718274669&it=1688561971033&coo=false&es=automatic&tm=3&exp=a1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://payment.farecollection.tech/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Jul 2023 12:59:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.farecollection.tech/	1970-01-20 13:04:08	Name: _gid Value: GA1.2.1979759355.1688561971
.farecollection.tech/	1970-01-20 13:02:42	Name: _gat Value: 1
.farecollection.tech/	1970-01-20 15:12:17	Name: _gcl_au Value: 1.1.1040775223.1688561971
.farecollection.tech/	1970-01-20 15:12:17	Name: _rdt_uuid Value: 1688561971172.bc5e288a-7d5b-4f01-b241-a50550ce79a9
.farecollection.tech/	1970-01-20 15:12:17	Name: _fbp Value: fb.1.1688561971179.718274669
.t.co/	1970-01-20 22:38:41	Name: muc_ads Value: a2cbdc0b-9e0a-4b20-8726-42a57ff44b1a
.twitter.com/	1970-01-20 22:38:41	Name: guest_id_marketing Value: v1%3A168856197141267669
.twitter.com/	1970-01-20 22:38:41	Name: guest_id_ads Value: v1%3A168856197141267669
.twitter.com/	1970-01-20 22:38:41	Name: personalization_id Value: "v1_lqHDUYorzry8YeOCqvLnHQ=="
.twitter.com/	1970-01-20 22:38:41	Name: guest_id Value: v1%3A168856197141267669
.farecollection.tech/	1970-01-20 22:38:41	Name: _ga Value: GA1.1.1309295656.1688561971
.farecollection.tech/	1970-01-20 22:38:41	Name: _ga_73N1QWLEMH Value: GS1.1.1688561971.1.0.1688561971.60.0.0
.doubleclick.net/	1970-01-20 22:24:17	Name: IDE Value: AHWqTUkI6S1Nb0oONxqiX6x1-qd8CpUvSBTDfMf1Ds_qvvjc0d4CHfWVFSaiYyH5
.farecollection.tech/	1970-01-20 13:04:08	Name: _uetsid Value: c89039701b3311eea22e0101e35798a8
.farecollection.tech/	1970-01-20 22:24:17	Name: _uetvid Value: c89066301b3311ee99b07d0aff2c1dc1
.bing.com/	1970-01-20 22:24:17	Name: MUID Value: 094B1C409FBA684334A70F059E316981
.linkedin.com/	1970-01-20 15:12:17	Name: li_sugr Value: dc29e29f-8b29-46b8-8cab-f3c82f73c1b5
.linkedin.com/	1970-01-20 21:48:17	Name: bcookie Value: "v=2&c1b1176f-e8da-4724-8dfa-af3276a1798c"
.linkedin.com/	1970-01-20 13:04:08	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3002:u=1:x=1:i=1688561972:t=1688648372:v=2:sig=AQFB-O8Ogho2GEZ86Yh8EvQ-0UwSE7oC"
payment.farecollection.tech/	1970-01-20 13:04:08	Name: ln_or Value: eyI0MzU2NjIwIjoiZCJ9
.linkedin.com/	1970-01-20 13:45:53	Name: UserMatchHistory Value: AQKNG24-ktYb_gAAAYkmIvQAEkXSEw7QMdK9TGgSfuHGxUaVOmukLYhE-bmIpNfEAOWyoFRARyQRbQ
.linkedin.com/	1970-01-20 13:45:53	Name: AnalyticsSyncHistory Value: AQK5nWNy2SLYqAAAAYkmIvQARGmsNbsa30lttBUoyv_Bymkoif_CcggJd4kY_2Dq5VlR-IgPquJAnS1UrAcceQ
.www.linkedin.com/	1970-01-20 21:48:17	Name: bscookie Value: "v=1&2023070512593293468f56-0935-419b-820f-1256159cdaaeAQFSoQ4Me01skL8L-YnwMdeSbetmPZsk"
.linkedin.com/	1970-01-20 17:21:53	Name: li_gc Value: MTswOzE2ODg1NjE5NzI7MjswMjFVmT3pVkZoQWSyF8L/OIbNqXwwEHPN5KGVjcmLDFcagQ==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://payment.farecollection.tech/scripts/toastr/toastr.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://payment.farecollection.tech/scripts/toastr/toastr.min.css Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alb.reddit.com
analytics.twitter.com
bat.bing.com
cdn.linkedin.oribi.io
connect.facebook.net
d2599kud7uucku.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
payment.farecollection.tech
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.analytics.google.com
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
www.redditstatic.com
104.244.42.131
104.244.42.197
108.138.24.183
13.107.42.14
146.75.116.157
151.101.1.140
2001:4860:4802:34::36
2001:4860:4802:36::178
2600:9000:20eb:2000:2:53b2:240:93a1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200a
2a00:1450:4001:828::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c1b::9b
2a02:26f0:780::210:a40a
2a02:4780:a:761:0:395c:f11f:2b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42::396
34.239.234.229
06f51d5c287b3e67aea53635eeb3c71f4dc10cfb1fd621a7eded8ff76ba26fd5
0bfe2fc13f15c598d39360babf7fb0a1cdef22ad6c338d3e846d440a19a7f42f
1f9de41841bd46a0c49f0f317902a44158b3965bddbb199d2cfb24b33a2b711b
228cc698ad80471165b5dc3c831c9f640b8d37d734fff34e93b411470413c791
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
360d75b332b2b73af10d477279275a13a26278441ed3e1ed6d05075747570998
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
4721509f02c0dd27e3cb94adc6eadf2bc03799136897f62fba2ecab919d4b779
47d10f8bd71903511b2eba72db03abad2dab28fe1deb4511c3961285d8c299df
4b1a75cdca8f4a048f485985583dacc2016333c9775949ee3d5b1daff1cb7782
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5f4fd580af5f5e5d438c159f35c89991e0f4c45cf0ca4586d4471112b2a7d10d
66132a83218550e5103c59eb338e57f8a5494f055711916462480f94431c20fb
66faf3356da1f3f10d102120e626892e0e34dbc81eec50dec91be42a47eabfea
66fdb7b887f939db8b7360383d1e3717c4996063da7eb76dd6db405eee288bbc
6747fd15ef355e496c156288c6810414e31ae3fc92433b8d277fb4dd4ba53b0d
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
70dff92fbbc4a05d052b821b5fead9762ed5d4097d356d46318dcac91dba06a4
7377c4a5a783a6e3f4ae27921d239f05c685a70ab919152e776507f5f610b8c8
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
9342dbb6e5cc4629e75910780c33bf45a5362dbb1429d7b9ac65ac08cc0228a1
a24e875654a3de9eb7e8ca5d7e851d22f7a39e8f21de8ec5dec8fd990e0dc8e4
ab618c26a11027f879b5e9a4b28120545ba14270a5da6d33e623f9a2b8b8d38d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5b1287b159385c16a1c72d793cc9ee79af95e86a37d758dbfa4803e596f723d
c0692e7bccdb7fa91633d806f5e93b439d18ffb425d5dd3e45d1c0ae26649957
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f86ba5b6d41d226d44096493a44d44328627b11766d8942aa4e1b6e1941a4b9f

payment.farecollection.tech Open in urlscan Pro 2a02:4780:a:761:0:395c:f11f:2b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

71 %IPv6

21 Domains

25 Subdomains

23 IPs

4 Countries

784 kBTransfer

2446 kBSize

24 Cookies

0 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

payment.farecollection.tech Open in urlscan Pro
2a02:4780:a:761:0:395c:f11f:2b Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

71 %
IPv6

21
Domains

25
Subdomains

23
IPs

4
Countries

784 kB
Transfer

2446 kB
Size

24
Cookies

58 HTTP transactions
0 data transactions