urlscan.io logo urlscan.io
SecurityTrails logo

click-to-pay-app-test-app.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2fc4  Public Scan

Go To Rescan Add Verdict Report
URL: https://click-to-pay-app-test-app.pages.dev/
Submission: On February 08 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 4 domains to perform 25 HTTP transactions. The main IP is 2606:4700:310c::ac42:2fc4, located in United States and belongs to CLOUDFLARENET, US. The main domain is click-to-pay-app-test-app.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on February 8th 2024. Valid for: 3 months.
This is the only time click-to-pay-app-test-app.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:310... 13335 (CLOUDFLAR...)
1 104.18.4.120 13335 (CLOUDFLAR...)
3 104.16.97.27 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
14 192.225.158.132 30286 (THM)
2 192.225.158.1 30286 (THM)
1 192.225.158.3 ()
25 7
3    2606:4700:310c::ac42:2fc4 (United States)

ASN13335 (CLOUDFLARENET, US)
click-to-pay-app-test-app.pages.dev
1    104.18.4.120 (None, )

ASN13335 (CLOUDFLARENET, US)
sandbox-assets.secure.checkout.visa.com
3    104.16.97.27 (None, )

ASN13335 (CLOUDFLARENET, US)
sandbox.secure.checkout.visa.com
1    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    192.225.158.132 (United States)

ASN30286 (THM, US)
thm.visa.com
2    192.225.158.1 (United States)

ASN30286 (THM, US)
h.online-metrix.net
1    192.225.158.3 (None, )

ASN- ()
ay3xz4maqdlhc7liwyhvionxtazn3tazklgk4yby1ba0699a5c8ef866sac.d.aa.online-metrix.net
Domain Requested by
14 thm.visa.com sandbox.secure.checkout.visa.com
thm.visa.com
3 sandbox.secure.checkout.visa.com sandbox-assets.secure.checkout.visa.com
sandbox.secure.checkout.visa.com
3 click-to-pay-app-test-app.pages.dev click-to-pay-app-test-app.pages.dev
2 h.online-metrix.net thm.visa.com
1 ay3xz4maqdlhc7liwyhvionxtazn3tazklgk4yby1ba0699a5c8ef866sac.d.aa.online-metrix.net
1 www.googletagmanager.com sandbox.secure.checkout.visa.com
1 sandbox-assets.secure.checkout.visa.com click-to-pay-app-test-app.pages.dev
25 7

This site contains no links.

Subject Issuer Validity Valid
click-to-pay-app-test-app.pages.dev
GTS CA 1P5		 2024-02-08 -
2024-05-08		 3 months crt.sh
sandbox-assets.secure.checkout.visa.com
Cloudflare Inc ECC CA-3		 2023-07-22 -
2024-07-21		 a year crt.sh
sandbox.secure.checkout.visa.com
Cloudflare Inc RSA CA-2		 2023-04-03 -
2024-04-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
thm.visa.com
SSL.com RSA SSL subCA		 2023-03-22 -
2024-03-21		 a year crt.sh
online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2023-10-20 -
2024-10-21		 a year crt.sh
*.aa.online-metrix.net
Viking Cloud Organization Validation CA, Level 1		 2023-10-20 -
2024-10-21		 a year crt.sh

This page contains 6 frames:

Primary Page: https://click-to-pay-app-test-app.pages.dev/
Frame ID: A3C24BB15428640121ED82D3889FB55B
Requests: 4 HTTP requests in this frame

Frame: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Fclick-to-pay-app-test-app.pages.dev&v2=true
Frame ID: 5DDC20F0AE389DB85364C1EAAD715E8F
Requests: 4 HTTP requests in this frame

Frame: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
Frame ID: 8EE3F55658D13E4B1F162FDCE147EE69
Requests: 11 HTTP requests in this frame

Frame: https://thm.visa.com/fp/ls_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Frame ID: 35835950369755980F06F901C884D5E6
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Frame ID: E91B0E371CA4551070339141EB0295E0
Requests: 2 HTTP requests in this frame

Frame: https://thm.visa.com/fp/top_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Frame ID: 7038CD427FA0EBB5634AE8654704C524
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

React App

Detected technologies

Overall confidence: 100%
Detected patterns
  • secure\.checkout\.visa\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

25
Requests

100 %
HTTPS

29 %
IPv6

4
Domains

7
Subdomains

7
IPs

2
Countries

481 kB
Transfer

2284 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
click-to-pay-app-test-app.pages.dev/ 		644 B
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://click-to-pay-app-test-app.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fc4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a99516e2969fffe38ad3607be229fcbb88e5a8c3e81f760b94e6e97bd2a11d4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-ray
852399cc19034bd2-BUF
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 11:40:57 GMT
etag
W/"e22588283fb617fe2629a5764fcaa47d"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CATcMNyUMMfP2TQ9uDh%2BgBR%2BDt3rYJR0Fqq2bHEkhMUrW%2BMBiN3dbbZbYCQg73ErhhEGvUbbpA72fitgyuGLT%2BkTgmtobQEz%2BUCDR5Wu4IeRjrX2aiHkE6%2BD4AYk9tM1pc2kpfGdHLtzrHEDeIEvp%2Fi7NjqjyncoxnVgF881otIMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
main.5694e02c.js
click-to-pay-app-test-app.pages.dev/static/js/ 		373 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click-to-pay-app-test-app.pages.dev/static/js/main.5694e02c.js
Requested by
Host: click-to-pay-app-test-app.pages.dev
URL: https://click-to-pay-app-test-app.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fc4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48cc5391005f17dfc10900a5e9abf95b7b669ed7c379ef0a3352c4d5c2b48c4e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://click-to-pay-app-test-app.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:40:58 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"960475042757fa82bbe581e854c70246"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=deqoYdvKal8W8BuH6vl9kyG%2FA6xTabfMnlsGfU7wYTH6KeyU8%2FiVSFNgzwd3pw7tLgFwdqhz%2BSzOer5Du%2BrkDUSbBjAPariyWQpRliI28y977cN8EHIDdk79OmFj0tQ8Ccxh08GyfhvGnCEcPlw9x2s5yc%2F%2FdU55kCVyfE%2BDsTiBBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
852399cd196e4bd2-BUF
alt-svc
h3=":443"; ma=86400
main.4efb37a3.css
click-to-pay-app-test-app.pages.dev/static/css/ 		292 B
572 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://click-to-pay-app-test-app.pages.dev/static/css/main.4efb37a3.css
Requested by
Host: click-to-pay-app-test-app.pages.dev
URL: https://click-to-pay-app-test-app.pages.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:310c::ac42:2fc4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6829600d272f729d539037981117b8f0eb89c4044755d6ad32d00ee447e525ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://click-to-pay-app-test-app.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:40:57 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"c086ff4fcbd66d875122a9c0402c09ce"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLXV5WIRJgCJ2rqVRJLqgOVL7Y1AYofH%2FLPmEzc7m%2B7Q37eSS6lAvex%2BtJ4JbpeSR9LQH9gLkMQ39stDH9obXqWVH%2FiWWweZY9kUjPuEMzT%2FhLLFogY4SHvMTS3lOzXj%2B%2BOaElPc0VcDqwwCM%2FF%2F5zZYX3FXc%2BNqLeB3BrG7BhYTVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
cf-ray
852399cd196d4bd2-BUF
alt-svc
h3=":443"; ma=86400
visaSdk.js
sandbox-assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/ 		140 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox-assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js?v2
Requested by
Host: click-to-pay-app-test-app.pages.dev
URL: https://click-to-pay-app-test-app.pages.dev/static/js/main.5694e02c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.4.120 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a4436939a9cf1d4f32a1501e58f13942a865452ef0468fa5c0d0fe9b69ff750
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com sandbox.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com https://connect.facebook.net *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval' sandbox.bc.earlywarning.com bc.earlywarning.com; frame-src data: 'self' *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com h.online-metrix.net *.cardinalcommerce.com *.opendns.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; style-src 'self' *.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com *.secure.checkout.visa.com https://pwm-image.trendmicro.com 'unsafe-inline' sandbox.bc.earlywarning.com bc.earlywarning.com; style-src-elem 'self' https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.secure.checkout.visa.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com *.assets.mastercard.com *.mastercard.com assets.mastercard.com *.secure.checkout.visa.com https://google.com https://cdn.betrad.com *.vmeimages.visa.com l.betrad.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://src.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://sandbox.assets.vims.visa.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://maps.googleapis.com *.googletagmanager.com *.google.com *.assets.vims.visa.com *.twitter.com *.opendns.com h.online-metrix.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://www.facebook.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gp www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat sandbox.bc.earlywarning.com bc.earlywarning.com; connect-src 'self' http://secure.checkout.visa.com *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com code.jquery.com *.googletagmanager.com *.opendns.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com wss://secure.checkout.visa.com *.opendns.com http://secure.checkout.visa.com https://policy.cookiereports.com https://thm.visa.com https://gateway.zscaler.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com *.secure.checkout.visa.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
Strict-Transport-Security max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://click-to-pay-app-test-app.pages.dev/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:40:58 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
x-correlation-id
1_1707392458_741_55_k8l73-7b654879b8-274q_CHECKOUT-WIDGET
content-security-policy
block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com sandbox.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com https://connect.facebook.net *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval' sandbox.bc.earlywarning.com bc.earlywarning.com; frame-src data: 'self' *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com h.online-metrix.net *.cardinalcommerce.com *.opendns.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; style-src 'self' *.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com *.secure.checkout.visa.com https://pwm-image.trendmicro.com 'unsafe-inline' sandbox.bc.earlywarning.com bc.earlywarning.com; style-src-elem 'self' https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.secure.checkout.visa.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com *.assets.mastercard.com *.mastercard.com assets.mastercard.com *.secure.checkout.visa.com https://google.com https://cdn.betrad.com *.vmeimages.visa.com l.betrad.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://src.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://sandbox.assets.vims.visa.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://maps.googleapis.com *.googletagmanager.com *.google.com *.assets.vims.visa.com *.twitter.com *.opendns.com h.online-metrix.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://www.facebook.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gp www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat sandbox.bc.earlywarning.com bc.earlywarning.com; connect-src 'self' http://secure.checkout.visa.com *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com code.jquery.com *.googletagmanager.com *.opendns.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com wss://secure.checkout.visa.com *.opendns.com http://secure.checkout.visa.com https://policy.cookiereports.com https://thm.visa.com https://gateway.zscaler.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com *.secure.checkout.visa.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
content-encoding
br
x-served-by
k8l73-7b654879b8-274q
server
cloudflare
vary
Accept-Encoding
report-to
{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
852399d299033870-YYZ
expires
Thu, 08 Feb 2024 12:40:58 GMT
communicator
sandbox.secure.checkout.visa.com/checkout-widget/ Frame 5DDC 		2 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Fclick-to-pay-app-test-app.pages.dev&v2=true
Requested by
Host: sandbox-assets.secure.checkout.visa.com
URL: https://sandbox-assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js?v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.97.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edfb1728f8880eb7eecfd1bd154eacc2fa1be655b16001802c6953b8d3ebac24
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com sandbox.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com https://connect.facebook.net *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval' sandbox.bc.earlywarning.com bc.earlywarning.com; frame-src data: 'self' *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com h.online-metrix.net *.cardinalcommerce.com *.opendns.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; style-src 'self' *.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com *.secure.checkout.visa.com https://pwm-image.trendmicro.com 'unsafe-inline' sandbox.bc.earlywarning.com bc.earlywarning.com; style-src-elem 'self' https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.secure.checkout.visa.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com *.assets.mastercard.com *.mastercard.com assets.mastercard.com *.secure.checkout.visa.com https://google.com https://cdn.betrad.com *.vmeimages.visa.com l.betrad.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://src.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://sandbox.assets.vims.visa.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://maps.googleapis.com *.googletagmanager.com *.google.com *.assets.vims.visa.com *.twitter.com *.opendns.com h.online-metrix.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://www.facebook.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gp www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat sandbox.bc.earlywarning.com bc.earlywarning.com; connect-src 'self' http://secure.checkout.visa.com *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com code.jquery.com *.googletagmanager.com *.opendns.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com wss://secure.checkout.visa.com *.opendns.com http://secure.checkout.visa.com https://policy.cookiereports.com https://thm.visa.com https://gateway.zscaler.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com *.secure.checkout.visa.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://click-to-pay-app-test-app.pages.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, max-age=604800
cf-cache-status
DYNAMIC
cf-ray
852399d44c58a214-YYZ
content-encoding
br
content-security-policy
block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com sandbox.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com https://connect.facebook.net *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval' sandbox.bc.earlywarning.com bc.earlywarning.com; frame-src data: 'self' *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com h.online-metrix.net *.cardinalcommerce.com *.opendns.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; style-src 'self' *.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com *.secure.checkout.visa.com https://pwm-image.trendmicro.com 'unsafe-inline' sandbox.bc.earlywarning.com bc.earlywarning.com; style-src-elem 'self' https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.secure.checkout.visa.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com *.assets.mastercard.com *.mastercard.com assets.mastercard.com *.secure.checkout.visa.com https://google.com https://cdn.betrad.com *.vmeimages.visa.com l.betrad.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://src.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://sandbox.assets.vims.visa.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://maps.googleapis.com *.googletagmanager.com *.google.com *.assets.vims.visa.com *.twitter.com *.opendns.com h.online-metrix.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://www.facebook.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gp www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat sandbox.bc.earlywarning.com bc.earlywarning.com; connect-src 'self' http://secure.checkout.visa.com *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com code.jquery.com *.googletagmanager.com *.opendns.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com wss://secure.checkout.visa.com *.opendns.com http://secure.checkout.visa.com https://policy.cookiereports.com https://thm.visa.com https://gateway.zscaler.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com *.secure.checkout.visa.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
content-type
text/html;charset=UTF-8
date
Thu, 08 Feb 2024 11:40:59 GMT
report-to
{ "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-correlation-id
2_1707392459_051_40_k8l55-667458b85b6n_CHECKOUT-WIDGET
x-served-by
k8l55-667458b85b6n
gtm.js
www.googletagmanager.com/ Frame 5DDC 		794 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NPJV7W&l=dataLayer
Requested by
Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Fclick-to-pay-app-test-app.pages.dev&v2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8c044950a9a72820eb4fe9b0109267efe9b5e7514dd50339a059e96290a6182b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sandbox.secure.checkout.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:40:59 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88643
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Feb 2024 11:40:59 GMT
vba-3.1.4.min.js
sandbox.secure.checkout.visa.com/checkout-widget/resources/vba/js/ Frame 5DDC 		163 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.secure.checkout.visa.com/checkout-widget/resources/vba/js/vba-3.1.4.min.js
Requested by
Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Fclick-to-pay-app-test-app.pages.dev&v2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.97.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17f06c6c1392a20731840b1b844028b5cbd9e2f9699e33d1e863533812f43a3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Fclick-to-pay-app-test-app.pages.dev&v2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:40:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Fri, 26 Jan 2024 22:36:23 GMT
server
cloudflare
age
330015
etag
W/"65b433e7-28d5e"
vary
Accept-Encoding
content-type
application/javascript
content-encoding
br
cache-control
public, max-age=14400
cf-ray
852399d57d2da214-YYZ
expires
Thu, 08 Feb 2024 15:40:59 GMT
communicator.4d247c40.js
sandbox.secure.checkout.visa.com/checkout-widget/resources/src-system/ Frame 5DDC 		253 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sandbox.secure.checkout.visa.com/checkout-widget/resources/src-system/communicator.4d247c40.js
Requested by
Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Fclick-to-pay-app-test-app.pages.dev&v2=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.97.27 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0678412ec12545b6c43e7168768539e8f4ab621803e748f323810848a97649c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Fclick-to-pay-app-test-app.pages.dev&v2=true
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 11:40:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Wed, 07 Feb 2024 17:04:28 GMT
server
cloudflare
content-encoding
br
etag
W/"65c3b81c-3f508"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
852399d57d2ba214-YYZ
expires
Thu, 08 Feb 2024 15:40:59 GMT
tags
thm.visa.com/fp/ Frame 8EE3 		673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
Requested by
Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/resources/src-system/communicator.4d247c40.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
fdf37af93b5fec6ea3dcafe71476290830b0c5530d3e8908a67b5ba461b1b788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sandbox.secure.checkout.visa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Language
en-US
Content-Length
360
Content-Type
text/html;charset=UTF-8
Date
Thu, 08 Feb 2024 11:41:00 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
P3P
CP=IVAa PSAa
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-UA-Compatible
IE=Edge
X-XSS-Protection
1; mode=block
clear.png
thm.visa.com/fp/ Frame 8EE3 		81 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&ck=0&m=2
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:00 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=99
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4
thm.visa.com/fp/ Frame 8EE3 		273 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
501e346ab9f0514bf45505bc9035aecb02ca053a806a456a15ceaba0d8e91777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 11:41:00 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Transfer-Encoding
chunked
tmx-nonce
1ba0699a5c8ef866
Connection
Keep-Alive, Keep-Alive
X-XSS-Protection
1; mode=block
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-Robots-Tag
noindex, nofollow
Keep-Alive
timeout=2, max=98
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
thm.visa.com/fp/ Frame 8EE3 		81 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&w=1ba0699a5c8ef866&ck=0&m=1
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:00 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
thm.visa.com/fp/ Frame 8EE3 		81 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*, ay3xz4ma/1ba0699a5c8ef866vme_prod_0019sic2
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
Last-Modified
Thu, 08 Feb 2024 11:41:01 GMT
Server
Apache
Etag
81f07a1197fd4a16a3e2a26fc8b5181a
Content-Type
image/png
Cache-Control
private, must-revalidate, max-age=0
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
Content-Length
81
Expires
Tue, 06 Feb 2029 11:41:01 GMT
ls_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4
thm.visa.com/fp/ Frame 3583 		91 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/ls_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
873755539ba1a311f8f350c1a05153011bfc7587f4616aaef3d82058b094cf71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 08 Feb 2024 11:41:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=99
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
thm.visa.com/fp/ Frame 8EE3 		0
388 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&jb=313e2666736337653d3635323e373c64373b38343d333433656f3534333e35386132326e383f30
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
es.js
thm.visa.com/fp/ Frame 8EE3 		134 B
654 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/es.js?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e574d0a99b337912baf76c4809804cad255e3db5f135cd9fe56180f896ffcc58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sid_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4
h.online-metrix.net/fp/ Frame E91B 		103 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
f247fa39d68a3a3c40a3f5ab58b391297621e1cd6047e7f679f89bb4f0cc41b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thm.visa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 08 Feb 2024 11:41:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
top_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4
thm.visa.com/fp/ Frame 7038 		89 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/top_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
39035a0eb8f65ddee9c5332b422bbae5e1810a9bd3e1df7de0cf8497de41bbea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Thu, 08 Feb 2024 11:41:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive
timeout=2, max=96
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=31536000
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
noindex, nofollow
X-XSS-Protection
1; mode=block
clear.png
thm.visa.com/fp/ Frame 8EE3 		0
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&ja=3331323b2624693d273630302e783532246435313c303272313830302669643533343238783b32323a267978793d387a382466727a3d3b2c333c303a2c3132383224333432382c3b32323a2c3930302c3937382e333438302631303a3026302c302e6f7c3f633a30326b62616e633d3764646e666e3b676330343b31363d303c6239613f632e6f6c3f3c2679636637323e266c68356a7c7672712d334b25304c2538467468652c7e6b71632663656d2738466c7025324e76696571273b4665726555696e253344697b3b7a783665612f323479657973696f665d616627314c7667655d7a7265645f30383331716b613a267a6c3f39267a683d3730643a3a63633e626966606f313b3362373b3a3f6367326c3368646038643e26686835356d6636363f313d62633a663a66363039636a35373731646f35673c63383235266271673f556b66646577712f323a31312662716a3f416a7a6f67652738303b323126627167773f55616e6e6f75792660736275354160706d6f6d2664686137342c6e646d353a2e6c6f76783d3a26767064375061636164616127304e48656e6d66756675266d697660703f3638303964336932686563303a673e6161373e303a38306b643b35353438336e66363730383b34336e366f6161323c666b3b36636e626e373039313931393669246c703f6a7c747a732739412f3246253a447b636c666a6f722e716f637f72652e6b6a6d61696d7d7424766b796124636f6d2d304e24723f786c7f676b645f6c6c617360273d47646364736f217266756d696e5f7f6b66666d757b5f676566636155706c6171677a2737476e616673672b7066756769665d69666d606d5f6b637065626b7425354d64696e71672970667565636e557175696b697c6b6f672d354f666366736f21706c7d65616c5d71606f696b756b766f2535456e6364716723786c7f676b645f7865616c786e697b67702d354f666366736f21706c7d65616c5d74646355706e6b796f7225354d64696e71672970667565636e55646576696e7e7027374d666b6c716f217a6c7567616c5771746557766365756f722f354566696e7b67237264756d696c556a6b7661253d476e636e716d266d6c5d693d7d65626764556d60454e2d323a312c3a253830284f786766454e273a304f53273830382e30253a324b6a706d65697f6d2b5d6568474c253a324f4e514e2d323a45512f323a312e302d30382a4d726d6e4d4c2738304f532532384544514e273a304f532738303b2e30253a324b6a706d65697f6d2b5d65684b69745f676a496b762d323a5767684746414e474447576b6c717c616463676e5f6b72726171712d3140273a304f5856556266656e64576f616c6f63702539422738304f58545f6b6d646d705d6a756c6667785f62616c665764646d63762d334825303a4552545f646d727c6a5d61646167702739422f323045505657646e6d697455626e6f6e6e2533422d3038475a56576678616555646f7074682d314a2730324d585e5f7162616e65725f7c67707677706d5f666f662f33482532304d5a5c5d766770747f72675563656d70726d717b6b6d6c57627a74612f33482532304d5a5c5d766770747f72675563656d70726d717b6b6d6c57726d74612f33482532304d5a5c5d766770747f72675566636c74657a5d696c6b716774786f7263632f3342253a324d5a565d7b524d422739422f32304f4d5157676e67656564745d636e6e65785f7d6b667627314a2538304d4f535566626f57706d6c66677a5f67697267617a2533422d30384d475157737e616c6e6178645f646d706174637661766f732739422f32304f4d515776677a7c7578655d6c6c656174253b402d30324d4d5355746772747f72655f6e6e6763765d6469646563782539422532384d4d515d766d787e75706f5f62616c665764646d63762d334825303a4f4f535f746d7a7c77706757686b6c645566666f6174576e616c67637a2539422738304545535f7e677a76677a5761787263735f65626a656b762d3140273a305d45404d4c55636f6c6770576077646e65785f64666f6b7425334a273a3255474a47465f61656d7a7265737b676c5d766770747f72675561797463253b402d3032554d424d4c5d696f677072657b716d665d766d787e75706f5f6f7463253b402d3032554d424d4c5d696f677072657b716d665d766d787e75706f5f6f7463312d314a2730325f4548474e5563656d70726d717b67665d7c657274777865557333746b273b40273038574f4245465f696f6d707a677b71676657746f78767f726f5f73337c61577170656a2539422738305d454247445d6c6760776f5f78656c6e657865725f616c6e6d27314a253830554f424d4c5f646d727c6a5d766d787e75706f253942253238554d40454e576478617555627f6666657a712d3140273a305d45404d4c556c6f736d5d6b6d6c766d787e25314825383057454a45445d6f776474635f6678617d2533422d30385547404f4c55706d66796d6f6e5f656d6c6733342e67665f6a37343f37633938353864336338656e30633e356f3164346d6131663b6430633a63613e626964626131247f656e74354964746766253830496e6b2c2e75656e7a3d436e766f6c2f3230497a6b7b27303247706f6e4546253830456e6f6b666724616b643731&jb=333d352c6c73374d657a696c64632d30443726302f32322257636e646f7f712d30324c5c253830333a2e3a2533422d3038556b6c3e342f33402f323a78363421273a324372786c6f5767684b637425324e373b352c313e2538302a41485e4d4c253a412d30326e616b6f25303a476f636b6f21273a32416a7a6f67652738463b32312e382c3e33343526313939273830596166617a6b2d3044373b37243334
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=2, max=95
Content-Type
text/javascript;charset=UTF-8
clear.png
ay3xz4maqdlhc7liwyhvionxtazn3tazklgk4yby1ba0699a5c8ef866sac.d.aa.online-metrix.net/fp/ Frame 8EE3 		81 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ay3xz4maqdlhc7liwyhvionxtazn3tazklgk4yby1ba0699a5c8ef866sac.d.aa.online-metrix.net/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&di=yes
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.3 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:02 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
81
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4
thm.visa.com/fp/ Frame 8EE3 		0
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thm.visa.com/fp/clear1.png;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&jf=3639362c736b6e5f786e643d7c667a5d5b5b4150647847635a7a76757679525824716b6c5f6e61766f3d3b3730373b3b3a3634332e7363645d7e797a653d776d60326761667b612c736b6e5f6165793d3b323d3b313239333a36323d326b38363430616d3166323a303b30343a38386138363c3a6b67316638333a31323d303934323038323c3330316e626b323a3b356b3130613c3b3c3a37353f313965676e333f3162626c35303b67306b396f32373f633b63363631316a63333669653d66613e306c653235303a6d3332366e353e63373e343f3564636b356d3633333b343e336039636f6631376c34693763673d653b36633e303a6139396a343a61343738356e38363d267969645f7b6b6f3f31323c353a32303b303a38313169353936303330396838363b363d3464623e373f37636630343b62636f65323535313a333b64326031626f336369613a3438333c356a6764646a373c373238323a3136616b36303761603d393d30316b37693731306d353e37663b31616863603a373c64336438613c3a37316a356e32306c323a3739306c323b3735336a383f302479696c723d30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=100
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
thm.visa.com/fp/ Frame 3583 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&jf=313e2666736037653d3635323e373c64373b38343d333433656f3534333e35386132326e383f30
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/ls_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/ls_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
es.js
thm.visa.com/fp/ Frame 3583 		134 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/es.js?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&fr
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/ls_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
86e6a6b8a6a92c04e5099b6dbf1413ef8177a8d51f69721a924f4cb3e9f4c88d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/ls_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=98
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear1.png;CIS3SID=F2E7606585CB800DA35658FA94423236
h.online-metrix.net/fp/ Frame E91B 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.online-metrix.net/fp/clear1.png;CIS3SID=F2E7606585CB800DA35658FA94423236?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&jf=3639362c736b6e5f786e643d7c667a5d77365a5148546d43505c326a785e3a3c24716b6c5f6e61766f3d3b3730373b3b3a3634332e7363645d7e797a653d776d60326761667b612c736b6e5f6165793d3b323d3b313239333a36323d326b38363430616d3166323a303b30343a38386138363c3a6b67316638333a31323d303934323038323c37643438303937373962383164646b373f3631673a663d35643e336b3663383c323d6664616a346b62613261696438313f373c33303b3f623f66673f373f6436646c613d64303a30373c363133313a6533376d3a3a6436346d613d356039313a3730633e326d663b323a323c66303b373a3263626d36303636673b353f353b3e267969645f7b6b6f3f31323c353a32303a33333333366a36396330616c306838373f313e3039346d346d6760343f626861673e356966643630363d3a616730326c303a33323839316430323030353a38633a32303b303a6133636b346e33303b6b6468376068353e3261616c346b3666673f6439346069666e6530353e31306364336b396b38333c66693332663a676d6330636d6168622479696c723d31
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.1 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
image/png;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive, Keep-Alive
Keep-Alive
timeout=2, max=99
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT
clear.png
thm.visa.com/fp/ Frame 8EE3 		0
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866&jac=1&je=373a382c26756f693739362e312c3a363b2c3c352c706f376e652662617c717c3f27354a2538326e6f766f6c25323a273b43332c38302f32412f32387374617c777b2730302d334b2530386362617267616c6f2730302d374e26637f64623d63613f60316734673e383b63616b633c6632613f61393b303b3b3639343468356933313731346a36663a6c643e38343a30393866653c64383164616c383e353b2c6572333d6339316b3667323d396f38336e303d3766336e666a32663a30376b393a3e346b3862656b316b3160247d61623d273d422f3232617a61606b76676b747f72672f32382533412d303a2730302d32492530386263746e657b712d3030273b412f32302f32382532432d303a60706366647925303825394125354a273d4627304b253832647f6c665665727b6b676c4e6b7b742f32302f334b2535422d374c2730412d32386d6d6869666525323a273b43646364736f2530492538326d6f6c67642730302d334b25303825383225324b273a30726e69746c6f7067253832253349273a3027303a2538432738327a6c61746e6d7a6f54677a73636f6c2f32382533412d303a2730302d324925303877657736342d303a2731436e616673672f374e267561643f2d3540273a326872636464792532322d31492737402d354e2530492538326d6f6a6b646727303a253941646b6c796525324b273a30726e69746c6f7067253832253349273a3027303a253d44
Requested by
Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=BADA1BCCE18FC53C2571C5ED691629D4?org_id=ay3xz4ma&session_id=vme_prod_0019sic2&nonce=1ba0699a5c8ef866
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.225.158.132 , United States, ASN30286 (THM, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_0019sic2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 11:41:01 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Server
Apache
Content-Type
text/javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=2, max=97
X-XSS-Protection
1; mode=block
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkclick_to_pay_app string| __reactRouterVersion object| __post_robot_10_0_46__ object| VISA_SDK object| vAdapters

4 Cookies

Domain/Path Name / Value
.sandbox-assets.secure.checkout.visa.com/ Name: __cfruid
Value: b4b5d49ac5fd2a08cefdf6d8c9e63e814373658c-1707392458
.sandbox.secure.checkout.visa.com/ Name: __cfruid
Value: c2c1ab171ac1af7698fcfc23407d73b13c035a8c-1707392459
thm.visa.com/ Name: thx_guid
Value: 3b45bc3bef76b9f7e9101b5189d9db31
thm.visa.com/ Name: tmx_guid
Value: AAxFCDt8LbNGD00m7pmiyLlKmsU0bwDS1Y-TSMwlRrowJflMI72s9ekn-Yy79kXT0bCX8F7fPFPIJZSy7teBJr6rPQsPIA

32 Console Messages

Source Level URL
Text
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://click-to-pay-app-test-app.pages.dev/payment-page
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ay3xz4maqdlhc7liwyhvionxtazn3tazklgk4yby1ba0699a5c8ef866sac.d.aa.online-metrix.net
click-to-pay-app-test-app.pages.dev
h.online-metrix.net
sandbox-assets.secure.checkout.visa.com
sandbox.secure.checkout.visa.com
thm.visa.com
www.googletagmanager.com
104.16.97.27
104.18.4.120
192.225.158.1
192.225.158.132
192.225.158.3
2606:4700:310c::ac42:2fc4
2607:f8b0:4006:821::2008
0678412ec12545b6c43e7168768539e8f4ab621803e748f323810848a97649c4
17f06c6c1392a20731840b1b844028b5cbd9e2f9699e33d1e863533812f43a3a
39035a0eb8f65ddee9c5332b422bbae5e1810a9bd3e1df7de0cf8497de41bbea
48cc5391005f17dfc10900a5e9abf95b7b669ed7c379ef0a3352c4d5c2b48c4e
501e346ab9f0514bf45505bc9035aecb02ca053a806a456a15ceaba0d8e91777
5a99516e2969fffe38ad3607be229fcbb88e5a8c3e81f760b94e6e97bd2a11d4
6829600d272f729d539037981117b8f0eb89c4044755d6ad32d00ee447e525ec
6a4436939a9cf1d4f32a1501e58f13942a865452ef0468fa5c0d0fe9b69ff750
86e6a6b8a6a92c04e5099b6dbf1413ef8177a8d51f69721a924f4cb3e9f4c88d
873755539ba1a311f8f350c1a05153011bfc7587f4616aaef3d82058b094cf71
8c044950a9a72820eb4fe9b0109267efe9b5e7514dd50339a059e96290a6182b
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e574d0a99b337912baf76c4809804cad255e3db5f135cd9fe56180f896ffcc58
edfb1728f8880eb7eecfd1bd154eacc2fa1be655b16001802c6953b8d3ebac24
f247fa39d68a3a3c40a3f5ab58b391297621e1cd6047e7f679f89bb4f0cc41b3
fdf37af93b5fec6ea3dcafe71476290830b0c5530d3e8908a67b5ba461b1b788