urlscan.io logo urlscan.io
SecurityTrails logo

centinelapi.cardinalcommerce.com Open in urlscan Pro
2606:4700::c6d9:fbfa  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Effective URL: https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp
Submission Tags: 0xscam
Submission: On May 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 2606:4700::c6d9:fbfa, located in United States and belongs to CLOUDFLARENET, US. The main domain is centinelapi.cardinalcommerce.com. The Cisco Umbrella rank of the primary domain is 22478.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on February 26th 2024. Valid for: a year.
This is the only time centinelapi.cardinalcommerce.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 6 104.18.39.141 13335 (CLOUDFLAR...)
1 2606:4700::c6... 13335 (CLOUDFLAR...)
6 2606:4700::c6... 13335 (CLOUDFLAR...)
1 65.1.50.214 ()
14 5
Apex Domain
Subdomains		 Transfer
7 cardinalcommerce.com
centinelapi.cardinalcommerce.com — Cisco Umbrella Rank: 22478
writer.cardinalcommerce.com
19 KB
6 paystack.co
standard.paystack.co
11 KB
1 m2pfintech.com
acsv2.m2pfintech.com
14 3
Domain Requested by
6 standard.paystack.co 1 redirects standard.paystack.co
5 centinelapi.cardinalcommerce.com centinelapi.cardinalcommerce.com
2 writer.cardinalcommerce.com centinelapi.cardinalcommerce.com
1 acsv2.m2pfintech.com
14 4

This site contains no links.

Subject Issuer Validity Valid
*.paystack.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-13 -
2024-12-27		 a year crt.sh
*.cardinalcommerce.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-26 -
2025-03-28		 a year crt.sh
*.m2pfintech.com
GlobalSign RSA OV SSL CA 2018		 2024-04-18 -
2025-05-20		 a year crt.sh

This page contains 4 frames:

Primary Page: https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp
Frame ID: BF178CEF35A626C40C373046421B8BD3
Requests: 10 HTTP requests in this frame

Frame: https://standard.paystack.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: E4285C260E353E2A6B853C1327BE3E25
Requests: 2 HTTP requests in this frame

Frame: https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect
Frame ID: 183B3BF32A874E893060D7A68C417DB2
Requests: 1 HTTP requests in this frame

Frame: https://acsv2.m2pfintech.com/emv/auth/process/10058/creq
Frame ID: 0C1828BD00C2E80FB075D42720BC8F0F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cruise API - Step Up

Page URL History Show full URLs

  1. https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en Page URL
  2. https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp Page URL

Page Statistics

14
Requests

86 %
HTTPS

50 %
IPv6

3
Domains

4
Subdomains

5
IPs

2
Countries

30 kB
Transfer

89 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en Page URL
  2. https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://standard.paystack.co/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://standard.paystack.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ade0292vjbj9eb503f3
standard.paystack.co/charge/auth/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014ac8a1514a8716b30bb7afed917c845bedab4f594f40f836a6d08db9e2b621
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8888447e785b4541-TXL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 May 2024 21:51:29 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
main.js
standard.paystack.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame E428
Redirect Chain
  • https://standard.paystack.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://standard.paystack.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://standard.paystack.co/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Protocol
H2
Server
104.18.39.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98d37e8fc0ce9643ef7e3cfe9938543c3761a3c0e9789bd4dc801d409585bfa2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Thu, 23 May 2024 21:51:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
888844840cce4541-TXL

Redirect headers

date
Thu, 23 May 2024 21:51:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
88884483bc2d4541-TXL
content-length
0
Collect
centinelapi.cardinalcommerce.com/V1/Cruise/ Frame 183B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/V1/Cruise/Collect
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://standard.paystack.co
Referer
https://standard.paystack.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
8888448459b21daa-FRA
content-encoding
gzip
content-language
de-DE
content-length
1257
content-type
text/html;charset=ISO-8859-1
date
Thu, 23 May 2024 21:51:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IK6GKv2wlDvyW1%2Fglek02U5SWN%2F83JItqvAFTmjvCDwtsFeK3p8uc1iMOKbHHfBi%2BSaNxXZ7rWbGhQbNiBDtorWm%2B5euaWNQjtu9Z8wkDurU8qy%2FvXyqlbJey8Pnqgcn6DCr6Uu9%2B9uWg6L5p5Gi8hfCCoKXT5fnT0s9NZ8n"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
favicon.ico
standard.paystack.co/ 		15 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://standard.paystack.co/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a797700be5b0b8a4c81a9a3b73e3b79651ca76fc3cef01bb37493f6b831ef383
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 21:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Thu, 23 May 2024 07:55:25 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
etag
W/"664ef66d-3aee"
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=14400
cf-ray
88884483bc364541-TXL
expires
Fri, 24 May 2024 01:51:30 GMT
8888447e785b4541
standard.paystack.co/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame E428 		0
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://standard.paystack.co/cdn-cgi/challenge-platform/h/b/jsd/r/8888447e785b4541
Requested by
Host: standard.paystack.co
URL: https://standard.paystack.co/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 May 2024 21:51:30 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
888844851f274541-TXL
content-length
0
content-type
text/plain; charset=UTF-8
check_enrollment
standard.paystack.co/charge/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://standard.paystack.co/charge/check_enrollment
Requested by
Host: standard.paystack.co
URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.39.141 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 May 2024 21:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
cf-ray
8888448adc114541-TXL
Primary Request StepUp
centinelapi.cardinalcommerce.com/V2/Cruise/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0155e0d03d8c302e8353d6259083ebc8c71dd9f1f50f18d04595c0a5356fa7c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://standard.paystack.co
Referer
https://standard.paystack.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cf-cache-status
DYNAMIC
cf-ray
888844975b3a2ba2-FRA
content-encoding
gzip
content-language
de-DE
content-length
1767
content-type
text/html;charset=ISO-8859-1
date
Thu, 23 May 2024 21:51:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1NkK3ZqsaFe4TNnzR9iwZClEYE71lB5JRGDv7zu9yyLo0DYuj6KLTSTt%2B8VSJqtaT607LZZKFabo038Lvsd3wcT0MujlibhqVF1pkTCSoaeRSWV8ydh9l%2F1L3z7fzlaFQ1bskIL%2F%2BfYB5UmrY7K%2BIP%2FPXyQGnd6GJEYT9Kwb"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
vendors.f57873e506781e6fb833.js
centinelapi.cardinalcommerce.com/javascript/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/javascript/vendors.f57873e506781e6fb833.js
Requested by
Host: centinelapi.cardinalcommerce.com
URL: https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25ea5162c38f128e1a1723b964d48be21e76445ceb7c6bbd871bb5d75379d348
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 21:51:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
968925
cf-polished
origSize=22491
cf-bgj
minify
last-modified
Thu, 22 Feb 2024 12:25:36 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SNEULgCHQJsviKKQmyzFVkCISdV1ulziP8hYKH0qnO0fNJSCbUpbE%2FG3XSjef9eNH%2FxZXZ160hrZ2i5xdnEUxPkl%2F%2FWvgxw1wtm%2FL%2F90sEDiitoevJRqtq2t54pb58kewDfL0dw7II7GnBjtMKnrPHKEMW2GQiXk%2B5YXxaS6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
88884498ec882ba2-FRA
expires
Sat, 22 Jun 2024 21:51:33 GMT
stepUp.41c2d22f1cc6ff85e895.js
centinelapi.cardinalcommerce.com/javascript/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/javascript/stepUp.41c2d22f1cc6ff85e895.js
Requested by
Host: centinelapi.cardinalcommerce.com
URL: https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc6f0eb374f5c8fcf2e5e61afa3d951e17f30923ec6d1edf5dac3c910b35c102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 21:51:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
968921
cf-polished
origSize=22115
cf-bgj
minify
last-modified
Thu, 22 Feb 2024 12:25:36 GMT
server
cloudflare
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cq0yZHPXQDD3rtii2eT1bdx1lrnb%2BaZbwFU3Yl37y%2FWjWZOzR9GIFkk62PqsoYQkO6VpxdMXv80m0zw2ogHPA8uC8KfcbTxY947D0dD6yuzjp2kApuHWtG1ZwHCiahTxW0WzvP9Rtj3LQsKnq56I3PqoIBCOldhXBn0OfACh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
88884498ec8b2ba2-FRA
expires
Sat, 22 Jun 2024 21:51:33 GMT
log
writer.cardinalcommerce.com/prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://writer.cardinalcommerce.com/prod/log
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-cardinal-tid
Access-Control-Request-Method
POST
Origin
https://centinelapi.cardinalcommerce.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Cardinal-Tid
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
88884499fe3b91ea-FRA
content-length
0
content-type
application/json
date
Thu, 23 May 2024 21:51:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IiXv7i1M31Kxd8Iq4jjkFyxW3PgBW34mr1RydTt9vciXppk92iTADUPGPl37m0wnUPwGllGGy8z4N5rNn6oH6%2BhjS%2FIC59oSKI3o8kArA6F%2Fw4le%2FbXKG8cz7E4%2FSPJ%2FjPt3SX4Rp7o%2BoLzL344J%2BMnvECRwhTN8UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
x-amz-apigw-id
YPoP7HQmoAMEg0w=
x-amz-cf-id
_7QZzzu_WMd60YsAgeTGzYR4EyyzC9FHFF5SXiWxRbPehT25BYIt7g==
x-amz-cf-pop
FRA60-P1
x-amzn-requestid
21e0f3a8-36b2-41ee-9dc6-d235909b4f32
x-amzn-trace-id
Root=1-664fba65-39dc815162a27f2c5cd31eee
x-cache
Miss from cloudfront
log
writer.cardinalcommerce.com/prod/ 		15 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://writer.cardinalcommerce.com/prod/log
Requested by
Host: centinelapi.cardinalcommerce.com
URL: https://centinelapi.cardinalcommerce.com/javascript/vendors.f57873e506781e6fb833.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29ee2b15c494311c52521766e44af56a3ad2248e7a8ab465e5206463c13d288

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
X-Cardinal-Tid
70e504f3-3bbe-4fb7-b9d1-74fdaf80c147
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json;charset=UTF-8
Referer
https://centinelapi.cardinalcommerce.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 21:51:34 GMT
via
1.1 142ded88048f806cc40a5a225130cc8a.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA60-P1
x-amzn-requestid
d583ebf7-dd6a-49ba-a6a0-b5b7517031bc
x-cache
Miss from cloudfront
x-amz-apigw-id
YPoP_HLUIAMEkWg=
content-length
15
server
cloudflare
x-amzn-trace-id
Root=1-664fba66-6e65fc5b7258156f36f2f986
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JNCa0Slu4ojFnLnVBtLRzs4NMWpRVNLxA8hoAIPXk9lkmkI5ATxhrwMGNk%2B5y%2B5hdGOrUDE3bAQLiD5WCmCM5pjfZtZ3wjXagMoAzlbgabej8pMlmLCWBuRyHyS6D1O5xJa7WCxVtKxHdJ3wW1bvrUyeFfJ7FtNk2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cf-ray
8888449c285691ea-FRA
x-amz-cf-id
sptRidijHC9s0xiLOgVIAvvJTAK_XhKzmbwPJIHL8_dHB3z_GwAiqg==
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e108b5790b836ec5c465f5715e81d62a15bfe9a6030b1c5320d0102966633520

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
creq
acsv2.m2pfintech.com/emv/auth/process/10058/ Frame 0C18 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acsv2.m2pfintech.com/emv/auth/process/10058/creq
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.1.50.214 -, , ASN (),
Reverse DNS
Software
/ disable
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options same-origin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Content-Type
application/x-www-form-urlencoded
Origin
https://centinelapi.cardinalcommerce.com
Referer
https://centinelapi.cardinalcommerce.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, pre-check=0, post-check=0, max-age=0, s-maxage=0
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Thu, 23 May 2024 21:51:33 GMT
expires
0
pragma
no-cache
referrer-policy
same-origin
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
same-origin
x-permitted-cross-domain-policies
none
x-powered-by
disable
x-xss-protection
1; mode=block
favicon.ico
centinelapi.cardinalcommerce.com/ 		431 B
653 B 		Other
General
Check archive.org
Download Go to
Full URL
https://centinelapi.cardinalcommerce.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2606:4700::c6d9:fbfa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270d2fb55aa801662897590a27ec1c152407fa36be1d6678c27fd8c1859239e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://centinelapi.cardinalcommerce.com/V2/Cruise/StepUp
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 23 May 2024 21:51:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
183
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DwwWsEgJQrBg2rAiHNp5p9Ytc91tzl6NFEJEi5qvBC3uzNK8rCJMfbsk5DlmCYHtmeyFaG75maSR9jV%2FUzZkf5qjkAHd4kMISRzo%2FqM3QkUiUJq%2BciPxs8V8aWTkSAIPmx60TdZTIZdU2HD2MbP%2FGGr%2Fe%2FZwzLg%2Bco9%2B%2F0mU"}],"group":"cf-nel","max_age":604800}
content-type
text/html;charset=utf-8
content-language
en
cache-control
public, max-age=14400
cf-ray
888844998d152ba2-FRA
expires
Fri, 24 May 2024 01:51:33 GMT
log
writer.cardinalcommerce.com/prod/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
writer.cardinalcommerce.com
URL
https://writer.cardinalcommerce.com/prod/log

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunkCruiseAPI object| CruiseAPI

5 Cookies

Domain/Path Name / Value
.paystack.co/ Name: __cf_bm
Value: Sg_2ZV2MEsbFl2TsQg.Z25oo2UeA7UQxYxGJkfgjsLg-1716501089-1.0.1.1-X9y7InAVuZvcZRxNzlh.PvzLuMmvw1m9H2eOhaZj1UPnatK4DSiKRB6CgLCfFc7fFYlokrHqmeVVlcdm0H6BJQ
.paystack.co/ Name: cf_clearance
Value: ysyNThL_kmqNbMoXnXhwIoC5dvfJXcEnlLnKX1haRIc-1716501090-1.0.1.1-MFxqZKuAtn3XU.tA51S7l5M7syyoKFMECSwGUrj4C7pH8sFFOrvoZV7Tga0oLweq8GEwofjfal6pWOko0jb1Sg
centinelapi.cardinalcommerce.com/ Name: BIGipServerCentinel-Prod-Web-CentinelAPI.app~Centinel-Prod-Web-CentinelAPI_pool
Value: !eiqdes13LtFs9t5KvwUSsyLeVJfn4E5bszXl0xjnrONqHp5J4welOHzy6pq42JYi3fBVGbVROBclOw==
centinelapi.cardinalcommerce.com/ Name: TS01906b0c
Value: 01389e5c0677d4776617c31108214cd5105b677406db57d0d6818e7fbb1784e7be05f234c5e459cc1d245afc3fc3052b3ffb0de529b62a7a33314b8104404715073954a822
.cardinalcommerce.com/ Name: __cfruid
Value: d4b2189d362dfde39ba7421412af87e7b2297b7a-1716501093

12 Console Messages

Source Level URL
Text
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://standard.paystack.co/charge/auth/ade0292vjbj9eb503f3?selected_currency=0&lang=en
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://centinelapi.cardinalcommerce.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff