HTTP/2 301
server: nginx
date: Fri, 26 Dec 2025 06:26:02 GMT
content-type: text/html; charset=utf-8
location: https://pay.woo.com/
strict-transport-security: max-age=31536000
vary: Cookie
x-ac: 2.bom _dca MISS
alt-svc: h3=":443"; ma=86400
server-timing: a8c-cdn, dc;desc=bom, cache;desc=MISS;dur=238.0
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 26 Dec 2025 06:26:02 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://pay.woo.com/
Alt-Svc: h3=":443"; ma=86400
Server-Timing: a8c-cdn, dc;desc=bom, cache;desc=BYPASS;dur=0.0
HTTP/2 301
server: nginx
date: Fri, 26 Dec 2025 06:26:03 GMT
content-type: text/html; charset=UTF-8
location: https://woocommerce.com/woopay/
strict-transport-security: max-age=31536000
x-hacker: Want root? Visit join.a8c.com/hacker and mention this header.
host-header: WordPress.com
vary: accept, content-type, cookie
x-frame-options: DENY
content-security-policy: upgrade-insecure-requests; default-src 'none';connect-src 'self' https://*.ingest.sentry.io https://maps.googleapis.com https://public-api.wordpress.com https://*.sentry.io https://*.typeform.com;font-src 'self' data: https://woopay.wordpress.com https://fonts.gstatic.com https://use.typekit.net https://wordpress.com https://*.wordpress.com https://*.wp.com;frame-src 'self' https://js.stripe.com https://*.wordpress.com https://*.typeform.com;img-src 'self' about: blob: data: *;script-src 'self' 'unsafe-eval' 'unsafe-inline' https://woopay.wordpress.com https://js.stripe.com https://*.gravatar.com https://*.sift.com https://use.typekit.net https://*.wordpress.com https://*.wp.com https://maps.googleapis.com https://embed.typeform.com;style-src 'self' 'unsafe-inline' https://woopay.wordpress.com https://fonts.googleapis.com https://gmpg.org https://*.gravatar.com https://wordpress.com https://*.wordpress.com https://*.wp.com;manifest-src 'self' https://pay.woo.com;
x-content-security-policy: upgrade-insecure-requests; default-src 'none';connect-src 'self' https://*.ingest.sentry.io https://maps.googleapis.com https://public-api.wordpress.com https://*.sentry.io https://*.typeform.com;font-src 'self' data: https://woopay.wordpress.com https://fonts.gstatic.com https://use.typekit.net https://wordpress.com https://*.wordpress.com https://*.wp.com;frame-src 'self' https://js.stripe.com https://*.wordpress.com https://*.typeform.com;img-src 'self' about: blob: data: *;script-src 'self' 'unsafe-eval' 'unsafe-inline' https://woopay.wordpress.com https://js.stripe.com https://*.gravatar.com https://*.sift.com https://use.typekit.net https://*.wordpress.com https://*.wp.com https://maps.googleapis.com https://embed.typeform.com;style-src 'self' 'unsafe-inline' https://woopay.wordpress.com https://fonts.googleapis.com https://gmpg.org https://*.gravatar.com https://wordpress.com https://*.wordpress.com https://*.wp.com;manifest-src 'self' https://pay.woo.com;
x-redirect-by: WordPress
x-ac: 2.bom _dfw MISS
alt-svc: h3=":443"; ma=86400
server-timing: a8c-cdn, dc;desc=bom, cache;desc=MISS;dur=489.0
HTTP/2 200
server: nginx
date: Fri, 26 Dec 2025 06:26:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-hacker: If you're reading this, you should visit https://join.a8c.com/viphacker and apply to join the fun, mention this header.
x-powered-by: WordPress VIP
host-header: a9130478a60e5f9135f765b23f26593b
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-security-policy: upgrade-insecure-requests
link: ; rel="alternate"; title="JSON"; type="application/json"
link: ; rel=shortlink
content-encoding: gzip
x-rq: bom4 0 40 9980
accept-ranges: bytes
cache-control: max-age=300, must-revalidate
x-cache: EXPIRED
strict-transport-security: max-age=31536000
WooPay by WooCommerce
Skip to navigation
Skip to content
