payment.airasia.com Open in urlscan Pro
163.181.92.185 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payment.airasia.com/
Submission: On March 28 via manual (March 28th 2024, 11:18:22 am UTC) from PT — Scanned from PT

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 4 countries across 3 domains to perform 36 HTTP transactions. The main IP is 163.181.92.185, located in Frankfurt am Main, Germany and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is payment.airasia.com. The Cisco Umbrella rank of the primary domain is 412716.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on January 30th 2024. Valid for: a year.

This is the only time payment.airasia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	163.181.92.185 163.181.92.185	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	163.181.157.117 163.181.157.117	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	104.18.23.98 104.18.23.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	47.246.46.243 47.246.46.243	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	104.18.24.16 104.18.24.16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	6

19 163.181.92.185 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

payment.airasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 163.181.157.117 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

static.airasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.23.98 (None, )

ASN13335 (CLOUDFLARENET, US)

sso-widget.airasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.46.243 (Milan, Italy)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

a.staticaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.16 (None, )

ASN13335 (CLOUDFLARENET, US)

ssor.airasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	airasia.com payment.airasia.com — Cisco Umbrella Rank: 412716 static.airasia.com — Cisco Umbrella Rank: 102101 sso-widget.airasia.com — Cisco Umbrella Rank: 176196 ssor.airasia.com — Cisco Umbrella Rank: 122440	2 MB
1	staticaa.com a.staticaa.com — Cisco Umbrella Rank: 209757	7 KB
0	apiairasia.com Failed payment.apiairasia.com Failed
36	3

	Domain	Requested by
19	payment.airasia.com	payment.airasia.com
6	sso-widget.airasia.com	payment.airasia.com sso-widget.airasia.com
6	static.airasia.com	payment.airasia.com static.airasia.com
1	ssor.airasia.com	payment.airasia.com
1	a.staticaa.com
0	payment.apiairasia.com Failed	payment.airasia.com
36	6

This site contains no links.

Subject Issuer	Validity	Valid
payment.airasia.com GlobalSign RSA OV SSL CA 2018	`2024-01-30` - `2025-03-02`	a year	crt.sh
static.airasia.com GlobalSign RSA OV SSL CA 2018	`2024-02-08` - `2025-03-11`	a year	crt.sh
sso-widget.airasia.com Cloudflare Inc ECC CA-3	`2023-09-06` - `2024-09-04`	a year	crt.sh
a.staticaa.com GlobalSign RSA OV SSL CA 2018	`2023-06-07` - `2024-07-08`	a year	crt.sh
ssor.airasia.com GlobalSign RSA OV SSL CA 2018	`2023-07-25` - `2024-08-25`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://payment.airasia.com/
Frame ID: 2A1DDAE640FFDDB47AB4BA5EF3AA0798
Requests: 31 HTTP requests in this frame

Frame: https://sso-widget.airasia.com/hub/index.html
Frame ID: E252D68399462D8A7C4E05CA20B3885E
Requests: 2 HTTP requests in this frame

Frame: https://sso-widget.airasia.com/hub/index.html
Frame ID: 81B74A7F592FC6F27C7530B42F4BDF6A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Review Details And Pay | AirAsia

Page Statistics

36
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

6
IPs

4
Countries

2089 kB
Transfer

6402 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payment.airasia.com/ 4 KB
2 KB 294ms
90ms Document
text/html 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

06d00a6274cd0809e39677b3ac3db772819d66cf23e670fa3f7f2a5f61aff2ee

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: pt-PT,pt;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 213
ali-swift-global-savetime: 1711624483
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-store
content-encoding: br
content-security-policy: "default-src 'self'"
content-type: text/html
date: Thu, 28 Mar 2024 11:14:43 GMT
eagleid: a3b55ca117116246966036699e
etag: W/"341bf4165d44dd4d69ebba6b50f17711"
expires: Thu, 28 Mar 2024 12:14:43 GMT
last-modified: Thu, 28 Mar 2024 01:29:57 GMT
pragma: no-cache
server: Tengine
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: cache21.l2de2[0,0,304-0,H], cache4.l2de2[1,0], ens-cache15.de5[0,0,200-0,H], ens-cache13.de5[0,0]
x-cache: HIT TCP_MEM_HIT dirn:12:138713292
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-goog-generation: 1711589397041376
x-goog-hash: crc32c=hHd73g== md5=NBv0Fl1E3U1p67prUPF3EQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4441
x-guploader-uploadid: ABPtcPrB-u5IJz_MuF-dKSfR_2vYvNwO04R6KguujjysiVZAb8hk6ynmdQsPvOo78mP5kOlyPlNe8YW4cQ
x-swift-cachetime: 3444
x-swift-savetime: Thu, 28 Mar 2024 11:17:19 GMT
x-xss-protection: 1; mode=block

GET
H2 200 healthcheck.js Show response
payment.airasia.com/assets/js/ 1 KB
1 KB 112ms
110ms Script
application/javascript 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/assets/js/healthcheck.js

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

1edfc6d8f2c62742c4cdbd0e82c6784efc830b0fbb25e991ed81c755257d31e9

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:15 GMT
via: cache20.l2de2[0,0,304-0,H], cache12.l2de2[0,0], ens-cache7.de5[0,0,200-0,H], ens-cache13.de5[3,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13621
x-swift-cachetime: 21594
x-guploader-uploadid: ABPtcPp9v08AubFHwCyKK_1eKvFvsXzDJxQHKL8I5WK4jeILlWd1L8zBGLORNDchnW9EOAdLV2YPqL5vDg
x-cache: HIT TCP_MEM_HIT dirn:12:275363076
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 24 Aug 2023 23:33:54 GMT
server: Tengine
etag: W/"d9eccd0cb2387463ea438f0411056148"
vary: Accept-Encoding
x-goog-generation: 1692920034340348
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=NI6H8g==, md5=2ezNDLI4dGPqQ48EEQVhSA==
cache-control: no-store
ali-swift-global-savetime: 1711611075
x-goog-stored-content-length: 1209
timing-allow-origin: *
eagleid: a3b55ca117116246967007337e
expires: Thu, 28 Mar 2024 07:36:49 GMT

GET
H2 200 google-material.css
static.airasia.com/payments/fonts/google/ 585 B
1 KB 390ms
94ms Stylesheet
text/css 163.181.157.117
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airasia.com/payments/fonts/google/google-material.css?v=1.108.0
Requested by: Host: payment.airasia.com
URL: https://payment.airasia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.157.117 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 6d69389f12ffa622a45eb36e0823413801e4349fdedfe16e07c6dfc5191bc6ab

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 01:31:15 GMT
via: cache16.l2de2[0,0,200-0,H], cache19.l2de2[0,0], ens-cache2.de7[0,0,200-0,H], ens-cache3.de7[1,0]
age: 35222
x-swift-cachetime: 604541
x-guploader-uploadid: ABPtcPphI2eQC9d6w-7lLnKcMIatC3L8XtMLPYyw0E_meNgGvVyezSjh-lBlH9RuqD3_Bjjqs8g
x-cache: HIT TCP_MEM_HIT dirn:13:713995618
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 01:35:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 585
last-modified: Tue, 14 Feb 2023 09:51:04 GMT
server: Tengine
etag: "f5be2171a87d345e083baa32dc3444d5"
x-goog-generation: 1676368264185907
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=YAimFA==, md5=9b4hcah9NF4IO6oy3DRE1Q==
access-control-expose-headers: *
cache-control: public, max-age=3600
ali-swift-global-savetime: 1711589475
x-goog-stored-content-length: 585
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b5839717116246970045935e
expires: Thu, 28 Mar 2024 02:31:15 GMT

GET
H2 200 styles.1b4f4e16e28dc416e48b.css
payment.airasia.com/ 230 KB
47 KB 103ms
102ms Stylesheet
text/css 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/styles.1b4f4e16e28dc416e48b.css?v=1.108.0

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

d983497ef0dc8f7d183ac7916c0f0252f531655ce10ab619b95910de7aca47ee

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:15 GMT
via: cache20.l2de2[0,0,304-0,H], cache21.l2de2[1,0], ens-cache6.de5[0,0,200-0,H], ens-cache13.de5[3,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13621
x-swift-cachetime: 21594
x-guploader-uploadid: ABPtcPpZQ8SZbUbBchhUpLP58peWfUX1Doxu-VycY3Qpx88Mge6S0xg3l-aTpUwxMEMIYLs8Le0
x-cache: HIT TCP_MEM_HIT dirn:13:53414627
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Mar 2024 01:29:55 GMT
server: Tengine
etag: W/"a90113962c97298a7847592e5ed39c0d"
vary: Accept-Encoding
x-goog-generation: 1711589395857176
content-type: text/css
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=vioL0g==, md5=qQETliyXKYp4R1kuXtOcDQ==
cache-control: no-store
ali-swift-global-savetime: 1711611075
x-goog-stored-content-length: 235633
timing-allow-origin: *
eagleid: a3b55ca117116246967007332e
expires: Thu, 28 Mar 2024 07:51:53 GMT

GET
H2 200 runtime-es2015.d94b587f84deb3bf2973.js Show response
payment.airasia.com/ 2 KB
2 KB 135ms
134ms Script
application/javascript 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/runtime-es2015.d94b587f84deb3bf2973.js?v=1.108.0

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

1975113de140de9877b2eb3a2908749a7fd6556f32b169e5d0a412c2ddf27991

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
Origin: https://payment.airasia.com
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:15 GMT
via: cache11.l2de2[0,0,304-0,H], cache10.l2de2[2,0], ens-cache4.de5[0,0,200-0,H], ens-cache13.de5[4,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13621
x-swift-cachetime: 21594
x-guploader-uploadid: ABPtcPpB2VB9OA_EzZewsCxu7sYODAn8i5LZZ5RDDbuWi5yj_mOwzkNvsWFoAywhw5jIAVCJAPM
x-cache: HIT TCP_MEM_HIT dirn:12:733192200
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Mar 2024 01:29:55 GMT
server: Tengine
etag: W/"d9568d86ad88007663a4317438626e8a"
vary: Accept-Encoding
x-goog-generation: 1711589395746846
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=K9gAPA==, md5=2VaNhq2IAHZjpDF0OGJuig==
cache-control: no-store
ali-swift-global-savetime: 1711611075
x-goog-stored-content-length: 2390
timing-allow-origin: *
eagleid: a3b55ca117116246967017344e
expires: Thu, 28 Mar 2024 07:46:08 GMT

GET
H2 200 polyfills-es2015.5fe048c4e8533949729b.js Show response
payment.airasia.com/ 36 KB
15 KB 382ms
382ms Script
application/javascript 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/polyfills-es2015.5fe048c4e8533949729b.js?v=1.108.0

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

dfb0bc619dfe6dc4e039775e76514b589c504e55eb51caf87aa99ca3d69c2754

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
Origin: https://payment.airasia.com
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:15 GMT
via: cache11.l2de2[0,0,304-0,H], cache15.l2de2[1,0], ens-cache6.de5[0,0,200-0,H], ens-cache13.de5[18,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13621
x-swift-cachetime: 21594
x-guploader-uploadid: ABPtcPqv73gPeW1-aABMVEM0n1v9DuJhd06yWruW5z-2jZH66T-E1O0dK9HmWMYnI6jPm9ziasYN7TUMsg
x-cache: HIT TCP_MEM_HIT dirn:13:53479448
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Mar 2024 01:29:55 GMT
server: Tengine
etag: W/"d7b59227be5b63f9d6ce9e85161185b8"
vary: Accept-Encoding
x-goog-generation: 1711589395701190
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=Z64Hvw==, md5=17WSJ75bY/nWzp6FFhGFuA==
cache-control: no-store
ali-swift-global-savetime: 1711611075
x-goog-stored-content-length: 37274
timing-allow-origin: *
eagleid: a3b55ca117116246967017347e
expires: Thu, 28 Mar 2024 07:47:05 GMT

GET
H2 200 scripts.b5bcc278f2c6fe5a85db.js Show response
payment.airasia.com/ 376 KB
149 KB 270ms
269ms Script
application/javascript 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/scripts.b5bcc278f2c6fe5a85db.js?v=1.108.0

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

1cdac9a90799eb6607dec033d3ca00752e290836852f1944199339c30dfb0a9e

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:16 GMT
via: cache26.l2de2[0,0,304-0,H], cache26.l2de2[0,0], ens-cache4.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13620
x-swift-cachetime: 21594
x-guploader-uploadid: ABPtcPqtd2NheCtZa4Itw8ZOfcJbg2Sguilz7gB-SQtrtd1Yf8p6wbnZNx_33Vr6NB0gWgrphIs
x-cache: HIT TCP_MEM_HIT dirn:12:733195119
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Mar 2024 01:29:55 GMT
server: Tengine
etag: W/"0c689b1b6145febc44c22ab10f42b826"
vary: Accept-Encoding
x-goog-generation: 1711589395828325
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=HwhK8Q==, md5=DGibG2FF/rxEwiqxD0K4Jg==
cache-control: no-store
ali-swift-global-savetime: 1711611076
x-goog-stored-content-length: 384579
timing-allow-origin: *
eagleid: a3b55ca117116246968108082e
expires: Thu, 28 Mar 2024 07:55:33 GMT

GET
H2 200 main-es2015.cb6b3b9689df61ab5268.js Show response
payment.airasia.com/ 2 MB
825 KB 196ms
195ms Script
application/javascript 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/main-es2015.cb6b3b9689df61ab5268.js?v=1.108.0

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

67be976f45f239ab3f0355ec84dcbe07212e3702d53bbf7767348ff77ca5da6c

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
Origin: https://payment.airasia.com
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:15 GMT
via: cache25.l2de2[0,0,304-0,H], cache20.l2de2[0,0], ens-cache8.de5[0,1,200-0,H], ens-cache13.de5[4,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13621
x-swift-cachetime: 21594
x-guploader-uploadid: ABPtcPrC2H-Dg3sZPVf3B3Kv6BqS9YiEAbQBKPo5KHMYos4Cgy8DDMUgh75kVfdV5t13COubD_g
x-cache: HIT TCP_HIT dirn:13:177034734
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Mar 2024 01:29:55 GMT
server: Tengine
etag: W/"955fad68159791473e5a10142aff45d1"
vary: Accept-Encoding
x-goog-generation: 1711589395826598
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=kiaQJg==, md5=lV+taBWXkUc+WhAUKv9F0Q==
cache-control: no-store
ali-swift-global-savetime: 1711611075
x-goog-stored-content-length: 2466367
timing-allow-origin: *
eagleid: a3b55ca117116246967027352e
expires: Thu, 28 Mar 2024 08:31:15 GMT

GET
H2 200 Roboto-Regular.woff2
payment.airasia.com/assets/fonts/roboto/ 9 KB
10 KB 147ms
146ms Font
application/octet-stream 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/assets/fonts/roboto/Roboto-Regular.woff2

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/styles.1b4f4e16e28dc416e48b.css?v=1.108.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

91556aa2032c8b0ac89b60bb94f334647b285188bebed5147ff6db0b9523c189

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/styles.1b4f4e16e28dc416e48b.css?v=1.108.0
Origin: https://payment.airasia.com
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:22 GMT
via: cache9.l2de2[193,193,304-0,M], cache8.l2de2[195,0], ens-cache2.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13615
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPryo9W_eE7j3ESE314X3gWEpILlChxcxNLHOp27l-1fAfI3RqPK0K-2fVENlnC80tYwfYXf8z9_VT832-YJeGjD
x-cache: HIT TCP_MEM_HIT dirn:12:888018995
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9604
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 06 Sep 2023 07:03:52 GMT
server: Tengine
etag: "c0ee79829f5310b8b19bc85407ba4776"
x-frame-options: SAMEORIGIN
x-goog-generation: 1692920035371375
content-type: application/octet-stream
x-goog-hash: crc32c=ERmG3w==, md5=wO55gp9TELixm8hUB7pHdg==
cache-control: no-store
ali-swift-global-savetime: 1711611082
x-goog-stored-content-length: 9604
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b55ca117116246970982132e
expires: Thu, 28 Mar 2024 08:12:16 GMT

GET
H2 200 locale-en-gb.json Show response
static.airasia.com/payments/translations/flights/ 78 KB
24 KB 391ms
195ms XHR
application/json 163.181.157.117
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airasia.com/payments/translations/flights/locale-en-gb.json
Requested by: Host: payment.airasia.com
URL: https://payment.airasia.com/polyfills-es2015.5fe048c4e8533949729b.js?v=1.108.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.157.117 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: bdfecac0d5ebadeaaab054f04a61209a96ca0e4677a37eae774dffbe978b231c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 10:45:29 GMT
via: cache2.l2de2[0,0,304-0,H], cache20.l2de2[4,0], ens-cache11.de7[5,5,200-0,H], ens-cache11.de7[7,0]
content-encoding: br
age: 69
x-swift-cachetime: 231
x-guploader-uploadid: ABPtcPpnfUar0pq_DxgiMgrFau9rMjUfkuOYUkbych14O6E_IitqqujZpRGCp0fdfZDZqonRfs0
x-cache: HIT TCP_REFRESH_HIT dirn:13:325968183
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 11:18:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 27 Mar 2024 11:58:13 GMT
server: Tengine
etag: W/"ef4fcbb8a58ea1c047c1467d332de2d8"
vary: Accept-Encoding
x-goog-generation: 1711540693912942
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=4f1TZQ==, md5=70/LuKWOocBHwUZ9My3i2A==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
ali-swift-global-savetime: 1711624628
x-goog-stored-content-length: 79780
timing-allow-origin: *
eagleid: a3b5839f17116246975362054e
expires: Thu, 28 Mar 2024 11:45:29 GMT

GET
H2 200 external-en-gb.json Show response
static.airasia.com/payments/translations/flights/ 131 KB
43 KB 292ms
97ms XHR
application/json 163.181.157.117
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airasia.com/payments/translations/flights/external-en-gb.json
Requested by: Host: payment.airasia.com
URL: https://payment.airasia.com/polyfills-es2015.5fe048c4e8533949729b.js?v=1.108.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.157.117 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b35820d35c2d5f3d51853547c4612ac5072b6b2164015865c281f93e41b57230

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 11:17:08 GMT
via: cache12.l2de2[0,0,304-0,H], cache16.l2de2[1,0], ens-cache1.de7[2,2,200-0,H], ens-cache11.de7[3,0]
content-encoding: br
age: 69
x-swift-cachetime: 231
x-guploader-uploadid: ABPtcPrEV-Bh7BIcFlFNRFPLk6yVt77YCYLlzHPijJII0AzjLY0__zLh_u4WfLcto8mdsm3D3kc
x-cache: HIT TCP_REFRESH_HIT dirn:13:713602520
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 11:18:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Wed, 27 Mar 2024 03:24:32 GMT
server: Tengine
etag: W/"7c7413ca56f347eebecca0719d988548"
vary: Accept-Encoding
x-goog-generation: 1711509872392482
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=TDwQWA==, md5=fHQTylbzR+6+zKBxnZiFSA==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
ali-swift-global-savetime: 1711624628
x-goog-stored-content-length: 134454
timing-allow-origin: *
eagleid: a3b5839f17116246975372055e
expires: Thu, 28 Mar 2024 12:17:08 GMT

GET
H2 200 locale-en-gb.json Show response
payment.airasia.com/app/_resources/ 75 KB
24 KB 91ms
91ms XHR
application/json 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/app/_resources/locale-en-gb.json

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/polyfills-es2015.5fe048c4e8533949729b.js?v=1.108.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

0b597edae90484bdfdab765a6e0ace37e8033fb5074ac2a9b04c2b883dba75fb

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 10:34:34 GMT
via: cache1.l2de2[714,714,304-0,M], cache6.l2de2[716,0], ens-cache7.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2623
x-swift-cachetime: 3600
x-guploader-uploadid: ABPtcPqeSdR4Edp5HMaBnisPvnryuAhRWZKYAGM8kFk1XgOUyekEtPfSAQCBS8R9wNXHE8G11w
x-cache: HIT TCP_MEM_HIT dirn:13:127282691
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 10:34:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 15 Dec 2023 03:27:43 GMT
server: Tengine
etag: W/"9c62025e0a743d7eb0c931738d06baef"
vary: Accept-Encoding
x-goog-generation: 1702610863019484
content-type: application/json
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=BxGABg==, md5=nGICXgp0PX6wyTFzjQa67w==
cache-control: no-store
ali-swift-global-savetime: 1711622074
x-goog-stored-content-length: 76962
timing-allow-origin: *
eagleid: a3b55ca117116246973313826e
expires: Thu, 28 Mar 2024 11:34:34 GMT

GET
H2 200 external-en-gb.json Show response
payment.airasia.com/app/_resources/ 114 KB
39 KB 95ms
95ms XHR
application/json 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/app/_resources/external-en-gb.json

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/polyfills-es2015.5fe048c4e8533949729b.js?v=1.108.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

95f25f6b49dd8ae1382a8eb800753942f464a3118ee877eb2d5a6ed0e7b1390a

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 10:44:09 GMT
via: cache26.l2de2[0,0,304-0,H], cache10.l2de2[1,0], ens-cache2.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2048
x-swift-cachetime: 3598
x-guploader-uploadid: ABPtcPrvsDZyIlL2Kp4hQv418EVckeDYC9zQs0gVcsgQHL79bHgP2pv-fW6deLykFSEIzoxXdDQ
x-cache: HIT TCP_MEM_HIT dirn:12:888149678
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 10:44:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 06 Sep 2023 07:03:50 GMT
server: Tengine
etag: W/"e128ede4f31701ef516ae70ddc182389"
vary: Accept-Encoding
x-goog-generation: 1690406153007682
content-type: application/json
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=cXTT+g==, md5=4Sjt5PMXAe9RaucN3BgjiQ==
cache-control: no-store
ali-swift-global-savetime: 1711622649
x-goog-stored-content-length: 117132
timing-allow-origin: *
eagleid: a3b55ca117116246973323829e
expires: Thu, 28 Mar 2024 11:32:35 GMT

GET
H2 200 favicon.ico
payment.airasia.com/ 1 KB
2 KB 90ms
89ms Other
image/vnd.microsoft.icon 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

38a8e29eab766f4c02a897dbd799725e37d70d2524e33f2e5a9fcee35a0873f1

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:25 GMT
via: cache5.l2de2[710,710,304-0,M], cache9.l2de2[711,0], ens-cache1.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13612
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPqSwKggvuh4RNT8oUkgtfGGqQuK-khf9DtbTauz57qufyH7DrFGNBn_CRaz5PMx08uLVtY
x-cache: HIT TCP_MEM_HIT dirn:13:158575844
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1439
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 06 Sep 2023 07:03:52 GMT
server: Tengine
etag: "86fa77e70b52480b95614b9ac73d36b3"
x-frame-options: SAMEORIGIN
x-goog-generation: 1692920035652950
content-type: image/vnd.microsoft.icon
x-goog-hash: crc32c=6dCr8A==, md5=hvp35wtSSAuVYUuaxz02sw==
cache-control: no-store
ali-swift-global-savetime: 1711611085
x-goog-stored-content-length: 1439
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b55ca117116246973523986e
expires: Thu, 28 Mar 2024 08:31:25 GMT

OPTIONS getbookingdata
payment.apiairasia.com/payment/deeplink/api/ Frame 0
0

GET
H3 200 bundle.en-GB.js Show response
sso-widget.airasia.com/ 1 MB
332 KB 1019ms
941ms Script
application/javascript 104.18.23.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sso-widget.airasia.com/bundle.en-GB.js
Requested by: Host: payment.airasia.com
URL: https://payment.airasia.com/main-es2015.cb6b3b9689df61ab5268.js?v=1.108.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6073e30151ae9297d4d62d1301343c403a29029af69248490392d22eedaac889

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 11:18:18 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPqkacbP21klnjExfIu_Hp_3f4uAB6mgEF62PjcIV1Q6WhMyVPlmLWibMiNRh7adAULMEZ4tfDWjBA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 09:24:01 GMT
server: cloudflare
etag: W/"381e4502f7973ef9659f39249c31fd7d"
vary: Accept-Encoding
x-goog-generation: 1711013041628336
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=lndZgw==, md5=OB5FAveXPvllnzkknDH9fQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 1463948
cf-ray: 86b737f93b5c7113-LIS
expires: Thu, 28 Mar 2024 15:18:18 GMT

GET
H3 200 style.css
sso-widget.airasia.com/ 294 KB
87 KB 782ms
704ms Stylesheet
text/css 104.18.23.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sso-widget.airasia.com/style.css
Requested by: Host: payment.airasia.com
URL: https://payment.airasia.com/main-es2015.cb6b3b9689df61ab5268.js?v=1.108.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d80f60f64770667263fdf194c17a9396c951647b5f14b4fb6f26ba08dc49804

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 11:18:18 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ABPtcPq9Ma65PGlgZ5Tk7K63SZUgxgVjtYecbCkC8dHAIzh5aox6jSYRZyB7xIFDJoDQGGCQl1LV6RqG6JmaS5NQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Mar 2024 09:24:01 GMT
server: cloudflare
etag: W/"df8cf661f46f2e071045a37a8208a4d1"
vary: Accept-Encoding
x-goog-generation: 1711013041321413
content-type: text/css
access-control-allow-origin: *
x-goog-hash: crc32c=sOwPHg==, md5=34z2YfRvLgcQRaN6ggik0Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 300813
cf-ray: 86b737f93b597113-LIS
expires: Thu, 28 Mar 2024 15:18:18 GMT

GET
H2 200 file.json Show response
static.airasia.com/payments/translations/universalfooter/en-gb/ 3 KB
1 KB 97ms
97ms XHR
application/json 163.181.157.117
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airasia.com/payments/translations/universalfooter/en-gb/file.json
Requested by: Host: payment.airasia.com
URL: https://payment.airasia.com/polyfills-es2015.5fe048c4e8533949729b.js?v=1.108.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.157.117 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 7b67fa498c292d07cb3aa117085c0f139bde96cd4d4cd65dea80fc35f1677117

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 11:01:27 GMT
via: cache8.l2de2[0,0,304-0,H], cache14.l2de2[1,0], ens-cache4.de7[2,2,200-0,H], ens-cache11.de7[3,0]
content-encoding: br
age: 68
x-swift-cachetime: 232
x-guploader-uploadid: ABPtcPojD36b3ZJJlc5yeJeDjW2qLdLt_rovY0IDoSzOOwg6d0FvxSO4l_rYyLxzVFACxP-8x7s
x-cache: HIT TCP_REFRESH_HIT dirn:12:798589030
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 11:18:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Thu, 14 Mar 2024 03:25:54 GMT
server: Tengine
etag: W/"ac64e391ce71a70759d6b3031b4ee6a2"
vary: Accept-Encoding
x-goog-generation: 1710386754047555
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=Fp6WsQ==, md5=rGTjkc5xpwdZ1rMDG07mog==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
ali-swift-global-savetime: 1711624629
x-goog-stored-content-length: 3021
timing-allow-origin: *
eagleid: a3b5839f17116246977612648e
expires: Thu, 28 Mar 2024 12:01:27 GMT

GET getbookingdata
payment.apiairasia.com/payment/deeplink/api/ 0
0

GET
H2 200 airasia-move-light.svg
payment.airasia.com/assets/images/ 17 KB
6 KB 89ms
89ms Image
image/svg+xml 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.airasia.com/assets/images/airasia-move-light.svg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

53cc2b0deab9fe84340e1a35cd1d36b72081bdde699e811f61546bfcad54aed8

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:26 GMT
via: cache5.l2de2[697,696,304-0,M], cache12.l2de2[699,0], ens-cache12.de5[0,0,200-0,H], ens-cache13.de5[0,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13611
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPpkniONK8IUWhrK1lggxcJlDwwXtTDL6mhEOd3s0onWR-sHyJRcTrwNTXgF066LFSeX4FA
x-cache: HIT TCP_MEM_HIT dirn:12:618878323
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:26 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 26 Feb 2024 03:56:41 GMT
server: Tengine
etag: W/"7e4840762f8c09728f33a86eca280b89"
vary: Accept-Encoding
x-goog-generation: 1708919801221932
content-type: image/svg+xml
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=QMV26Q==, md5=fkhAdi+MCXKPM6huyigLiQ==
cache-control: no-store
ali-swift-global-savetime: 1711611086
x-goog-stored-content-length: 16984
timing-allow-origin: *
eagleid: a3b55ca117116246977626738e
expires: Thu, 28 Mar 2024 07:58:52 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
static.airasia.com/payments/fonts/google/material-icons/ 125 KB
126 KB 99ms
99ms Font
application/octet-stream 163.181.157.117
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airasia.com/payments/fonts/google/material-icons/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by: Host: static.airasia.com
URL: https://static.airasia.com/payments/fonts/google/google-material.css?v=1.108.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.157.117 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://static.airasia.com/payments/fonts/google/google-material.css?v=1.108.0
Origin: https://payment.airasia.com
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 03:52:10 GMT
via: cache15.l2de2[341,341,304-0,M], cache1.l2de2[342,0], ens-cache2.de7[0,0,200-0,H], ens-cache11.de7[1,0]
age: 113167
x-swift-cachetime: 604800
x-guploader-uploadid: ABPtcPpD7rE3f6taCChT0ahe2PSRjPl8WFIEQJgQBgJlGi9RXPrZre9xK1I3BcKqcUESMsPgWH0
x-cache: HIT TCP_MEM_HIT dirn:9:478046445
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Wed, 27 Mar 2024 03:52:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128352
last-modified: Tue, 14 Feb 2023 09:56:26 GMT
server: Tengine
etag: "53436aca8627a49f4deaaa44dc9e3c05"
x-goog-generation: 1676368586737324
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=mQZ7/Q==, md5=U0NqyoYnpJ9N6qpE3J48BQ==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
ali-swift-global-savetime: 1711511530
x-goog-stored-content-length: 128352
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b5839f17116246977722669e
expires: Wed, 27 Mar 2024 04:52:10 GMT

GET
H2 200 file.json Show response
static.airasia.com/payments/channel/ 35 KB
11 KB 155ms
155ms XHR
application/json 163.181.157.117
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.airasia.com/payments/channel/file.json
Requested by: Host: payment.airasia.com
URL: https://payment.airasia.com/polyfills-es2015.5fe048c4e8533949729b.js?v=1.108.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.157.117 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: b80a69996c64deea00271dd14ac54ccab85fec5eb65397e2912be66b0bb3e3b2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 11:06:28 GMT
via: cache2.l2de2[0,0,304-0,H], cache17.l2de2[1,0], ens-cache11.de7[2,1,200-0,H], ens-cache11.de7[2,0]
content-encoding: br
age: 68
x-swift-cachetime: 232
x-guploader-uploadid: ABPtcPqC-1ebad_gNzP50zZsew8X9MC0zL5B6N8unrOuccJYwVFAqXN8qE2vmDWJ3wwfwjVqRsQ
x-cache: HIT TCP_REFRESH_HIT dirn:13:326010507
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 11:18:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 18 Mar 2024 08:01:07 GMT
server: Tengine
etag: W/"3ec104e26fc2bb63e939ec2c0067118e"
vary: Accept-Encoding
x-goog-generation: 1710748867038344
content-type: application/json
access-control-allow-origin: *
x-goog-hash: crc32c=4N1qKw==, md5=PsEE4m/Cu2PpOewsAGcRjg==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=1800
ali-swift-global-savetime: 1711624629
x-goog-stored-content-length: 36296
content-language: en
timing-allow-origin: *
eagleid: a3b5839f17116246977762677e
expires: Thu, 28 Mar 2024 11:36:28 GMT

GET
H2 200 1-es2015.cf35cf52d305ef13cdd7.js Show response
payment.airasia.com/ 133 KB
42 KB 90ms
89ms Script
application/javascript 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/1-es2015.cf35cf52d305ef13cdd7.js

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/runtime-es2015.d94b587f84deb3bf2973.js?v=1.108.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

d872b8095a0e8bd7af4a0e4e7fa3df71d1e098586245de2433ab16c424f8da0a

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:26 GMT
via: cache1.l2de2[688,688,304-0,M], cache19.l2de2[690,0], ens-cache6.de5[0,0,200-0,H], ens-cache13.de5[2,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13610
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPp5pZvSTfe4zxwOyYpBElPD8_WlunC_gnjpbaeIfBfO1TprzYYiZ7b7tiSTl8J3QsfdLL7R8wsGdQ
x-cache: HIT TCP_MEM_HIT dirn:12:252347865
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Mar 2024 01:29:52 GMT
server: Tengine
etag: W/"6ccf348113f422c1631c69ae3e44d1cd"
vary: Accept-Encoding
x-goog-generation: 1711589392293882
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=B/7ljQ==, md5=bM80gRP0IsFjHGmuPkTRzQ==
cache-control: no-store
ali-swift-global-savetime: 1711611087
x-goog-stored-content-length: 136048
timing-allow-origin: *
eagleid: a3b55ca117116246977686790e
expires: Thu, 28 Mar 2024 07:52:46 GMT

GET
H2 200 8-es2015.8f1e0ea185d9556c4f5d.js Show response
payment.airasia.com/ 794 KB
210 KB 101ms
101ms Script
application/javascript 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/8-es2015.8f1e0ea185d9556c4f5d.js

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/runtime-es2015.d94b587f84deb3bf2973.js?v=1.108.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

39c236c18e05b5fb7083c1a52a82350ee65792e049c9c61231d5494b37225c3e

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:26 GMT
via: cache2.l2de2[692,693,304-0,M], cache6.l2de2[694,0], ens-cache2.de5[0,0,200-0,H], ens-cache13.de5[2,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13610
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPoGiWE-GCMiMl7Vmcrqw2OnE56Jhbz9pTIreLfyDZqNj51VWXEG-CcL0_zmyg1wHKh751wBxJ8cUg
x-cache: HIT TCP_HIT dirn:12:704825214
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Mar 2024 01:29:52 GMT
server: Tengine
etag: W/"64b097c3404a3fa2450615a3897bd789"
vary: Accept-Encoding
x-goog-generation: 1711589392422648
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=uEOoMw==, md5=ZLCXw0BKP6JFBhWjiXvXiQ==
cache-control: no-store
ali-swift-global-savetime: 1711611087
x-goog-stored-content-length: 812922
timing-allow-origin: *
eagleid: a3b55ca117116246977696793e
expires: Thu, 28 Mar 2024 07:55:37 GMT

GET
H2 200 mavcomlogo-en.png
a.staticaa.com/images/logo/ 6 KB
7 KB 314ms
99ms Image
image/png 47.246.46.243
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.staticaa.com/images/logo/mavcomlogo-en.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

47.246.46.243 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

4f3ebb5f41e9b1a6c243c0f4a201e15e2a49f513aa31f286bf50aac9cdfa4ec9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=15552000; includeSubDomains
date: Sun, 18 Feb 2024 15:05:57 GMT
via: cache15.l2de2[0,0,200-0,H], cache6.l2de2[1,0], ens-cache2.it4[0,0,200-0,H], ens-cache15.it4[1,0]
age: 3355941
x-swift-cachetime: 13344384
x-guploader-uploadid: ABPtcPo9vZP7OKEpW8uIxRGfk3fVEHvWLI9abP5CpTFoqmEoB3hvkNau1Hz4nooHbf89l9nm-50
x-cache: HIT TCP_MEM_HIT dirn:12:131307608
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Fri, 15 Mar 2024 04:19:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6418
last-modified: Wed, 02 Nov 2022 07:20:59 GMT
server: Tengine
etag: "161dcc9bb41cb7a72239546f83da36eb"
x-goog-generation: 1667373659452133
content-type: image/png
x-goog-hash: crc32c=/d6egQ==, md5=Fh3Mm7Qct6ciOVRvg9o26w==
cache-control: public, max-age=31536000, immutable
ali-swift-global-savetime: 1708268757
x-goog-stored-content-length: 6418
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62ea317116246980783763e
expires: Sun, 18 Feb 2024 16:05:57 GMT

GET
H2 200 dmsans-medium-webfont.woff2
payment.airasia.com/assets/fonts/dmsans/ 21 KB
21 KB 92ms
91ms Font
application/octet-stream 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/assets/fonts/dmsans/dmsans-medium-webfont.woff2

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/styles.1b4f4e16e28dc416e48b.css?v=1.108.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

84f00d9aa2b51010df1082f6aaa4d0854079763102d7bc95d341c749e8f71b37

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/styles.1b4f4e16e28dc416e48b.css?v=1.108.0
Origin: https://payment.airasia.com
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:32:04 GMT
via: cache14.l2de2[0,0,304-0,H], cache9.l2de2[1,0], ens-cache10.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13573
x-swift-cachetime: 21571
x-guploader-uploadid: ABPtcPqewEmS2z7SHwVkm-11kNaVevsDFYj9rOPeBU4ZflQ5BFQp4YIFG4FRRsSI2z9ylXL6xEM
x-cache: HIT TCP_MEM_HIT dirn:12:646565132
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:32:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21328
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 06 Sep 2023 07:03:52 GMT
server: Tengine
etag: "8b8b00422d168566e79470487d896721"
x-frame-options: SAMEORIGIN
x-goog-generation: 1690406154586331
content-type: application/octet-stream
x-goog-hash: crc32c=U/UfQA==, md5=i4sAQi0WhWbnlHBIfYlnIQ==
cache-control: no-store
ali-swift-global-savetime: 1711611124
x-goog-stored-content-length: 21328
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b55ca117116246978647545e
expires: Thu, 28 Mar 2024 08:03:10 GMT

POST GetBooking
payment.airasia.com/nullBookingService/ 0
0

GET
H2 200 10-es2015.0ea0f2a3d8b91f4a0782.js Show response
payment.airasia.com/ 9 KB
4 KB 89ms
89ms Script
application/javascript 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/10-es2015.0ea0f2a3d8b91f4a0782.js

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/runtime-es2015.d94b587f84deb3bf2973.js?v=1.108.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

de37d4837a0459a0da89878d1e0a9f26a25f091028c5d07b0c50ec9e8c9117de

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 08:46:00 GMT
via: cache2.l2de2[707,709,304-0,M], cache23.l2de2[711,0], ens-cache15.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9137
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPo5zYABo7SaDPm_m80u7DhW5t0iEW0Mu0rYeVopuNOJvM4jCh_8z3wTvVwlvBXUj3b2CFw
x-cache: HIT TCP_MEM_HIT dirn:12:890720918
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 08:46:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 28 Mar 2024 01:29:52 GMT
server: Tengine
etag: W/"829d7f8a0bd44086e5cd640515ed5a6d"
vary: Accept-Encoding
x-goog-generation: 1711589392177077
content-type: application/javascript
x-frame-options: SAMEORIGIN
x-goog-hash: crc32c=uUAjng==, md5=gp1/igvUQIblzWQFFe1abQ==
cache-control: no-store
ali-swift-global-savetime: 1711615560
x-goog-stored-content-length: 9000
timing-allow-origin: *
eagleid: a3b55ca117116246979698293e
expires: Thu, 28 Mar 2024 08:55:36 GMT

GET
H2 200 robot-error.png
payment.airasia.com/assets/images/ 33 KB
34 KB 95ms
95ms Image
image/png 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payment.airasia.com/assets/images/robot-error.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

0a207e3094552e65c140c9befffa45eedbe5d90c7a54f87025e1b4f97206ea92

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/error
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 08:46:01 GMT
via: cache10.l2de2[764,763,304-0,M], cache15.l2de2[766,0], ens-cache10.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9137
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPqgaku7ULsdapkvSYL8gbsotGHhe_-LvC-jcH5PTOOEaqz-RJDwJeMiY310UTDH1uzUwvVBYehwbg
x-cache: HIT TCP_MEM_HIT dirn:12:636446139
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 08:46:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34006
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 26 Feb 2024 03:56:41 GMT
server: Tengine
etag: "6fe99d934ef6b789b74b74d49ed6713a"
x-frame-options: SAMEORIGIN
x-goog-generation: 1708919801054760
content-type: image/png
x-goog-hash: crc32c=ztMYiA==, md5=b+mdk072t4m3S3TUntZxOg==
cache-control: no-store
ali-swift-global-savetime: 1711615561
x-goog-stored-content-length: 34006
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b55ca117116246980728929e
expires: Thu, 28 Mar 2024 08:53:12 GMT

GET
H2 200 Roboto-Medium.woff2
payment.airasia.com/assets/fonts/roboto/ 9 KB
10 KB 91ms
90ms Font
application/octet-stream 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/assets/fonts/roboto/Roboto-Medium.woff2

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/styles.1b4f4e16e28dc416e48b.css?v=1.108.0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

f4854a5a7b32ac764345895c6706998a865895e3c6984dcd42cf2cd88cbff646

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/styles.1b4f4e16e28dc416e48b.css?v=1.108.0
Origin: https://payment.airasia.com
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:53 GMT
via: cache23.l2de2[684,684,304-0,M], cache6.l2de2[685,0], ens-cache12.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13585
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPqyIGGJz8yNxZFx6IPWzlz6oLbR6aYQZMC0oFHBgBuK_NeLKXgqT_MeBxr1ZWWEVHIhJNE
x-cache: HIT TCP_MEM_HIT dirn:12:775378404
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9544
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 29 Jan 2024 07:32:40 GMT
server: Tengine
etag: "356589b5105d6761331c2d530b1382e9"
x-frame-options: SAMEORIGIN
x-goog-generation: 1706513560664191
content-type: application/octet-stream
x-goog-hash: crc32c=7SVb5g==, md5=NWWJtRBdZ2EzHC1TCxOC6Q==
cache-control: no-store
ali-swift-global-savetime: 1711611113
x-goog-stored-content-length: 9544
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b55ca117116246980718924e
expires: Thu, 28 Mar 2024 07:47:51 GMT

GET
H2 200 favicon.ico
payment.airasia.com/ 1 KB
2 KB 98ms
97ms Other
image/vnd.microsoft.icon 163.181.92.185
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://payment.airasia.com/favicon.ico

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.92.185 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine /

Resource Hash

38a8e29eab766f4c02a897dbd799725e37d70d2524e33f2e5a9fcee35a0873f1

Security Headers

Name	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://payment.airasia.com/error
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 07:31:25 GMT
via: cache5.l2de2[710,710,304-0,M], cache9.l2de2[711,0], ens-cache1.de5[0,0,200-0,H], ens-cache13.de5[1,0]
x-content-type-options: nosniff
content-security-policy: "default-src 'self'"
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13613
x-swift-cachetime: 21600
x-guploader-uploadid: ABPtcPqSwKggvuh4RNT8oUkgtfGGqQuK-khf9DtbTauz57qufyH7DrFGNBn_CRaz5PMx08uLVtY
x-cache: HIT TCP_MEM_HIT dirn:13:158575844
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-swift-savetime: Thu, 28 Mar 2024 07:31:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1439
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 06 Sep 2023 07:03:52 GMT
server: Tengine
etag: "86fa77e70b52480b95614b9ac73d36b3"
x-frame-options: SAMEORIGIN
x-goog-generation: 1692920035652950
content-type: image/vnd.microsoft.icon
x-goog-hash: crc32c=6dCr8A==, md5=hvp35wtSSAuVYUuaxz02sw==
cache-control: no-store
ali-swift-global-savetime: 1711611085
x-goog-stored-content-length: 1439
accept-ranges: bytes
timing-allow-origin: *
eagleid: a3b55ca117116246980738935e
expires: Thu, 28 Mar 2024 08:31:25 GMT

GET
H2 200 by-origin Show response
ssor.airasia.com/config/v2/clients/ 269 B
1 KB 319ms
197ms XHR
application/json 104.18.24.16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ssor.airasia.com/config/v2/clients/by-origin?path=error

Requested by

Host: payment.airasia.com
URL: https://payment.airasia.com/polyfills-es2015.5fe048c4e8533949729b.js?v=1.108.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.24.16 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

505b0a645628a6cab68cd0437332bf848c7a3b5f2dff6718458e4fbc6aba690e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json
Referer: https://payment.airasia.com/
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 11:18:19 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
content-encoding: gzip
surrogate-control: no-store
x-dns-prefetch-control: off
x-xss-protection: 0
x-response-time: 0.001s
pragma: no-cache
referrer-policy: no-referrer
server: cloudflare
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-origin: https://payment.airasia.com
access-control-expose-headers: x-aa-redirecturl
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
cf-ray: 86b738010a3c692f-LIS
expires: 0

GET
H3 200 index.html Show response
sso-widget.airasia.com/hub/ Frame E252 375 B
675 B 80ms
80ms Document
text/html 104.18.23.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sso-widget.airasia.com/hub/index.html
Requested by: Host: sso-widget.airasia.com
URL: https://sso-widget.airasia.com/bundle.en-GB.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7426151bef2f80c47ad5aed1d3759ae5acd58fb6e2de01ae3c921699a4e955f7

Request headers

Referer: https://payment.airasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: pt-PT,pt;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 2657
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 86b73802991c7113-LIS
content-encoding: br
content-type: text/html
date: Thu, 28 Mar 2024 11:18:19 GMT
expires: Thu, 28 Mar 2024 11:34:02 GMT
last-modified: Wed, 20 Mar 2024 05:03:31 GMT
server: cloudflare
x-goog-generation: 1710911011541363
x-goog-hash: crc32c=5VfyLA== md5=F3kIbslUzkOrqzLku0bzzw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 375
x-guploader-uploadid: ABPtcPpgfJEhJPSXLnzNmk_gDmhs2Xk23opk-1ndqdX8epBj2iNAhVbOJEdzsp58UtAaLiYWqasxSUHjbQ

GET
H3 200 index.html Show response
sso-widget.airasia.com/hub/ Frame 81B7 375 B
681 B 76ms
75ms Document
text/html 104.18.23.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sso-widget.airasia.com/hub/index.html
Requested by: Host: sso-widget.airasia.com
URL: https://sso-widget.airasia.com/bundle.en-GB.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7426151bef2f80c47ad5aed1d3759ae5acd58fb6e2de01ae3c921699a4e955f7

Request headers

Referer: https://payment.airasia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: pt-PT,pt;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 1846
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: DYNAMIC
cf-ray: 86b73802a92e7113-LIS
content-encoding: br
content-type: text/html
date: Thu, 28 Mar 2024 11:18:19 GMT
expires: Thu, 28 Mar 2024 11:47:33 GMT
last-modified: Wed, 20 Mar 2024 05:03:31 GMT
server: cloudflare
x-goog-generation: 1710911011541363
x-goog-hash: crc32c=5VfyLA== md5=F3kIbslUzkOrqzLku0bzzw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 375
x-guploader-uploadid: ABPtcPo_Wf3IZVauQqHphhqwq7x680khR1eKlxxeQoLuSPXSuuSnvwPrxpLQCVAbIDGh0SlS0mFWG9DaI95yNAoT

GET
H3 200 bundle.js.gz Show response
sso-widget.airasia.com/hub/ Frame E252 11 KB
4 KB 70ms
69ms Script
application/javascript 104.18.23.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sso-widget.airasia.com/hub/bundle.js.gz
Requested by: Host: sso-widget.airasia.com
URL: https://sso-widget.airasia.com/hub/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5489f4e6815d694b4b58d530b9da00ee5e383102eded8df95492bdaf325c311

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sso-widget.airasia.com/hub/index.html
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 11:18:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 399
cf-polished: origSize=11158
x-guploader-uploadid: ABPtcPrRikcp3GhLkdwqRXdnNOZAG83qqGNOA_4iAk7scqYBgTlr8F5VxoICdmRDuGBLrRTRQYBsZhRONw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Mar 2024 05:03:31 GMT
server: cloudflare
etag: W/"4bf76b8df98bf7ee5c43349f32ce6ff5"
vary: Accept-Encoding
x-goog-generation: 1710911011547937
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=15i8lA==, md5=S/drjfmL9+5cQzSfMs5v9Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 3564
cf-ray: 86b7380349fc7113-LIS
expires: Thu, 28 Mar 2024 15:18:19 GMT

GET
H3 200 bundle.js.gz Show response
sso-widget.airasia.com/hub/ Frame 81B7 11 KB
4 KB 73ms
72ms Script
application/javascript 104.18.23.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sso-widget.airasia.com/hub/bundle.js.gz
Requested by: Host: sso-widget.airasia.com
URL: https://sso-widget.airasia.com/hub/index.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5489f4e6815d694b4b58d530b9da00ee5e383102eded8df95492bdaf325c311

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://sso-widget.airasia.com/hub/index.html
accept-language: pt-PT,pt;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 11:18:19 GMT
content-encoding: br
cf-cache-status: HIT
age: 399
cf-polished: origSize=11158
x-guploader-uploadid: ABPtcPrRikcp3GhLkdwqRXdnNOZAG83qqGNOA_4iAk7scqYBgTlr8F5VxoICdmRDuGBLrRTRQYBsZhRONw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 20 Mar 2024 05:03:31 GMT
server: cloudflare
etag: W/"4bf76b8df98bf7ee5c43349f32ce6ff5"
vary: Accept-Encoding
x-goog-generation: 1710911011547937
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=15i8lA==, md5=S/drjfmL9+5cQzSfMs5v9Q==
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
x-goog-stored-content-length: 3564
cf-ray: 86b738034a187113-LIS
expires: Thu, 28 Mar 2024 15:18:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: payment.apiairasia.com
URL: https://payment.apiairasia.com/payment/deeplink/api/getbookingdata

Domain: payment.apiairasia.com
URL: https://payment.apiairasia.com/payment/deeplink/api/getbookingdata

Domain: payment.airasia.com
URL: https://payment.airasia.com/nullBookingService/GetBooking?undefined

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
payment.airasia.com/assets/fonts/roboto	1969-12-31 23:59:59	Name: Value: Secure
payment.airasia.com/assets/fonts/dmsans	1969-12-31 23:59:59	Name: Value: Secure
payment.airasia.com/app/_resources	1969-12-31 23:59:59	Name: Value: Secure
payment.airasia.com/assets/images	1969-12-31 23:59:59	Name: Value: Secure
payment.airasia.com/assets/js	1969-12-31 23:59:59	Name: Value: Secure
payment.airasia.com/	1969-12-31 23:59:59	Name: Value: Secure
.airasia.com/	1970-01-20 19:27:11	Name: userSession Value: cc=en-gb&mcc=&rc=&ad=&p=&st=&rsc=0
payment.airasia.com/	1970-01-20 20:10:16	Name: defaultLocale Value: en-gb
.airasia.com/	1970-01-20 19:27:06	Name: __cf_bm Value: cclc8A6wj_VYlb2Mz4.R83AMsztZJK1P6n6FQ0G.bXk-1711624698-1.0.1.1-t6nQmujNDzW3wVfkBDT9kjAMBiUVMgQonZcsHH4uTgJRMh98.9WbpapccbX0wRILqgOkjOlGlUyme230DRRmOg
.airasia.com/	1969-12-31 23:59:59	Name: _cfuvid Value: WO9b5NW2Z3ycfdQtlJ6i8P.pOvG6ouVQU.SFD8FOXxU-1711624698086-0.0.1.1-604800000

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://payment.airasia.com/ Message: The Content-Security-Policy directive name '"default-src' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
other	warning	URL: https://payment.airasia.com/(Line 54) Message: <link rel=preload> has an invalid `href` value
security	error	URL: https://sso-widget.airasia.com/bundle.en-GB.js(Line 1) Message: The Content-Security-Policy directive name '"default-src' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://sso-widget.airasia.com/bundle.en-GB.js(Line 1) Message: The Content-Security-Policy directive name '"default-src' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://sso-widget.airasia.com/bundle.en-GB.js(Line 1) Message: The Content-Security-Policy directive name '"default-src' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://sso-widget.airasia.com/bundle.en-GB.js(Line 1) Message: The Content-Security-Policy directive name '"default-src' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	"default-src 'self'"
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.staticaa.com
payment.airasia.com
payment.apiairasia.com
sso-widget.airasia.com
ssor.airasia.com
static.airasia.com
payment.airasia.com
payment.apiairasia.com
104.18.23.98
104.18.24.16
163.181.157.117
163.181.92.185
47.246.46.243
06d00a6274cd0809e39677b3ac3db772819d66cf23e670fa3f7f2a5f61aff2ee
0a207e3094552e65c140c9befffa45eedbe5d90c7a54f87025e1b4f97206ea92
0b597edae90484bdfdab765a6e0ace37e8033fb5074ac2a9b04c2b883dba75fb
1975113de140de9877b2eb3a2908749a7fd6556f32b169e5d0a412c2ddf27991
1cdac9a90799eb6607dec033d3ca00752e290836852f1944199339c30dfb0a9e
1edfc6d8f2c62742c4cdbd0e82c6784efc830b0fbb25e991ed81c755257d31e9
38a8e29eab766f4c02a897dbd799725e37d70d2524e33f2e5a9fcee35a0873f1
39c236c18e05b5fb7083c1a52a82350ee65792e049c9c61231d5494b37225c3e
3d80f60f64770667263fdf194c17a9396c951647b5f14b4fb6f26ba08dc49804
4f3ebb5f41e9b1a6c243c0f4a201e15e2a49f513aa31f286bf50aac9cdfa4ec9
505b0a645628a6cab68cd0437332bf848c7a3b5f2dff6718458e4fbc6aba690e
53cc2b0deab9fe84340e1a35cd1d36b72081bdde699e811f61546bfcad54aed8
6073e30151ae9297d4d62d1301343c403a29029af69248490392d22eedaac889
67be976f45f239ab3f0355ec84dcbe07212e3702d53bbf7767348ff77ca5da6c
6d69389f12ffa622a45eb36e0823413801e4349fdedfe16e07c6dfc5191bc6ab
7426151bef2f80c47ad5aed1d3759ae5acd58fb6e2de01ae3c921699a4e955f7
7b67fa498c292d07cb3aa117085c0f139bde96cd4d4cd65dea80fc35f1677117
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
84f00d9aa2b51010df1082f6aaa4d0854079763102d7bc95d341c749e8f71b37
91556aa2032c8b0ac89b60bb94f334647b285188bebed5147ff6db0b9523c189
95f25f6b49dd8ae1382a8eb800753942f464a3118ee877eb2d5a6ed0e7b1390a
b35820d35c2d5f3d51853547c4612ac5072b6b2164015865c281f93e41b57230
b80a69996c64deea00271dd14ac54ccab85fec5eb65397e2912be66b0bb3e3b2
bdfecac0d5ebadeaaab054f04a61209a96ca0e4677a37eae774dffbe978b231c
d5489f4e6815d694b4b58d530b9da00ee5e383102eded8df95492bdaf325c311
d872b8095a0e8bd7af4a0e4e7fa3df71d1e098586245de2433ab16c424f8da0a
d983497ef0dc8f7d183ac7916c0f0252f531655ce10ab619b95910de7aca47ee
de37d4837a0459a0da89878d1e0a9f26a25f091028c5d07b0c50ec9e8c9117de
dfb0bc619dfe6dc4e039775e76514b589c504e55eb51caf87aa99ca3d69c2754
f4854a5a7b32ac764345895c6706998a865895e3c6984dcd42cf2cd88cbff646

payment.airasia.com Open in urlscan Pro 163.181.92.185 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

36 Requests

92 %HTTPS

0 %IPv6

3 Domains

6 Subdomains

6 IPs

4 Countries

2089 kBTransfer

6402 kBSize

10 Cookies

0 Outgoing links

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payment.airasia.com Open in urlscan Pro
163.181.92.185 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

92 %
HTTPS

0 %
IPv6

3
Domains

6
Subdomains

6
IPs

4
Countries

2089 kB
Transfer

6402 kB
Size

10
Cookies

36 HTTP transactions
0 data transactions