innovation-platform-qa.visa.com Open in urlscan Pro
198.241.155.191 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://innovation-platform-qa.visa.com/lme/qapen/
Submission: On September 14 via manual (September 14th 2023, 5:56:05 am UTC) from IN — Scanned from DE

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 27 HTTP transactions. The main IP is 198.241.155.191, located in United States and belongs to VISANET, US. The main domain is innovation-platform-qa.visa.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on May 5th 2023. Valid for: a year.

This is the only time innovation-platform-qa.visa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	198.241.155.191 198.241.155.191	2559 (VISANET) (VISANET)
1	104.18.4.120 104.18.4.120	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.98.27 104.16.98.27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
14	91.235.133.182 91.235.133.182	30286 (THM) (THM)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
27	8

3 198.241.155.191 (United States)

ASN2559 (VISANET, US)

innovation-platform-qa.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.4.120 (None, )

ASN13335 (CLOUDFLARENET, US)

sandbox-assets.secure.checkout.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.98.27 (None, )

ASN13335 (CLOUDFLARENET, US)

sandbox.secure.checkout.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 91.235.133.182 (United States)

ASN30286 (THM, US)

thm.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.235.132.130 (United States)

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

ay3xz4mac5j7p6qylpjpeey2kohbykw35rcfl4bmda1a6bfcc45829fbam1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	visa.com innovation-platform-qa.visa.com sandbox-assets.secure.checkout.visa.com — Cisco Umbrella Rank: 603877 sandbox.secure.checkout.visa.com thm.visa.com — Cisco Umbrella Rank: 55169	267 KB
3	online-metrix.net h.online-metrix.net — Cisco Umbrella Rank: 3241 ay3xz4mac5j7p6qylpjpeey2kohbykw35rcfl4bmda1a6bfcc45829fbam1.e.aa.online-metrix.net	16 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	102 KB
27	4

	Domain	Requested by
14	thm.visa.com	sandbox.secure.checkout.visa.com thm.visa.com
3	sandbox.secure.checkout.visa.com	sandbox-assets.secure.checkout.visa.com sandbox.secure.checkout.visa.com
3	innovation-platform-qa.visa.com	innovation-platform-qa.visa.com
2	h.online-metrix.net	thm.visa.com
2	www.google-analytics.com	www.googletagmanager.com sandbox.secure.checkout.visa.com
1	ay3xz4mac5j7p6qylpjpeey2kohbykw35rcfl4bmda1a6bfcc45829fbam1.e.aa.online-metrix.net
1	www.googletagmanager.com	sandbox.secure.checkout.visa.com
1	sandbox-assets.secure.checkout.visa.com	innovation-platform-qa.visa.com
27	8

This site contains no links.

Subject Issuer	Validity	Valid
innovation-platform-qa.visa.com SSL.com RSA SSL subCA	`2023-05-05` - `2024-05-04`	a year	crt.sh
sandbox-assets.secure.checkout.visa.com Cloudflare Inc ECC CA-3	`2023-07-22` - `2024-07-21`	a year	crt.sh
sandbox.secure.checkout.visa.com Cloudflare Inc RSA CA-2	`2023-04-03` - `2024-04-01`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
thm.visa.com SSL.com RSA SSL subCA	`2023-03-22` - `2024-03-21`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-06-14` - `2024-07-01`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://innovation-platform-qa.visa.com/lme/qapen/
Frame ID: 34A97B5079E9D2C4AC161C7991B08E55
Requests: 4 HTTP requests in this frame

Frame: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Finnovation-platform-qa.visa.com&v2=true
Frame ID: BC1C97DE26C47DAFE8CDA325B1544490
Requests: 6 HTTP requests in this frame

Frame: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
Frame ID: 016FA4A04A024381C6F417F9148B34DD
Requests: 11 HTTP requests in this frame

Frame: https://thm.visa.com/fp/ls_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb
Frame ID: F4906CB83F98EF2B986C869B8D4375E4
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb
Frame ID: 8F4C7B719BD5B0DAFC4EAEE4B138309D
Requests: 2 HTTP requests in this frame

Frame: https://thm.visa.com/fp/top_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb
Frame ID: 39608D99CD852CC3546BAA7E0445F434
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Live Merchant Experience

Detected technologies

Visa Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

secure\.checkout\.visa\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

27
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

8
Subdomains

8
IPs

3
Countries

405 kB
Transfer

5202 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
innovation-platform-qa.visa.com/lme/qapen/ 2 KB
1 KB 764ms
132ms Document
text/html 198.241.155.191
VISANET

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation-platform-qa.visa.com/lme/qapen/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.241.155.191 , United States, ASN2559 (VISANET, US),

Reverse DNS

Software

Apache /

Resource Hash

f79207bb9110e5c27e837b122196ecaa16185f8008f6e7584a97a11fdfe5c539

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 14 Sep 2023 05:55:59 GMT
ETag: W/"1-7c5"
Keep-Alive: timeout=15, max=100
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubdomains
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK flutter.js Show response
innovation-platform-qa.visa.com/lme/qapen/ 13 KB
14 KB 126ms
124ms Script
application/javascript 198.241.155.191
VISANET

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation-platform-qa.visa.com/lme/qapen/flutter.js

Requested by

Host: innovation-platform-qa.visa.com
URL: https://innovation-platform-qa.visa.com/lme/qapen/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.241.155.191 , United States, ASN2559 (VISANET, US),

Reverse DNS

Software

Apache /

Resource Hash

9ec1a8902a32df9326650caa73ef244c5069d73b0e8fe8f6c026de74aff7a2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innovation-platform-qa.visa.com/lme/qapen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 05:55:59 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Server: Apache
ETag: "1-3507"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=99
Content-Length: 13575
X-XSS-Protection: 1; mode=block

GET
H2 200 visaSdk.js Show response
sandbox-assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/ 131 KB
44 KB 471ms
388ms Script
application/javascript 104.18.4.120
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js?v2

Requested by

Host: innovation-platform-qa.visa.com
URL: https://innovation-platform-qa.visa.com/lme/qapen/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.120 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93ad69575daa01c5195a3cd6ffce2e2c16c2aaf253145e668b95a4df9c558593

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' .visa.com https://accounts.google.com sandbox.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' https://thm.visa.com http://thm.visa.com .secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com .optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com .googleapis.com .google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com .mastercard.com .googletagmanager.com https://cdn.appdynamics.com .opendns.com .trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com .amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' https://thm.visa.com http://thm.visa.com .secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com .optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com .googleapis.com .google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com .mastercard.com .googletagmanager.com https://cdn.appdynamics.com .opendns.com .trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com https://connect.facebook.net .amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval' sandbox.bc.earlywarning.com bc.earlywarning.com; frame-src data: 'self' .visa.com .mastercard.com .americanexpress.com .aexp-static.com .assets.mastercard.com .doubleclick.net .online-metrix.net https://www.googletagmanager.com .googleapis.com h.online-metrix.net .cardinalcommerce.com .opendns.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; style-src 'self' .aexp-static.com .assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com .googleapis.com .secure.checkout.visa.com https://pwm-image.trendmicro.com 'unsafe-inline' sandbox.bc.earlywarning.com bc.earlywarning.com; style-src-elem 'self' https://icm.aexp-static.com .assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com .secure.checkout.visa.com 'unsafe-inline'; img-src data: 'self' .discover.com .americanexpress.com .assets.mastercard.com .mastercard.com assets.mastercard.com .secure.checkout.visa.com https://google.com https://cdn.betrad.com .vmeimages.visa.com l.betrad.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://src.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://www.aexp-static.com .optimizely.com .doubleclick.net .online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://sandbox.assets.vims.visa.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://maps.googleapis.com .googletagmanager.com .google.com .assets.vims.visa.com .twitter.com .opendns.com h.online-metrix.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://www.facebook.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gp www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat sandbox.bc.earlywarning.com bc.earlywarning.com; connect-src 'self' http://secure.checkout.visa.com .visa.com .google-analytics.com .optimizely.com .doubleclick.net https://translate.googleapis.com .googleapis.com code.jquery.com .googletagmanager.com .opendns.com .secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com wss://secure.checkout.visa.com .opendns.com http://secure.checkout.visa.com https://policy.cookiereports.com https://thm.visa.com https://gateway.zscaler.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com .visa.com https://fonts.googleapis.com .googleusercontent.com *.secure.checkout.visa.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innovation-platform-qa.visa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 05:55:59 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: MISS
x-correlation-id: 2_1694670959_345_71_k8l55-59c954d54-29l_CHECKOUT-WIDGET
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com sandbox.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com https://connect.facebook.net *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval' sandbox.bc.earlywarning.com bc.earlywarning.com; frame-src data: 'self' *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com h.online-metrix.net *.cardinalcommerce.com *.opendns.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; style-src 'self' *.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com *.secure.checkout.visa.com https://pwm-image.trendmicro.com 'unsafe-inline' sandbox.bc.earlywarning.com bc.earlywarning.com; style-src-elem 'self' https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.secure.checkout.visa.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com *.assets.mastercard.com *.mastercard.com assets.mastercard.com *.secure.checkout.visa.com https://google.com https://cdn.betrad.com *.vmeimages.visa.com l.betrad.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://src.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://sandbox.assets.vims.visa.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://maps.googleapis.com *.googletagmanager.com *.google.com *.assets.vims.visa.com *.twitter.com *.opendns.com h.online-metrix.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://www.facebook.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gp www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat sandbox.bc.earlywarning.com bc.earlywarning.com; connect-src 'self' http://secure.checkout.visa.com *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com code.jquery.com *.googletagmanager.com *.opendns.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com wss://secure.checkout.visa.com *.opendns.com http://secure.checkout.visa.com https://policy.cookiereports.com https://thm.visa.com https://gateway.zscaler.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com *.secure.checkout.visa.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
content-encoding: br
x-served-by: k8l55-59c954d54-29l
server: cloudflare
vary: Accept-Encoding
report-to: { "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 8066625708f92681-TXL
expires: Thu, 14 Sep 2023 06:55:59 GMT

GET
H2 200 communicator Show response
sandbox.secure.checkout.visa.com/checkout-widget/ Frame BC1C 2 KB
8 KB 371ms
271ms Document
text/html 104.16.98.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Finnovation-platform-qa.visa.com&v2=true

Requested by

Host: sandbox-assets.secure.checkout.visa.com
URL: https://sandbox-assets.secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js?v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.98.27 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21ba0059635e60b9bfff2fb7645abe3d05e1aab5553f40fc733e83ff32c2e706

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' .visa.com https://accounts.google.com sandbox.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' https://thm.visa.com http://thm.visa.com .secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com .optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com .googleapis.com .google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com .mastercard.com .googletagmanager.com https://cdn.appdynamics.com .opendns.com .trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com .amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' https://thm.visa.com http://thm.visa.com .secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com .optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com .googleapis.com .google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com .mastercard.com .googletagmanager.com https://cdn.appdynamics.com .opendns.com .trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com https://connect.facebook.net .amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval' sandbox.bc.earlywarning.com bc.earlywarning.com; frame-src data: 'self' .visa.com .mastercard.com .americanexpress.com .aexp-static.com .assets.mastercard.com .doubleclick.net .online-metrix.net https://www.googletagmanager.com .googleapis.com h.online-metrix.net .cardinalcommerce.com .opendns.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; style-src 'self' .aexp-static.com .assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com .googleapis.com .secure.checkout.visa.com https://pwm-image.trendmicro.com 'unsafe-inline' sandbox.bc.earlywarning.com bc.earlywarning.com; style-src-elem 'self' https://icm.aexp-static.com .assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com .secure.checkout.visa.com 'unsafe-inline'; img-src data: 'self' .discover.com .americanexpress.com .assets.mastercard.com .mastercard.com assets.mastercard.com .secure.checkout.visa.com https://google.com https://cdn.betrad.com .vmeimages.visa.com l.betrad.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://src.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://www.aexp-static.com .optimizely.com .doubleclick.net .online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://sandbox.assets.vims.visa.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://maps.googleapis.com .googletagmanager.com .google.com .assets.vims.visa.com .twitter.com .opendns.com h.online-metrix.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://www.facebook.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gp www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat sandbox.bc.earlywarning.com bc.earlywarning.com; connect-src 'self' http://secure.checkout.visa.com .visa.com .google-analytics.com .optimizely.com .doubleclick.net https://translate.googleapis.com .googleapis.com code.jquery.com .googletagmanager.com .opendns.com .secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com wss://secure.checkout.visa.com .opendns.com http://secure.checkout.visa.com https://policy.cookiereports.com https://thm.visa.com https://gateway.zscaler.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com .visa.com https://fonts.googleapis.com .googleusercontent.com *.secure.checkout.visa.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://innovation-platform-qa.visa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8066625a5ef835ea-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com sandbox.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' https://thm.visa.com http://thm.visa.com *.secure.checkout.visa.com https://secure.checkout.visa.com https://api-mastercard-src.nd.nudatasecurity.com https://www.aexp-static.com https://aug.americanexpress.com https://srcdcf.americanexpress.com https://qwww.aexp-static.com *.optimizely.com https://www.google-analytics.com https://maps.googleapis.com https://payments.google.com https://spay.samsung.com https://policy.cookiereports.com https://translate.google.com *.googleapis.com *.google-analytics.com https://cdnjs.cloudflare.com https://sandbox.src.discover.com *.mastercard.com *.googletagmanager.com https://cdn.appdynamics.com *.opendns.com *.trendmicro.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://sandbox-assets.secure.checkout.visa.com https://connect.facebook.net *.amazonaws.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com www.discover-src.com 'unsafe-inline' 'unsafe-eval' sandbox.bc.earlywarning.com bc.earlywarning.com; frame-src data: 'self' *.visa.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.doubleclick.net *.online-metrix.net https://www.googletagmanager.com *.googleapis.com h.online-metrix.net *.cardinalcommerce.com *.opendns.com https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; style-src 'self' *.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.googleapis.com *.secure.checkout.visa.com https://pwm-image.trendmicro.com 'unsafe-inline' sandbox.bc.earlywarning.com bc.earlywarning.com; style-src-elem 'self' https://icm.aexp-static.com *.assets.mastercard.com https://fonts.googleapis.com https://translate.googleapis.com *.secure.checkout.visa.com 'unsafe-inline'; img-src data: 'self' *.discover.com *.americanexpress.com *.assets.mastercard.com *.mastercard.com assets.mastercard.com *.secure.checkout.visa.com https://google.com https://cdn.betrad.com *.vmeimages.visa.com l.betrad.com https://cdn.betrad.com https://assets.secure.checkout.visa.com https://thm.visa.com https://secure.checkout.visa.com https://src.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com https://www.aexp-static.com *.optimizely.com *.doubleclick.net *.online-metrix.net https://www.google-analytics.com https://www.google.com https://maps.gstatic.com https://sandbox.assets.vims.visa.com https://www.gstatic.com https://translate.google.com https://translate.googleapis.com https://maps.googleapis.com *.googletagmanager.com *.google.com *.assets.vims.visa.com *.twitter.com *.opendns.com h.online-metrix.net https://gateway.zscalertwo.net https://gateway.zscalerthree.net https://gateway.zscloud.net https://gateway.zscalergov.net https://gateway.zscaler.net https://gateway.zscalerone.net https://www.facebook.com www.google.ad www.google.ae www.google.com.af www.google.com.ag www.google.com.ai www.google.al www.google.am www.google.co.ao www.google.com.ar www.google.as www.google.at www.google.com.au www.google.az www.google.ba www.google.com.bd www.google.be www.google.bf www.google.bg www.google.com.bh www.google.bi www.google.bj www.google.com.bn www.google.com.bo www.google.com.br www.google.bs www.google.bt www.google.co.bw www.google.by www.google.com.bz www.google.ca www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.co.ck www.google.cl www.google.cm www.google.cn www.google.com.co www.google.co.cr www.google.com.cu www.google.cv www.google.com.cy www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.com.do www.google.dz www.google.com.ec www.google.ee www.google.com.eg www.google.es www.google.com.et www.google.fi www.google.com.fj www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.com.gh www.google.com.gi www.google.gl www.google.gm www.google.gp www.google.gr www.google.com.gt www.google.gy www.google.com.hk www.google.hn www.google.hr www.google.ht www.google.hu www.google.co.id www.google.ie www.google.co.il www.google.im www.google.co.in www.google.iq www.google.is www.google.it www.google.je www.google.com.jm www.google.jo www.google.co.jp www.google.co.ke www.google.com.kh www.google.ki www.google.kg www.google.co.kr www.google.com.kw www.google.kz www.google.la www.google.com.lb www.google.li www.google.lk www.google.co.ls www.google.lt www.google.lu www.google.lv www.google.com.ly www.google.co.ma www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.com.mm www.google.mn www.google.ms www.google.com.mt www.google.mu www.google.mv www.google.mw www.google.com.mx www.google.com.my www.google.co.mz www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.ne www.google.nl www.google.no www.google.com.np www.google.nr www.google.nu www.google.co.nz www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.pl www.google.pn www.google.com.pr www.google.ps www.google.pt www.google.com.py www.google.com.qa www.google.ro www.google.ru www.google.rw www.google.com.sa www.google.com.sb www.google.sc www.google.se www.google.com.sg www.google.sh www.google.si www.google.sk www.google.com.sl www.google.sn www.google.so www.google.sm www.google.sr www.google.st www.google.com.sv www.google.td www.google.tg www.google.co.th www.google.com.tj www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.com.tr www.google.tt www.google.com.tw www.google.co.tz www.google.com.ua www.google.co.ug www.google.co.uk www.google.com.uy www.google.co.uz www.google.com.vc www.google.co.ve www.google.vg www.google.co.vi www.google.com.vn www.google.vu www.google.ws www.google.rs www.google.co.za www.google.co.zm www.google.co.zw www.google.cat sandbox.bc.earlywarning.com bc.earlywarning.com; connect-src 'self' http://secure.checkout.visa.com *.visa.com *.google-analytics.com *.optimizely.com *.doubleclick.net https://translate.googleapis.com *.googleapis.com code.jquery.com *.googletagmanager.com *.opendns.com *.secure.checkout.visa.com https://srcservicing-qa.americanexpress.com https://sandbox.src.mastercard.com wss://secure.checkout.visa.com *.opendns.com http://secure.checkout.visa.com https://policy.cookiereports.com https://thm.visa.com https://gateway.zscaler.net https://webapp.sandbox.src.discover.com https://dcf.sandbox.src.discover.com https://sbx.src.apis.discover.com https://content.discovercard.com https://smetrics.discover.com sandbox.bc.earlywarning.com bc.earlywarning.com; media-src 'none'; font-src data: 'self' https://www.aexp-static.com https://fonts.gstatic.com *.visa.com https://fonts.googleapis.com *.googleusercontent.com *.secure.checkout.visa.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
content-type: text/html;charset=UTF-8
date: Thu, 14 Sep 2023 05:55:59 GMT
expires: Wed, 31 Dec 1969 23:59:59 GMT
pragma: no-cache
report-to: { "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-correlation-id: 2_1694670959_875_77_k8l55-59c954d54d2v_CHECKOUT-WIDGET
x-served-by: k8l55-59c954d54d2v

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame BC1C 850 KB
102 KB 527ms
339ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NPJV7W&l=dataLayer

Requested by

Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Finnovation-platform-qa.visa.com&v2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b0076e001f3a142e63749597a2d46cba6c6a50864f7024d6bb4207f968a3f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandbox.secure.checkout.visa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 05:56:00 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103617
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Sep 2023 05:56:00 GMT

GET
H2 200 vba-3.1.4.min.js Show response
sandbox.secure.checkout.visa.com/checkout-widget/resources/vba/js/ Frame BC1C 163 KB
58 KB 76ms
75ms Script
application/javascript 104.16.98.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.secure.checkout.visa.com/checkout-widget/resources/vba/js/vba-3.1.4.min.js

Requested by

Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Finnovation-platform-qa.visa.com&v2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.98.27 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17f06c6c1392a20731840b1b844028b5cbd9e2f9699e33d1e863533812f43a3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Finnovation-platform-qa.visa.com&v2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 05:56:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 07 Sep 2023 17:58:04 GMT
server: cloudflare
age: 27803
etag: W/"64fa0f2c-28d5e"
vary: Accept-Encoding
content-type: application/javascript
content-encoding: br
cache-control: public, max-age=14400
cf-ray: 8066625c388335ea-FRA
expires: Thu, 14 Sep 2023 09:56:00 GMT

GET
H2 200 communicator.0500ab95.js Show response
sandbox.secure.checkout.visa.com/checkout-widget/resources/src-system/ Frame BC1C 240 KB
65 KB 320ms
320ms Script
application/javascript 104.16.98.27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox.secure.checkout.visa.com/checkout-widget/resources/src-system/communicator.0500ab95.js

Requested by

Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Finnovation-platform-qa.visa.com&v2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.98.27 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4d0163235cfda24f16664182a5710048476bedea23f1c0a6971bc756cb4830

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Finnovation-platform-qa.visa.com&v2=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 05:56:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Thu, 07 Sep 2023 17:57:48 GMT
server: cloudflare
content-encoding: br
etag: W/"64fa0f1c-3c01c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8066625c388435ea-FRA
expires: Thu, 14 Sep 2023 09:56:00 GMT

GET
H/1.1 200
OK tags Show response
thm.visa.com/fp/ Frame 016F 683 B
1 KB 135ms
36ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km

Requested by

Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/resources/src-system/communicator.0500ab95.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

c4568edad3b1af640ecf291d5632118233d4b113b90170686f69a05548d4ad3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sandbox.secure.checkout.visa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 361
Content-Type: text/html;charset=UTF-8
Date: Thu, 14 Sep 2023 05:56:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
P3P: CP=IVAa PSAa
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame BC1C 52 KB
21 KB 178ms
56ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NPJV7W&l=dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandbox.secure.checkout.visa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 05:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 378
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 14 Sep 2023 07:49:43 GMT

GET
H/1.1 200
OK clear.png
thm.visa.com/fp/ Frame 016F 81 B
474 B 35ms
35ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&ck=0&m=2

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A Show response
thm.visa.com/fp/ Frame 016F 266 KB
44 KB 81ms
46ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

19886bb783d7ac27748ae49fecb21d7d691d09f34e380bc64f6e8584b24c5c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: da1a6bfcc45829fb
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=98
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
thm.visa.com/fp/ Frame 016F 81 B
475 B 95ms
35ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&w=da1a6bfcc45829fb&ck=0&m=1

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame BC1C 35 B
194 B 57ms
57ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&aip=1&a=878044145&t=event&ni=0&_s=1&dl=https%3A%2F%2Fsandbox.secure.checkout.visa.com%2Fcheckout-widget%2Fcommunicator%3FparentUrl%3Dhttps%253A%252F%252Finnovation-platform-qa.visa.com%26v2%3Dtrue&dr=https%3A%2F%2Finnovation-platform-qa.visa.com%2F&ul=en-us&de=UTF-8&dt=Visa%20SRC%20Communicator&sd=24-bit&sr=1600x1200&vp=&je=0&ec=THM%20Profiling&ea=THM%20Profiling%20Request&el=THM%20Request-Attempt-1-Non%20SSI&_u=YEAAAAABAAAAAAAAIE~&cid=1644890099.1694670961&tid=UA-61684798-4&_gid=781057565.1694670961&gtm=45He39b0h1n71NPJV7W&cd3=undefined&cd16=Merchant&cd19=undefined&cd23=undefined&cd31=1&cd36=undefined&cd81=undefined&cd100=undefined&cd101=undefined&cd102=undefined&cd108=undefined-undefined&cd120=undefined&cd127=undefined&cd128=undefined&cd131=undefined&cd135=undefined&cd136=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.187%20Safari%2F537.36&cd137=unknown&cd153=undefined&cd164=undefined&cd165=undefined&cd167=undefined&cd169=undefined&cd171=undefined&cd173=undefined&cd174=undefined&cd175=undefined&cd176=undefined&cd178=undefined&cd179=undefined&cd181=undefined&cd183=undefined&cd184=undefined&cd185=undefined&cd186=undefined&cd187=undefined&cd189=undefined&cd190=undefined&cd191=undefined&cd192=undefined&cd193=undefined&cd194=undefined&cd195=undefined&z=1208893761

Requested by

Host: sandbox.secure.checkout.visa.com
URL: https://sandbox.secure.checkout.visa.com/checkout-widget/communicator?parentUrl=https%3A%2F%2Finnovation-platform-qa.visa.com&v2=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sandbox.secure.checkout.visa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Sep 2023 19:38:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37039
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK main.dart.js
innovation-platform-qa.visa.com/lme/qapen/ 3 MB
0 124ms
124ms Script
application/javascript 198.241.155.191
VISANET

General

Check archive.org

Show headers Download Go to

Full URL

https://innovation-platform-qa.visa.com/lme/qapen/main.dart.js

Requested by

Host: innovation-platform-qa.visa.com
URL: https://innovation-platform-qa.visa.com/lme/qapen/flutter.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

198.241.155.191 , United States, ASN2559 (VISANET, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://innovation-platform-qa.visa.com/lme/qapen/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-Content-Type-Options: nosniff
Last-Modified: Thu, 01 Jan 1970 00:00:01 GMT
Server: Apache
ETag: "1-380917"
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=97
Content-Length: 3672343
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
thm.visa.com/fp/ Frame 016F 81 B
476 B 35ms
35ms XHR
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, ay3xz4ma/da1a6bfcc45829fbvme_prod_00181j0km
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 14 Sep 2023 05:56:01 GMT
Server: Apache
Etag: a87fc85ecf324b959d9f77ae63abc919
Content-Type: image/png
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
Content-Length: 81
Expires: Tue, 12 Sep 2028 05:56:01 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A Show response
thm.visa.com/fp/ Frame F490 91 KB
14 KB 39ms
38ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/ls_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e1dd0180783c93d7b9b09bb61c986108f58acd1a6df97941f59b52f59563fe86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 14 Sep 2023 05:56:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
thm.visa.com/fp/ Frame 016F 0
387 B 36ms
35ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&jb=313e2666736337643266333369613d616c3a673c633d633a3833336338363e6138363e3c343b65

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
thm.visa.com/fp/ Frame 016F 134 B
655 B 37ms
37ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/es.js?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b01fcc55cecc510f50bac37cf205c74964c3d7330da74070b2b507db9b668867

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A Show response
h.online-metrix.net/fp/ Frame 8F4C 103 KB
15 KB 129ms
38ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

ea29d2a8b2ba95834a57b78b7634967c9957ea857c9cfff0ba04eae03c63cee4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thm.visa.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 14 Sep 2023 05:56:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A Show response
thm.visa.com/fp/ Frame 3960 89 KB
13 KB 39ms
38ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/top_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

c33b4c064d90b20030311260962c9fe9bec07cb80f0c99c58582ad311bdd0da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Thu, 14 Sep 2023 05:56:01 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=95
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
thm.visa.com/fp/ Frame 016F 0
218 B 37ms
36ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&ja=333037392624693d3c30267a35363a266c35333e303a783338303a26616635313c303a70333a303a26717279373078302e647a7237392e39363a302e3b323a302c313e303a2c3b3a32382c39303226313f302c313e303a2c3b3a32382c3a2c322c6d7e3d613830326b62696c613f376e64646e66336561383c313b343d38346a396b37632c6d643d34267b636e3d383c2464683768767e70792533412d324c25384e76606d24766b796124636f6d2d324c667a2d304e746b67712f334c6f726757696e25394c637133727a3667612f3236736d73796965665d61642f33467c6d6f5f7072676455303a393a396a3a6b6f2c70663d332678683737326e3030616b36606966686531313b623d33323f636d306e33606e6238643426606837323c3934303738346069613e3332333d343a356b6c3731623f333a6b65326335266273653d5d616c6c6f7d732738303b30266a7b623743627a6d65652f32323b313c266a7367753757636666677779266879627f3d43687a6f67652c666a6b3d3e266c6e6d3738266e65747a3d3a2e767264374577786f7a6525324e426f7266616c2e6d6b746a783d3e3030336c316932686d6138326f366169353c3030383a616e313f3d3638316c64363f38323134316c366f616b3a366c633334636c626e37323339333b393c69246c723768767e70792533412d324c25384e71696e6e626d722e796563757a652463626d61636f7f742c7c6979612e63676d2f324c2e723570667565636e55666c617b682f354f6e6364736f217266756d696e5f7f696464657f71576d6f646b6b5f7a6c61796d722f354f6e6364736f217266756d696e5f696465626f57636b726562637e253f45666164736f217a64776f69645f737f69696b746965652f354f6e6364736f217266756d696e5f7b686563617f637e652f35476c6166736521786c7f6763665d7a656b6c726661736572253d456c61667b672970667565636e55766c6357706661736d702d354f666366736f21706c7d67636e556c677e616676702f354f66616c7b652b70667d65616e5573746d5f7c6965776d722f354f6e6364736f217266756d696e5f62617c612f3d476e616673672c67665f633d7f656867665f676a474625303a3124302532382845706f6645442538304759253830322e38253830496070676d63756f23576f62474c2d323a47465b4e2d323a45512f323a312e302d323a2845786766474625303a45592532304f4c594c2f3a324d532f32323b2e3a2532304b68786f67617765295d656041697e57656243697e253838556d624d4c43444746455f6966737e61646b676c5f6b72706b79792533422d323a45525c5d6a6c6f6e66556d636e6d61702539422f3a324d585e5f61656c65725f627d666c6578576a696c6c5f64666f6b7425334a2538304f50565766666f637e5f686c656e6c2539422f3a324d585e5f6478616d5f646578746225394a273a304f58565573626164657a5f7e65727c777a65556c6d6e253942253238455254557c6770747f72675563656d70726d73796965665d6a707e632739422f323045505455746f70767d726f5f61656d7a7265737b69656e557a657c632f33402f323a45585457746f787e7d706d5f6c696e7e65785f616e6173657478677261632f33402f323a45585457735847482d314a2538304d4f5355656c656565647455616c6c65725f77636e7e2533422d323a4f4f5b5d6e62655f706f6e6e65725f65697a6d6b78273b422f32324545595f7374696e6e61786c5d6c657869746b74637665732d33482538384d4d5355746772747f72655f6e6c65617e2d314a2538304d4f53557465787c757865556e6e67617e5f6e636e6f6172253b422f323a47475b5f7e657a7e7578655f68696c6c5f6c646d69742f33402f323a4f455357746f787e7d706d5f62616e6c5f6c6c6f617c5f6669646d637a2539422738304545535f7e6578746f705d697278617b556f686a65637c2539422f3a325f4548474e5563656c6f7257627f666c6d705766666f637e253942253238574f424d445d6b6f6770706f737965645f7c6572747f7a6757617974612f33482532305f454847465761676d7a726779736f645f746d787e75786d5d6d746925314825383057454a47465f69676f78726f73716f64557465787c757865556d766b312f33402f323a5745424f4c55636565727a657973676e5f7e6578747d726f5f793b766b2539422738305d454247445f696f6778706d7379656655746f7874757a655573397c6157737867602f33482532305f4548474657666d627f675d7865646465726d725569646e6d2d334825303a574f42474c57646f707e605d7c6572747778652f3342253a305d45484f4e576478617555627f6666657a732f33482d3038574f4245465f666f73655763656e7e6d7a7c2539422738305d454247445f6775667c6b57647861753b362c676c5f603d39666c3d666e663e37363a646e6334303f653c32686d326d373e64303f353e3631303c643e323f31247f6766763f436e7e656c253a30436e6926247f6766723f436e7e656c253a304372637b273a304570676447462532304d6e6d69646d246b636e3d37&jb=333d352c6c73374d657a696c64612f324c3d2c382538302a5d6964646f777b253830445c273a303b302c3a25394225323857636e3c3c273b422f323272363e29253238417a70666d556d624169762f324c35333726333c2538382a43485e4d4e2f3249253230646961652f3a324f65696b6d2325383043687a6f67652f3a4439313c2e3224353234352e39383d2538385169666b726b2f324c35333726333c

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
ay3xz4mac5j7p6qylpjpeey2kohbykw35rcfl4bmda1a6bfcc45829fbam1.e.aa.online-metrix.net/fp/ Frame 016F 81 B
438 B 141ms
35ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ay3xz4mac5j7p6qylpjpeey2kohbykw35rcfl4bmda1a6bfcc45829fbam1.e.aa.online-metrix.net/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
thm.visa.com/fp/ Frame F490 0
387 B 35ms
35ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&jf=313e2666736037643266333369613d616c3a673c633d633a3833336338363e6138363e3c343b65

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/ls_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/ls_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK es.js Show response
thm.visa.com/fp/ Frame F490 134 B
655 B 36ms
36ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/es.js?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&fr

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/ls_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1726467b573142cc21a4135ef7cb1962406b46f896d1722ae647c269970a5c66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/ls_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=8A736A88CA902879C33A47325A56DC1A
thm.visa.com/fp/ Frame 016F 0
400 B 40ms
40ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thm.visa.com/fp/clear1.png;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&jf=3639362c736b6e5f786e643d7c64785f63494c7a394741787c724551584239662c73636c5d6c617e653f3b363334363738393c312c7b6b6c5f7e79726f3d7d65623a6d636e736b2e716164556b67733d393035393b303b333a3e323f326b38343e386965336438323a313a3e3230326b38343e386965336438333a313a3f323b343830323a34383935333d6369346c6d37396538386669313f34643369323a343f6c606a336f35613e313e6266303f3739323c38603b346e636333373b3335613c333f37393e3a6d383866373e386e3638633b376b61396c603a336b33333a313931303931316938683f3a30613a63606f373233333839366c313c3d326c383d65363f336f61267361645573636f3f3b303e353238323a3635336d383e363c30376c3738303a6b376865343230623a39333f606e6468363b6b39683665393e623a376e3a353d663835336b323f3938393e3239613d3c3338323831323a633f3265306d626b333839376e343262326f303d64366638363339683b343c386c66666b33683163656e313d376c6d676a646c376732323b643137383269663a2e716166783d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=D967D3B7FC1B63495878E9E62CEEAA5C
h.online-metrix.net/fp/ Frame 8F4C 0
400 B 38ms
38ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=D967D3B7FC1B63495878E9E62CEEAA5C?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&jf=3639362c736b6e5f786e643d7c64785f3a397743326c623252664e68337370332c73636c5d6c617e653f3b363334363738393c312c7b6b6c5f7e79726f3d7d65623a6d636e736b2e716164556b67733d393035393b303b333a3e323f326b38343e386965336438323a313a3e3230326b38343e386965336438333a313a3f323b343830323a346e3132663f633a663a6d343c393234643e666b3463626a3369663a6c3738633f623b39386b6238633b613d34686c6139333a64603a646b3666313a356f303a3b313e303f306738613e3330633f6332636b6d3a6e356f64633b363f3337313e356e32326d613c326f653b6f65336263346e323c663b313b6e3633336638663b64267361645573636f3f3b303e353238323a3633383b363c62693b613f346b30663a643b3139393f6469316c39316b3568303b3d343e30336230643f65396c323f376b38346933683338383d303e303a6b6138323831323a62326562353b386b38386c326b636932326b30396434336c6238353d3b6739326961633e33323432313c306c636e3b6069343b64633e63683437303e623a343a2e716166783d33

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
thm.visa.com/fp/ Frame 016F 0
387 B 36ms
35ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thm.visa.com/fp/clear.png?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb&jac=1&je=3038332c26756f69373139332633382e383c3a26323a38247a6d376e6f266a617e737e35273f422f323066657c656c253a322f334b392c38302f32412f32387374617c757925383a273b412f323069686b72676966672f32382d354c266b7566623d6961376231653c653c30336b636b63346c326b376331313233333c3b363e623f63313b37333662346c386e643e303438303938646f346c3033666b6432343f31246d78393d643b656f35396369663d353b3c353f363f64303e39393637353a346f39386e646b6232313339616b

Requested by

Host: thm.visa.com
URL: https://thm.visa.com/fp/check.js;CIS3SID=8A736A88CA902879C33A47325A56DC1A?org_id=ay3xz4ma&session_id=vme_prod_00181j0km&nonce=da1a6bfcc45829fb

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://thm.visa.com/fp/tags?org_id=ay3xz4ma&session_id=vme_prod_00181j0km
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 05:56:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sandbox-assets.secure.checkout.visa.com/	1969-12-31 23:59:59	Name: __cfruid Value: f1ed1e8ecff2a3959993d77f49f67f2f28cf2553-1694670959
.sandbox.secure.checkout.visa.com/	1969-12-31 23:59:59	Name: __cfruid Value: ce3da5e3782018e78138ab6c902fd086c60b64f1-1694670959
thm.visa.com/	1970-01-21 00:20:30	Name: thx_guid Value: 9cb789d4b721461ce96e34d04ea84562
thm.visa.com/	1970-01-21 00:20:30	Name: tmx_guid Value: AAycNiCBh4Cv0xMdLLHUEYP0IQfLbGgk2xntW-Bd9bXQ-YmmCc5VnlBsWW5RrZj2qgYBVoM2QshOo6FV5Ruaycniq0YPeg

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ay3xz4mac5j7p6qylpjpeey2kohbykw35rcfl4bmda1a6bfcc45829fbam1.e.aa.online-metrix.net
h.online-metrix.net
innovation-platform-qa.visa.com
sandbox-assets.secure.checkout.visa.com
sandbox.secure.checkout.visa.com
thm.visa.com
www.google-analytics.com
www.googletagmanager.com
104.16.98.27
104.18.4.120
198.241.155.191
2a00:1450:4001:81c::2008
2a00:1450:4001:82b::200e
91.235.132.130
91.235.133.182
91.235.134.131
1726467b573142cc21a4135ef7cb1962406b46f896d1722ae647c269970a5c66
17f06c6c1392a20731840b1b844028b5cbd9e2f9699e33d1e863533812f43a3a
19886bb783d7ac27748ae49fecb21d7d691d09f34e380bc64f6e8584b24c5c13
21ba0059635e60b9bfff2fb7645abe3d05e1aab5553f40fc733e83ff32c2e706
6b0076e001f3a142e63749597a2d46cba6c6a50864f7024d6bb4207f968a3f3f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a4d0163235cfda24f16664182a5710048476bedea23f1c0a6971bc756cb4830
93ad69575daa01c5195a3cd6ffce2e2c16c2aaf253145e668b95a4df9c558593
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9ec1a8902a32df9326650caa73ef244c5069d73b0e8fe8f6c026de74aff7a2cd
b01fcc55cecc510f50bac37cf205c74964c3d7330da74070b2b507db9b668867
c33b4c064d90b20030311260962c9fe9bec07cb80f0c99c58582ad311bdd0da1
c4568edad3b1af640ecf291d5632118233d4b113b90170686f69a05548d4ad3e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1dd0180783c93d7b9b09bb61c986108f58acd1a6df97941f59b52f59563fe86
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea29d2a8b2ba95834a57b78b7634967c9957ea857c9cfff0ba04eae03c63cee4
f79207bb9110e5c27e837b122196ecaa16185f8008f6e7584a97a11fdfe5c539

innovation-platform-qa.visa.com Open in urlscan Pro 198.241.155.191 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

27 Requests

100 %HTTPS

25 %IPv6

4 Domains

8 Subdomains

8 IPs

3 Countries

405 kBTransfer

5202 kBSize

4 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

4 Cookies

Security Headers

Indicators

innovation-platform-qa.visa.com Open in urlscan Pro
198.241.155.191 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

8
Subdomains

8
IPs

3
Countries

405 kB
Transfer

5202 kB
Size

4
Cookies

27 HTTP transactions
0 data transactions