Submitted URL: http://uigar.flywire.com/
Effective URL: https://payment.flywire.com/?recipient=UIG
Submission: On September 22 via api from LU — Scanned from DE

Summary

This website contacted 20 IPs in 2 countries across 14 domains to perform 55 HTTP transactions. The main IP is 2606:4700::6810:c40d, located in United States and belongs to CLOUDFLARENET, US. The main domain is payment.flywire.com. The Cisco Umbrella rank of the primary domain is 371800.
TLS certificate: Issued by E6 on September 14th 2024. Valid for: 3 months.
This is the only time payment.flywire.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 19 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 35.186.247.156 15169 (GOOGLE)
1 13.32.27.86 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
1 18.245.175.102 16509 (AMAZON-02)
4 52.222.236.42 16509 (AMAZON-02)
4 18.208.73.18 14618 (AMAZON-AES)
1 18.245.253.48 16509 (AMAZON-02)
4 2a03:2880:f17... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
2 13.33.187.68 16509 (AMAZON-02)
1 2600:9000:266... 16509 (AMAZON-02)
2 52.222.236.34 16509 (AMAZON-02)
1 34.96.67.224 396982 (GOOGLE-CL...)
1 34.102.232.42 396982 (GOOGLE-CL...)
55 20
Apex Domain
Subdomains
Transfer
19 flywire.com
uigar.flywire.com
www.flywire.com — Cisco Umbrella Rank: 800159
payment.flywire.com — Cisco Umbrella Rank: 371800
902 KB
8 ada.support
static.ada.support — Cisco Umbrella Rank: 8559
rollout.ada.support — Cisco Umbrella Rank: 8222
flywire.ada.support — Cisco Umbrella Rank: 611406
71 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
442 KB
5 heapanalytics.com
cdn.heapanalytics.com — Cisco Umbrella Rank: 836
heapanalytics.com — Cisco Umbrella Rank: 657
39 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
region1.google-analytics.com — Cisco Umbrella Rank: 3714
21 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
4 KB
3 sentry.io
sentry.io — Cisco Umbrella Rank: 145
439 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 834
script.hotjar.com — Cisco Umbrella Rank: 1077
61 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
72 KB
1 hexagon-analytics.com
hexagon-analytics.com — Cisco Umbrella Rank: 5917
288 B
1 siftscience.com
cdn.siftscience.com — Cisco Umbrella Rank: 9638
21 KB
1 cloudfront.net
dxvn2m2gq0cmw.cloudfront.net
21 KB
1 gstatic.com
fonts.gstatic.com
35 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
55 14
Domain Requested by
17 payment.flywire.com payment.flywire.com
5 www.googletagmanager.com payment.flywire.com
www.googletagmanager.com
4 www.facebook.com payment.flywire.com
4 heapanalytics.com payment.flywire.com
4 static.ada.support payment.flywire.com
static.ada.support
3 sentry.io payment.flywire.com
2 flywire.ada.support static.ada.support
2 rollout.ada.support payment.flywire.com
2 region1.google-analytics.com payment.flywire.com
2 www.google-analytics.com www.googletagmanager.com
payment.flywire.com
2 connect.facebook.net payment.flywire.com
connect.facebook.net
1 hexagon-analytics.com
1 cdn.siftscience.com payment.flywire.com
1 dxvn2m2gq0cmw.cloudfront.net payment.flywire.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com payment.flywire.com
1 cdn.heapanalytics.com payment.flywire.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com payment.flywire.com
1 www.flywire.com 1 redirects
1 uigar.flywire.com 1 redirects
55 21

This site contains links to these domains. Also see Links.

Domain
help.flywire.com
uillinois.edu
www.flywire.com
certifications.onlineada.com
Subject Issuer Validity Valid
flywire.com
E6
2024-09-14 -
2024-12-13
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-07-03 -
2025-07-22
a year crt.sh
cdn.heapanalytics.com
Amazon RSA 2048 M02
2024-05-29 -
2025-06-26
a year crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-07-01 -
2024-09-29
3 months crt.sh
*.hotjar.com
Amazon RSA 2048 M03
2024-05-22 -
2025-06-20
a year crt.sh
*.ada.support
Amazon RSA 2048 M02
2023-12-01 -
2024-12-29
a year crt.sh
heapanalytics.com
Amazon RSA 2048 M02
2023-11-09 -
2024-12-08
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
*.siftscience.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-05 -
2025-01-19
a year crt.sh
*.hexagon-analytics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-11-27 -
2024-11-03
a year crt.sh

This page contains 3 frames:

Primary Page: https://payment.flywire.com/?recipient=UIG
Frame ID: 2B6D1A7B24D456547FC361A24730572B
Requests: 55 HTTP requests in this frame

Frame: https://flywire.ada.support/embed/x-storage/69d2a1d/index.html
Frame ID: 3F2A6DE064E980143B54FCEFA396BFC7
Requests: 1 HTTP requests in this frame

Frame: https://flywire.ada.support/embed/button/69d2a1d/index.html
Frame ID: 08A2164F9563C3DC421208FFBD915BD3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Flywire - Delivering the most important & complex payments

Page URL History Show full URLs

  1. http://uigar.flywire.com/ HTTP 307
    https://uigar.flywire.com/ HTTP 301
    https://www.flywire.com/pay/uigar/ HTTP 301
    https://payment.flywire.com/?recipient=UIG Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • heap-\d+\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • cdn\.sift(?:science)?\.com/s\.js

Page Statistics

55
Requests

100 %
HTTPS

47 %
IPv6

14
Domains

21
Subdomains

20
IPs

2
Countries

1689 kB
Transfer

5640 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://uigar.flywire.com/ HTTP 307
    https://uigar.flywire.com/ HTTP 301
    https://www.flywire.com/pay/uigar/ HTTP 301
    https://payment.flywire.com/?recipient=UIG Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
payment.flywire.com/
Redirect Chain
  • http://uigar.flywire.com/
  • https://uigar.flywire.com/
  • https://www.flywire.com/pay/uigar/
  • https://payment.flywire.com/?recipient=UIG
2 KB
2 KB
Document
General
Full URL
https://payment.flywire.com/?recipient=UIG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bcfab42c6f3d3f58176bc79833e5b6c3d098ec7bf7aad41748246b8fd6b40b54

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8c724cf23dead40e-FRA
content-encoding
br
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=y.0bFj.Ec68e0EXvgc7MfGZI0hJt0BWml_Qg.3xbzwc-1727008167-1.0.1.1-RiyDz_YzOOXAaGzwrnPQZzkVQadHqnBAie9CZikfA7BySrKahfUWUi3zvpe0ka7pf.M6pqTp.edpcMbROVtAPYbA6lgrPlkCN..lS8bsc13lv.xPh4qSuwt3HUIHmdeGnfgia1AllGf1I3z_wQ9ogfFqQGkjWH8hi76QkINKpzc; report-to cf-csp-endpoint
content-type
text/html
date
Sun, 22 Sep 2024 12:29:27 GMT
last-modified
Fri, 20 Sep 2024 10:29:52 GMT
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=y.0bFj.Ec68e0EXvgc7MfGZI0hJt0BWml_Qg.3xbzwc-1727008167-1.0.1.1-RiyDz_YzOOXAaGzwrnPQZzkVQadHqnBAie9CZikfA7BySrKahfUWUi3zvpe0ka7pf.M6pqTp.edpcMbROVtAPYbA6lgrPlkCN..lS8bsc13lv.xPh4qSuwt3HUIHmdeGnfgia1AllGf1I3z_wQ9ogfFqQGkjWH8hi76QkINKpzc"}],"group":"cf-csp-endpoint","max_age":86400}
server
cloudflare
vary
Accept-Encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8c724cef6b9fd40e-FRA
content-type
text/html;charset=utf-8
date
Sun, 22 Sep 2024 12:29:26 GMT
location
https://payment.flywire.com/?recipient=UIG
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/
2 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik:wght@300..900&display=swap
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/?recipient=UIG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
798e575d7aae2c90c23aa68421a0fca3eb75d4b6b921fa6be5de48274a74319d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sun, 22 Sep 2024 12:29:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Sep 2024 12:29:27 GMT
content-type
text/css; charset=utf-8
last-modified
Sun, 22 Sep 2024 12:29:27 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
vendors.9180a376d94d2d3fbcaa.min.js
payment.flywire.com/assets/js/
2 MB
634 KB
Script
General
Full URL
https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/?recipient=UIG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9118df92de8da50a4d8d64ee5b52965b62eacb1f9ab0a0e52dca7462359aa3cb

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
public, max-age=604800, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ed43f0-242dc4"
age
179944
cf-ray
8c724cf5898ed40e-FRA
date
Sun, 22 Sep 2024 12:29:27 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 09:44:16 GMT
vary
Accept-Encoding
server
cloudflare
main.fc283e14524717b53107.min.js
payment.flywire.com/assets/js/
741 KB
207 KB
Script
General
Full URL
https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/?recipient=UIG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e61d45105dd99115437489381bfec09e56348cb9d1ad5a7aef096f169a7f1fe

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
public, max-age=604800, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ed43f0-b93cc"
age
179944
cf-ray
8c724cf66d5ed40e-FRA
date
Sun, 22 Sep 2024 12:29:27 GMT
content-type
application/javascript
last-modified
Fri, 20 Sep 2024 09:44:16 GMT
vary
Accept-Encoding
server
cloudflare
main.161e8e76.min.css
payment.flywire.com/assets/css/
202 KB
34 KB
Stylesheet
General
Full URL
https://payment.flywire.com/assets/css/main.161e8e76.min.css
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/?recipient=UIG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e570ef5c2ceb0fd64023cc716d4a93937147847a8f7d098a16873bfa86a438a

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
public, max-age=604800, immutable
content-encoding
gzip
cf-cache-status
HIT
etag
W/"66ea945c-326f4"
age
356199
cf-ray
8c724cf58991d40e-FRA
date
Sun, 22 Sep 2024 12:29:27 GMT
content-type
text/css
last-modified
Wed, 18 Sep 2024 08:50:36 GMT
vary
Accept-Encoding
server
cloudflare
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v28/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v28/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik:wght@300..900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Origin
https://payment.flywire.com
Referer
https://fonts.googleapis.com/

Response headers

age
140392
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 20 Sep 2025 21:29:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 20 Sep 2024 21:29:35 GMT
last-modified
Thu, 29 Jun 2023 16:14:39 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
35448
x-xss-protection
0
server
sffe
/
sentry.io/api/271161/envelope/
2 B
325 B
Fetch
General
Full URL
https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sun, 22 Sep 2024 12:29:27 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
heap-476072953.js
cdn.heapanalytics.com/js/
117 KB
38 KB
Script
General
Full URL
https://cdn.heapanalytics.com/js/heap-476072953.js
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/?recipient=UIG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-86.fra56.r.cloudfront.net
Software
nginx / Express
Resource Hash
e1a0d3d68d05c3b5103c5448530a1619047569b0e2e4408cbcd7cc5c490440fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
br
etag
W/"1d5bd-AZ0TUywHXAi44UBqnub07OtLaSA"
age
104
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
Pm6bw6k5KaaKSZ90rBmsQQ1p-uLVhlodxyGE-jOxwJVNJ-xHp13-Uw==
date
Sun, 22 Sep 2024 12:27:44 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=120
cross-origin-resource-policy
cross-origin
via
1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-powered-by
Express
server
nginx
js
www.googletagmanager.com/gtag/
201 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-21478818-13
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a81a878d410b540c6e52af6c62ad501e7523abc56fe631ff858c1847899cb7ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 22 Sep 2024 12:29:28 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74330
date
Sun, 22 Sep 2024 12:29:28 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
js
www.googletagmanager.com/gtag/
241 KB
86 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-410801422
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fe555f29da72aab5040ed8caa97c0afd089846bee273318663309c727f60491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
br
expires
Sun, 22 Sep 2024 12:29:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 22 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
87706
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
225 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/?recipient=UIG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=28, rtx=0, c=23, mss=1232, tbw=4555, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
LMOZ3CVaMzL02jwRXFS2xgqyNHA29udbJd4zTwPQm8xAToxdS0Fc5voV7LZvZeYqHRA0oq9uIYK4UNqrVvg4fA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
58953
x-xss-protection
0
hotjar-3487825.js
static.hotjar.com/c/
13 KB
6 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-3487825.js?sv=6
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/?recipient=UIG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.175.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-175-102.cdg55.r.cloudfront.net
Software
/
Resource Hash
4d1cd2ad4fa15cd184957ae36e6484b6469429c98ee267873802d8af035b4b6d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
br
etag
W/0f59b1c2de92c861361edd8d97db8d7a
age
7
x-content-type-options
nosniff
x-cache-hit
1
x-cache
Hit from cloudfront
x-amz-cf-id
vh5uFnP6FqgpJK2RgUKcJEIwXfvy2a4pXw_KOBs6tz43G6Bx0g4xrg==
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
via
1.1 58adbada5f610701bb5e247e761b1bc6.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
CDG55-P1
feature_flags
payment.flywire.com/
522 B
795 B
Fetch
General
Full URL
https://payment.flywire.com/feature_flags?features[]=PAAR-2945-payex_maintenance_mode&features[]=PAAR-4230-PollingInTrackingPage&features[]=PAAR-4583-profileCreditCards&features[]=PAAR-4646-use-tag-manager&features[]=REM-1040-coupons&features[]=REM-1186-coupons-in&features[]=PAAR-5246-payRemainingBalance&features[]=PAAR-5353-holidayBannerCN&features[]=PAAR-5353-holidayBannerVN&features[]=PAAR-5247-userWallet&features[]=REM-867-RedeemCashback&features[]=REM-1238-WhatsappSubscriptions&features[]=PAAR-5645-Non_FX_Payments&features[]=PAAR-5643-Mario&features[]=REM-1374-bannerCouponsCN&features[]=PAAR-5826-hideKycButton&fingerprint=rB/CH2bwDacxNQARBmRSAg==
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13bf4ab35e85457f88cfa956636b4fd3273ec06a9f17ff116c4af7b17915647
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-Request-Id
6a713206-4fb6-4d43-811c-a1143c2814ec
Referer
https://payment.flywire.com/
mode
cors
X-Requester
payex
baggage
sentry-environment=production,sentry-release=40a0aa0b1e00d146bc121731e9179c5b573879d5,sentry-public_key=e148c89ca64c434d865048f29cfa9e56,sentry-trace_id=17704128956e46549847f6dfd3146ea3,sentry-sample_rate=0.2
sentry-trace
17704128956e46549847f6dfd3146ea3-82b384cb97e037e9-0
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
application/json

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8c724cfb788ad40e-FRA
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/json
vary
Origin
server
cloudflare
localize
payment.flywire.com/
21 B
524 B
Fetch
General
Full URL
https://payment.flywire.com/localize
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c482243f604951ac751908daddf1a2b1b3f3cf9923d9526c2e2b25e909176d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-Request-Id
843e04ff-93a3-4656-9f72-14857fd8cae0
Referer
https://payment.flywire.com/
mode
cors
X-Requester
payex
baggage
sentry-environment=production,sentry-release=40a0aa0b1e00d146bc121731e9179c5b573879d5,sentry-public_key=e148c89ca64c434d865048f29cfa9e56,sentry-trace_id=17704128956e46549847f6dfd3146ea3,sentry-sample_rate=0.2
sentry-trace
17704128956e46549847f6dfd3146ea3-b27e7996f88c5d84-0
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
application/json

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8c724cfb88abd40e-FRA
content-length
21
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/json
vary
Origin
server
cloudflare
embed2.js
static.ada.support/
6 KB
3 KB
Script
General
Full URL
https://static.ada.support/embed2.js
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
43da18f909be2ce7b2a6908460d55c1e85440107401bb04706c2bf725ff55fe5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
etag
W/"d556a4fd6f86b7c64ce2e54347438fb8"
x-amz-version-id
JTEe2QogZxw2trnqb5fj0lJ5svkPSon1
age
30181
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
kW3KgXzw3-ZGoEPZUsjyS-3HCIb1KlgjZnnDpr6ZXbE_J7ZCbLK_vQ==
date
Sun, 22 Sep 2024 04:06:28 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Tue, 17 Sep 2024 18:14:41 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
max-age: 300
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
UIG
payment.flywire.com/v3/recipients/
4 KB
2 KB
Fetch
General
Full URL
https://payment.flywire.com/v3/recipients/UIG?locale=en
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
102b41f84e4271f363d46a7355e1477ca45b558ac337954548db61fdae565c89
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-Request-Id
8a69f828-a128-42b7-ab13-5c3230823da1
Referer
https://payment.flywire.com/
mode
cors
X-Requester
payex
baggage
sentry-environment=production,sentry-release=40a0aa0b1e00d146bc121731e9179c5b573879d5,sentry-public_key=e148c89ca64c434d865048f29cfa9e56,sentry-trace_id=17704128956e46549847f6dfd3146ea3,sentry-sample_rate=0.2
sentry-trace
17704128956e46549847f6dfd3146ea3-808f89e167ddc551-0
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
application/json

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8c724cfb88cad40e-FRA
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/json
vary
Origin
server
cloudflare
countries
payment.flywire.com/v3/recipients/UIG/
8 KB
3 KB
Fetch
General
Full URL
https://payment.flywire.com/v3/recipients/UIG/countries?locale=en
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e144414aced4c04533fbf09dea6267f5fcde7f92107b557e9e7912e6e6b0d54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-Request-Id
87a09ab9-239b-420c-a6e7-54fd1c576611
Referer
https://payment.flywire.com/
mode
cors
X-Requester
payex
baggage
sentry-environment=production,sentry-release=40a0aa0b1e00d146bc121731e9179c5b573879d5,sentry-public_key=e148c89ca64c434d865048f29cfa9e56,sentry-trace_id=17704128956e46549847f6dfd3146ea3,sentry-sample_rate=0.2
sentry-trace
17704128956e46549847f6dfd3146ea3-b14903a667f9f0cd-0
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
application/json

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8c724cfb98dbd40e-FRA
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/json
vary
Origin
server
cloudflare
countries
payment.flywire.com/v3/
17 KB
5 KB
Fetch
General
Full URL
https://payment.flywire.com/v3/countries?locale=en
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f9ec0252a521fe33a19472a29be75aab2340a9a5327070d5919245415046334
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-Request-Id
45636ec6-0dc0-464e-8cf5-0c94166f044d
Referer
https://payment.flywire.com/
mode
cors
X-Requester
payex
baggage
sentry-environment=production,sentry-release=40a0aa0b1e00d146bc121731e9179c5b573879d5,sentry-public_key=e148c89ca64c434d865048f29cfa9e56,sentry-trace_id=17704128956e46549847f6dfd3146ea3,sentry-sample_rate=0.2
sentry-trace
17704128956e46549847f6dfd3146ea3-b7ce2859413572b2-0
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
application/json

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Xskn9F7Hu_.abZOiiWdX9dkxQuieT_lfXwLT6_g0xzE-1727008168-1.0.1.1-BKpDNXhemGivn2zF2OSZOxLvq.Bg4hf0SnBgTmOak17AUAw_QPJUomS.ocgDUHV7JE_3D4TMjbde3Iqr5tkNw0DMheI6ytmqCOXIscMolLuhGYjSKCkWCldkDhFgGQynBFzIYiz9wf_PHkJJkKegLbMig_bVR2AQlqxF8DyjFd0"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Xskn9F7Hu_.abZOiiWdX9dkxQuieT_lfXwLT6_g0xzE-1727008168-1.0.1.1-BKpDNXhemGivn2zF2OSZOxLvq.Bg4hf0SnBgTmOak17AUAw_QPJUomS.ocgDUHV7JE_3D4TMjbde3Iqr5tkNw0DMheI6ytmqCOXIscMolLuhGYjSKCkWCldkDhFgGQynBFzIYiz9wf_PHkJJkKegLbMig_bVR2AQlqxF8DyjFd0; report-to cf-csp-endpoint
x-content-type-options
nosniff
cf-ray
8c724cfb98dfd40e-FRA
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/json
vary
Origin
server
cloudflare
671130799943476
connect.facebook.net/signals/config/
73 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/671130799943476?v=2.9.167&r=stable&domain=payment.flywire.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
260ac151b4a5504668e0178759bd5754af66a37f19a9cb0692f3dc4d3dba929a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
edge-control
cache-maxage=10m
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=20, rtx=0, c=74, mss=1232, tbw=68288, tp=66, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
Y/8Yh0z3T7MWefDHqA0KeU9aLPWUyE/+ol7wDCkFk1Wk9EplIE9I6xYN3SLIJ9dvMlpSePuGpJDsHtcYdu04+A==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
14807
x-xss-protection
0
h
heapanalytics.com/
37 B
261 B
Image
General
Full URL
https://heapanalytics.com/h?a=476072953&u=7962578803493471&v=779147111195691&s=2710698360990065&b=web&tv=4.0&z=0&h=%2Fpay&q=%3Frecipient%3DUIG&d=payment.flywire.com&t=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&ts=1727008168330&sch=1200&scw=1600&st=1727008168341&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay?recipient=UIG
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.73.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-73-18.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-length
37
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
image/gif
server
nginx
modules.0721e7cf944cf9d78a0b.js
script.hotjar.com/
224 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3487825.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.253.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-253-48.lhr5.r.cloudfront.net
Software
/
Resource Hash
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

x-robots-tag
none
content-encoding
br
etag
"ac12d2f9dbf41b678b7eb52a4d3e70f3"
age
256041
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
CrN3vuDt8kFT80fcx6aEJBoXo03pgc8kzaPuqDuJoFftZv0erK-2hw==
date
Thu, 19 Sep 2024 13:22:07 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 19 Sep 2024 13:21:34 GMT
vary
Accept-Encoding
strict-transport-security
max-age=2592000; includeSubDomains
cache-control
max-age=31536000
cross-origin-resource-policy
cross-origin
via
1.1 37f3a1b31872fd6a8b5294f2c5a5698e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56508
x-amz-cf-pop
LHR5-P5
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=671130799943476&ev=PageView&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&rl=&if=false&ts=1727008168366&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727008168362.78653453012434190&cs_est=true&ler=empty&cdl=API_unavailable&it=1727008168287&coo=false&rqm=GET
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay?recipient=UIG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=2786, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=671130799943476&ev=PageView&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&rl=&if=false&ts=1727008168366&sw=1600&sh=1200&v=2.9.167&r=stable&ec=0&o=12318&fbp=fb.1.1727008168362.78653453012434190&cs_est=true&ler=empty&cdl=API_unavailable&it=1727008168287&coo=false&rqm=FGET
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay?recipient=UIG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417443602718169124"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
5kxZv7oorKUXIa+rxw3wwXarTRJUkWcagDUdsVaevBvFUJ8xLrhaEDSm6e6ibxudEdNs0olmZtNU9029FlEHkg==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417443602718169124", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=3104, tp=-1, tpl=-1, uplat=364, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
js
www.googletagmanager.com/gtag/
327 KB
108 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G39TL6QXH6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21478818-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ce1b542a830df77614b24e34329519d040f6fe241257126e703801fa1ea0469e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 22 Sep 2024 12:29:28 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110153
date
Sun, 22 Sep 2024 12:29:28 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21478818-13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
3791
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Sun, 22 Sep 2024 13:26:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
date
Sun, 22 Sep 2024 11:26:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
embed-manifest.json
static.ada.support/
136 B
698 B
Fetch
General
Full URL
https://static.ada.support/embed-manifest.json
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9aa10afacf02173561c6a29eb45e9f3871a29dc6231fc015903b3c67990e5874
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
x-amz-version-id
CH3xNoz.tdvDCJipj7IlS8Je.POmyeZp
etag
"919e5f1b400274225005b8c06fb305d2"
age
34960
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
y5lU_X7obykYWYI2M5pzJreD4trWh2bMakjaIf4BMkkMbBM2gUFx4g==
date
Sun, 22 Sep 2024 02:46:49 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Wed, 04 Sep 2024 22:17:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
136
x-amz-cf-pop
FRA56-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
localize
payment.flywire.com/
21 B
1 KB
Fetch
General
Full URL
https://payment.flywire.com/localize
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c482243f604951ac751908daddf1a2b1b3f3cf9923d9526c2e2b25e909176d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-Request-Id
2b853be8-f085-4f08-844a-15907745ecd9
Referer
https://payment.flywire.com/
mode
cors
X-Requester
payex
baggage
sentry-environment=production,sentry-release=40a0aa0b1e00d146bc121731e9179c5b573879d5,sentry-public_key=e148c89ca64c434d865048f29cfa9e56,sentry-trace_id=17704128956e46549847f6dfd3146ea3,sentry-sample_rate=0.2
sentry-trace
17704128956e46549847f6dfd3146ea3-8ba9895b05a36cf2-0
Access-Control-Allow-Origin
*
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
application/json

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=K60YrsSzzZ6GeraljSrGu4jWXDv416K9cd4mYvNDfzw-1727008168-1.0.1.1-9h128tqdk75qv.JsRMawQ9v5bS4MwD5ZDGqsfYQdwIAwEoW0F_YF1jKZX5IJG5NXL0Vbb75iVLGD5qkcoxdiRjnQ_XbsgMNsA0B_bMqNN3hy6YchLwvx53xgU1jd1zzThl7Yt_MOw_z_ALnyPV4fd9VHLS5yTyLBLWDSy0Yvj1o"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=K60YrsSzzZ6GeraljSrGu4jWXDv416K9cd4mYvNDfzw-1727008168-1.0.1.1-9h128tqdk75qv.JsRMawQ9v5bS4MwD5ZDGqsfYQdwIAwEoW0F_YF1jKZX5IJG5NXL0Vbb75iVLGD5qkcoxdiRjnQ_XbsgMNsA0B_bMqNN3hy6YchLwvx53xgU1jd1zzThl7Yt_MOw_z_ALnyPV4fd9VHLS5yTyLBLWDSy0Yvj1o; report-to cf-csp-endpoint
cf-ray
8c724cfdaa3fd40e-FRA
content-length
21
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/json
vary
Origin
server
cloudflare
gtm.js
www.googletagmanager.com/
198 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NRLXKJFZ
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
55b6dfe6c3dc944c18a07aaecf8656ccc2c90b1c21fe9eb73ba17c8ecb8d58f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
br
expires
Sun, 22 Sep 2024 12:29:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sun, 22 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
72240
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-G39TL6QXH6&gtm=45je49j0v899164153za200&_p=1727008168073&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1727008168&sct=1&seg=0&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2915
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://payment.flywire.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
text/plain
server
Golfe2
collect
www.google-analytics.com/j/
1 B
209 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2117561452&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&ul=de-de&de=UTF-8&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1697639074&gjid=1082804919&cid=1859191764.1727008169&tid=UA-21478818-13&_gid=1246331582.1727008169&_r=1&gtm=457e49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1566906520
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
text/plain
Referer
https://payment.flywire.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://payment.flywire.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
date
Sun, 22 Sep 2024 12:29:28 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
server
Golfe2
embed2.69d2a1d.js
static.ada.support/
181 KB
54 KB
Script
General
Full URL
https://static.ada.support/embed2.69d2a1d.js
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cc7107496f15aa1b37e35f52c9ebdd75c1da47d9474345a4aa92f30258113ef9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
content-encoding
gzip
x-amz-version-id
AiHBfdtNG8ddfAYbC7c9M59x5kNllh29
etag
W/"c1e6090211de1272a8cbc6c75b59b958"
age
49229
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
n3d3BbepvOkd2JjOKSRvVlZeFtV-UoOaqxhMomjEW14S9t7w81Txqg==
date
Sat, 21 Sep 2024 22:49:00 GMT
content-type
text/javascript
vary
Accept-Encoding
last-modified
Wed, 04 Sep 2024 22:07:54 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
cache-control
172800
via
1.1 ed91e9c9d6be32c45c1d670b7d4a6616.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
FRA56-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/
316 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-6KR0YF0GH0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRLXKJFZ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ad05631e7ab4c47a345a7dc1673e916cd18d8946bc2aaa260e2ebaf1ecf38202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Sun, 22 Sep 2024 12:29:28 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107227
date
Sun, 22 Sep 2024 12:29:28 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
tooltip-information.a75f5b37d07ed10c238b405316bd33a7.svg
payment.flywire.com/assets/media/
275 B
344 B
Image
General
Full URL
https://payment.flywire.com/assets/media/tooltip-information.a75f5b37d07ed10c238b405316bd33a7.svg
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay?recipient=UIG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afe4a2e011c649e63cdefc50f663b6300351086b50e88f9e67b5196531ab5ed9

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
public, max-age=604800, immutable
content-encoding
br
cf-cache-status
HIT
etag
W/"66e99529-113"
age
367796
cf-ray
8c724cffba55d40e-FRA
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
image/svg+xml
last-modified
Tue, 17 Sep 2024 14:41:45 GMT
vary
Accept-Encoding
server
cloudflare
client.json
rollout.ada.support/flywire/
11 KB
12 KB
XHR
General
Full URL
https://rollout.ada.support/flywire/client.json?ada_request_origin=embed
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2f35f675b0624ca1b5da88237c2b88c8294659d311d1bb59a531248ee08f3e8

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

access-control-max-age
300
access-control-expose-headers
ETag
etag
"fda12058ec0e5d39c92301a524959218"
age
13
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
YlO9rpVnFETYAUE8-ssY8ShoiG4bSbaOQM7P-NaTMKFteEPE06k_Fw==
date
Sun, 22 Sep 2024 12:29:16 GMT
content-type
application/json
vary
Origin
last-modified
Mon, 16 Sep 2024 09:48:30 GMT
cache-control
no-cache
via
1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11653
x-amz-cf-pop
FRA60-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
chat-manifest.json
static.ada.support/
136 B
698 B
Fetch
General
Full URL
https://static.ada.support/chat-manifest.json
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2229995d9d8e3087ae918acd2277647870fe77822b8abc449be0a48dc6e30741
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

access-control-max-age
3000
access-control-expose-headers
ETag
x-amz-version-id
teCxmW8f3CHZtPpjwvnwUFrl3NOBkTZ1
etag
"a31305225df6c9f28d17bf48cedd50e4"
age
85687
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
FDffrUOSnPMETTKL947fYNK-eh6qr8sd517MjMcsxAg2NiByAnK7rA==
date
Sat, 21 Sep 2024 12:41:22 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Fri, 13 Sep 2024 16:45:56 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
via
1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
136
x-amz-cf-pop
FRA56-P4
server
AmazonS3
x-amz-server-side-encryption
AES256
tracker
payment.flywire.com/
0
0
Fetch
General
Full URL
https://payment.flywire.com/tracker
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://payment.flywire.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

access-control-max-age
7200
access-control-expose-headers
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=g14gRTKEBIMKevfaReO28yzG0N8aksHmzKx2WyQ_gok-1727008169-1.0.1.1-cBawm8YIG2QlNVtRl_I0GfLBdrtpJzoxzqxgJVitrZXa_y9hzkUYqCNbSjS1I8soTlgKKuSpyQZjNMbd0K3QmBPrn.JmF0EZAks_7pNq1lSiue2Z7yxCWPcaIrvpHokJZRbI5RQuZquTNOx7TdutNaGi5_cjxAPDllK7p7QFI2A"}],"group":"cf-csp-endpoint","max_age":86400}
x-content-type-options
nosniff
access-control-allow-methods
GET, POST
cf-ray
8c724d000b6bd40e-FRA
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=g14gRTKEBIMKevfaReO28yzG0N8aksHmzKx2WyQ_gok-1727008169-1.0.1.1-cBawm8YIG2QlNVtRl_I0GfLBdrtpJzoxzqxgJVitrZXa_y9hzkUYqCNbSjS1I8soTlgKKuSpyQZjNMbd0K3QmBPrn.JmF0EZAks_7pNq1lSiue2Z7yxCWPcaIrvpHokJZRbI5RQuZquTNOx7TdutNaGi5_cjxAPDllK7p7QFI2A; report-to cf-csp-endpoint
access-control-allow-origin
*
date
Sun, 22 Sep 2024 12:29:29 GMT
vary
Origin
server
cloudflare
/
sentry.io/api/271161/envelope/
2 B
57 B
Fetch
General
Full URL
https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
/
sentry.io/api/271161/envelope/
2 B
57 B
Fetch
General
Full URL
https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.247.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.247.186.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time
0
cross-origin-resource-policy
cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
application/json
vary
origin, access-control-request-method, access-control-request-headers
server
nginx
feature_flags
payment.flywire.com/
522 B
1 KB
Fetch
General
Full URL
https://payment.flywire.com/feature_flags?features[]=PAAR-2945-payex_maintenance_mode&features[]=PAAR-4230-PollingInTrackingPage&features[]=PAAR-4583-profileCreditCards&features[]=PAAR-4646-use-tag-manager&features[]=REM-1040-coupons&features[]=REM-1186-coupons-in&features[]=PAAR-5246-payRemainingBalance&features[]=PAAR-5353-holidayBannerCN&features[]=PAAR-5353-holidayBannerVN&features[]=PAAR-5247-userWallet&features[]=REM-867-RedeemCashback&features[]=REM-1238-WhatsappSubscriptions&features[]=PAAR-5645-Non_FX_Payments&features[]=PAAR-5643-Mario&features[]=REM-1374-bannerCouponsCN&features[]=PAAR-5826-hideKycButton&fingerprint=rB/CH2bwDacxNQARBmRSAg==
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a13bf4ab35e85457f88cfa956636b4fd3273ec06a9f17ff116c4af7b17915647
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-Request-Id
4b03a7b0-1b2a-45c6-b709-c208aee94fb3
Access-Control-Allow-Origin
*
Referer
https://payment.flywire.com/
mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
application/json
X-Requester
payex

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=drjUNoXWDy9O04CA94H8L14iN4ktki2Ctn1H6gL04zA-1727008169-1.0.1.1-ini1SIVrG6Ne8IcDsJOGAKBCWW_YzH.wWo3_iYmy5kGb4_P5Q_xu4t5tOv1xF_q2wMdUUSUXwcuP9KDE7ljVksxHxCQVwihadCnB5OVI4sEPZROO81nynJ6jJYztRsAX5bAJlSreMndbVweJZgBvlUGvBoc1mGJFNUHbTAmNvVU"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=drjUNoXWDy9O04CA94H8L14iN4ktki2Ctn1H6gL04zA-1727008169-1.0.1.1-ini1SIVrG6Ne8IcDsJOGAKBCWW_YzH.wWo3_iYmy5kGb4_P5Q_xu4t5tOv1xF_q2wMdUUSUXwcuP9KDE7ljVksxHxCQVwihadCnB5OVI4sEPZROO81nynJ6jJYztRsAX5bAJlSreMndbVweJZgBvlUGvBoc1mGJFNUHbTAmNvVU; report-to cf-csp-endpoint
x-content-type-options
nosniff
cf-ray
8c724d002c24d40e-FRA
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
application/json
vary
Origin
server
cloudflare
localize
payment.flywire.com/
21 B
525 B
Fetch
General
Full URL
https://payment.flywire.com/localize
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67c482243f604951ac751908daddf1a2b1b3f3cf9923d9526c2e2b25e909176d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

X-Request-Id
c8ac2451-8363-4737-868d-bd6b411b69c9
Access-Control-Allow-Origin
*
Referer
https://payment.flywire.com/
mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Content-Type
application/json
X-Requester
payex

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cf-cache-status
DYNAMIC
x-content-type-options
nosniff
cf-ray
8c724d002c2fd40e-FRA
content-length
21
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
application/json
vary
Origin
server
cloudflare
identify_v3
heapanalytics.com/api/
37 B
260 B
Image
General
Full URL
https://heapanalytics.com/api/identify_v3?a=476072953&u=7962578803493471&v=779147111195691&s=2710698360990065&i=rB%2FCH2bwDacxNQARBmRSAg%3D%3D&b=web&tv=4.0&z=0&st=1727008168928&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay/payment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.73.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-73-18.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-length
37
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
image/gif
server
nginx
add_user_properties_v3
heapanalytics.com/api/
37 B
260 B
Image
General
Full URL
https://heapanalytics.com/api/add_user_properties_v3?a=476072953&u=7962578803493471&v=779147111195691&s=2710698360990065&i=rB%2FCH2bwDacxNQARBmRSAg%3D%3D&b=web&tv=4.0&_peer_tracker_id=rB%2FCH2bwDacxNQARBmRSAg%3D%3D&_session_id=f11f9458-f8de-4f36-a768-4e64b2b21ca3&_source_url=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&_browser_language=en&_country=DE&_portal_code=UIG&_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.9%20Safari%2F537.36&_platform=payex&st=1727008168928&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay/payment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.73.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-73-18.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-length
37
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
image/gif
server
nginx
University_Bursar_Sublogo_Horizontal_Color.png
dxvn2m2gq0cmw.cloudfront.net/schools/869/large/
20 KB
21 KB
Image
General
Full URL
https://dxvn2m2gq0cmw.cloudfront.net/schools/869/large/University_Bursar_Sublogo_Horizontal_Color.png?1680195502
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:9200:10:b29e:7e00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58181f144beee70cde2bde5b35d9fdcdb49c91a46cb1e8057a8c8f561d619413

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

x-amz-replication-status
COMPLETED
x-amz-version-id
UcYwnDeN0B7s9FtTU95cUfpfZxBbqdKG
etag
"1d05f1dfd07e48f4daf8417021228ffe"
via
1.1 7e3b2ebcc561cb84cf59a80a76eb7e28.cloudfront.net (CloudFront)
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
content-length
20682
x-amz-cf-id
bx7Hvfgjcrb1pw08QREO9A9tRsnqhG8Zsdfa5EDPzJGbRG4Q4y1BiQ==
date
Sun, 22 Sep 2024 12:29:30 GMT
content-type
image/png
last-modified
Thu, 30 Mar 2023 16:58:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
defaultLogo.964f0bfc5c799f25ebae43430aee0506.svg
payment.flywire.com/assets/media/
2 KB
2 KB
Image
General
Full URL
https://payment.flywire.com/assets/media/defaultLogo.964f0bfc5c799f25ebae43430aee0506.svg
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay/payment
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d8e1de797d741bb51035220b302e932a28ab630135b4a622ebda6ed03bff992

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
public, max-age=604800, immutable
content-encoding
br
cf-cache-status
HIT
etag
W/"66e99529-76f"
age
352734
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=Y0fSJz01E8mclhaWlcM4kiZIwzbc4.JIA4EfRJZMNlU-1727008169-1.0.1.1-zq279RSHbfq8oQBITVns.IjophKbN1Rr.JZ20tjWQ6IalONAmqyt3.nRhukdaVvDTbRoifuZ5O0wf09q0Bqy9XtlnfRQaZOd2Ref4PxXSkSWO5YuOtBTDSrooXzmFt4lKoQJ48NaDY4Oe77ieJpq1tlJ_Zsx_sO.sXAYgh.Pv2w"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=Y0fSJz01E8mclhaWlcM4kiZIwzbc4.JIA4EfRJZMNlU-1727008169-1.0.1.1-zq279RSHbfq8oQBITVns.IjophKbN1Rr.JZ20tjWQ6IalONAmqyt3.nRhukdaVvDTbRoifuZ5O0wf09q0Bqy9XtlnfRQaZOd2Ref4PxXSkSWO5YuOtBTDSrooXzmFt4lKoQJ48NaDY4Oe77ieJpq1tlJ_Zsx_sO.sXAYgh.Pv2w; report-to cf-csp-endpoint
cf-ray
8c724d003c59d40e-FRA
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
image/svg+xml
last-modified
Tue, 17 Sep 2024 14:41:45 GMT
vary
Accept-Encoding
server
cloudflare
wcag.25fd4e3016145a1d97b4e6c7dd9813ec.svg
payment.flywire.com/assets/media/
15 KB
6 KB
Image
General
Full URL
https://payment.flywire.com/assets/media/wcag.25fd4e3016145a1d97b4e6c7dd9813ec.svg
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay/payment
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
205e68fdfdbcd8bef53b55ea1aaacd51d06474d2443dd5efc454ab0165c2320d

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
public, max-age=604800, immutable
content-encoding
br
cf-cache-status
HIT
etag
W/"66eaa1c1-3b51"
age
345662
cf-ray
8c724d003c5ed40e-FRA
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Sep 2024 09:47:45 GMT
vary
Accept-Encoding
server
cloudflare
/
www.facebook.com/tr/
0
102 B
Image
General
Full URL
https://www.facebook.com/tr/?id=671130799943476&ev=PageView&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&rl=&if=false&ts=1727008168967&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=12318&fbp=fb.1.1727008168362.78653453012434190&cs_est=true&ler=empty&cdl=API_unavailable&it=1727008168287&coo=false&rqm=GET
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=5967, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Sun, 22 Sep 2024 12:29:28 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
871 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=671130799943476&ev=PageView&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&rl=&if=false&ts=1727008168967&sw=1600&sh=1200&v=2.9.167&r=stable&ec=1&o=12318&fbp=fb.1.1727008168362.78653453012434190&cs_est=true&ler=empty&cdl=API_unavailable&it=1727008168287&coo=false&rqm=FGET
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay/payment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7417443606087213976"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
SXVO3kMfkJ+7Wg54kvCzLl2ynQ5fkF75Ilw4yhL1dnLbu9wlefCGZzN3rG1ztt8SIVDfpZkRSkvmwV+Gr3ml7A==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7417443606087213976", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=18, rtx=0, c=10, mss=1328, tbw=6113, tp=-1, tpl=-1, uplat=105, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
client.json
rollout.ada.support/flywire/
11 KB
435 B
XHR
General
Full URL
https://rollout.ada.support/flywire/client.json?ada_request_origin=embed
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.187.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-187-68.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a2f35f675b0624ca1b5da88237c2b88c8294659d311d1bb59a531248ee08f3e8

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

access-control-max-age
300
access-control-expose-headers
ETag
etag
"fda12058ec0e5d39c92301a524959218"
age
14
access-control-allow-methods
GET, HEAD
x-cache
Hit from cloudfront
x-amz-cf-id
yW6YhJroGwaXMhYzb0M83J-_Npm41xBUPiYYwv3UM8MPBfGS43qz6g==
date
Sun, 22 Sep 2024 12:29:16 GMT
content-type
application/json
last-modified
Mon, 16 Sep 2024 09:48:30 GMT
vary
Origin
cache-control
no-cache
via
1.1 de142d0ad142b3c0e86791d0b145349a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11653
x-amz-cf-pop
FRA60-P9
server
AmazonS3
x-amz-server-side-encryption
AES256
truncated
/
339 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
afd2285d8526f5ee0c8cb1a48689920828677838b29abf7ea3d0c2b4c6b17d23

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
h
heapanalytics.com/
37 B
260 B
Image
General
Full URL
https://heapanalytics.com/h?a=476072953&u=7962578803493471&v=6501980942106776&s=2710698360990065&i=rB%2FCH2bwDacxNQARBmRSAg%3D%3D&b=web&tv=4.0&z=2&h=%2Fpay%2Fpayment&d=payment.flywire.com&t=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&ts=1727008169032&pr=%2Fpay&sp=ts&sp=1727008168330&sp=d&sp=payment.flywire.com&sp=h&sp=%2Fpay&sp=q&sp=%3Frecipient%3DUIG&sch=1200&scw=1600&st=1727008169033&lv=4.23.4&ld=cdn.heapanalytics.com
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/pay/payment
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.73.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-73-18.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
etag
W/"25-4iFqfptz9csCeTUceM5hwzR1zqc"
content-length
37
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
image/gif
server
nginx
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-6KR0YF0GH0&gtm=45je49j0v890468871z89173687837za200zb9173687837&_p=1727008168073&gcd=13l3lPl2l1l1&npa=1&dma_cps=sya&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727008169&sct=1&seg=0&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=page_view&_fv=1&_ss=1&tfd=3434
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://payment.flywire.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
text/plain
server
Golfe2
index.html
flywire.ada.support/embed/x-storage/69d2a1d/ Frame 3F2A
0
0
Document
General
Full URL
https://flywire.ada.support/embed/x-storage/69d2a1d/index.html
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.69d2a1d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://payment.flywire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

accept-ranges
bytes
age
31418
cache-control
172800
content-length
237
content-type
text/html
date
Sun, 22 Sep 2024 03:45:52 GMT
etag
"cd373ac005a5f8ca983529c5cfc30dde"
last-modified
Wed, 04 Sep 2024 22:07:54 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-amz-cf-id
t9e_lzNz7HJuaSTzl8gMH11mtiZ_bj81h8qqSnQRykZGUOGiib5lQA==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
8e80BYTILyltNqpPp5mniBZ4xPFMB6aM
x-cache
Hit from cloudfront
index.html
flywire.ada.support/embed/button/69d2a1d/ Frame 08A2
0
0
Document
General
Full URL
https://flywire.ada.support/embed/button/69d2a1d/index.html
Requested by
Host: static.ada.support
URL: https://static.ada.support/embed2.69d2a1d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-34.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://payment.flywire.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36

Response headers

age
36251
cache-control
172800
content-encoding
gzip
content-type
text/html
date
Sun, 22 Sep 2024 02:25:19 GMT
etag
W/"77437f34c00b69af7328c22d93ddd78e"
last-modified
Wed, 04 Sep 2024 22:07:54 GMT
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
via
1.1 c813ed55721b9ee3209e2abab7207a00.cloudfront.net (CloudFront)
x-amz-cf-id
tfPMLmJkrZKAHS3NLAS1BJgx_qu-P8yLE2xbbi3FSWALMjHvqXlOQA==
x-amz-cf-pop
FRA56-P4
x-amz-server-side-encryption
AES256
x-amz-version-id
vTgQLeGOVBg60bSjlANbM5IT5FidjF3t
x-cache
Hit from cloudfront
truncated
/
217 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a4f24ba696cea746ebddee15c232eeab34209b45573079e8ef80a50e036ba67

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
s.js
cdn.siftscience.com/
62 KB
21 KB
Script
General
Full URL
https://cdn.siftscience.com/s.js
Requested by
Host: payment.flywire.com
URL: https://payment.flywire.com/?recipient=UIG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.67.224 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
224.67.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2c81cc3c013e563ad03b70adcb3c9651ec391c768dafbe3e36f2da35320f8de4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

x-goog-metageneration
1
access-control-expose-headers
*
content-encoding
gzip
x-goog-hash
crc32c=wz8G3w==, md5=EcBus9FX5Xcra5Z+QIU+FQ==
etag
"11c06eb3d157e5772b6b967e40853e15"
age
702168
x-goog-stored-content-encoding
gzip
expires
Sun, 14 Sep 2025 09:26:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
20599
date
Sat, 14 Sep 2024 09:26:41 GMT
last-modified
Tue, 16 Jul 2024 09:11:58 GMT
content-type
text/javascript
x-guploader-uploadid
AD-8lju3GsjT2YNbFXlr5cjmDqSwNNyUzdxlHegUGKcZKkBpZ31ilJXGiPTnyHnkxe9zzNExRJ8
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1721121118847320
content-length
20599
server
UploadServer
favicon.ico
payment.flywire.com/
15 KB
2 KB
Other
General
Full URL
https://payment.flywire.com/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:c40d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bacdd302bf60290262423b42196779018bbd793c50435732e7e756fc9ce3725

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-encoding
br
cf-cache-status
MISS
etag
W/"66ed43f0-3aee"
report-to
{"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=GOJYgMSadMPimYIgTIxtzBpoV4q_D.38ABHNwgCW.3o-1727008169-1.0.1.1-n2zzzHe0Be19ICeziwJbQDr7jwtoHpa2aSLJvM4NOm48miNSKS9iPxdHeAav2IAHS18CukChcJTjhEKw_qSKZm6MhFTVqqmeldUf.AK._Rdbgln26kLNt1ZsloiPWM9zFmzpXRxl4u23DWjZMWn9wMhKIk90rNtk6RniF86LAyI"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only
script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=GOJYgMSadMPimYIgTIxtzBpoV4q_D.38ABHNwgCW.3o-1727008169-1.0.1.1-n2zzzHe0Be19ICeziwJbQDr7jwtoHpa2aSLJvM4NOm48miNSKS9iPxdHeAav2IAHS18CukChcJTjhEKw_qSKZm6MhFTVqqmeldUf.AK._Rdbgln26kLNt1ZsloiPWM9zFmzpXRxl4u23DWjZMWn9wMhKIk90rNtk6RniF86LAyI; report-to cf-csp-endpoint
cf-ray
8c724d046d33d40e-FRA
date
Sun, 22 Sep 2024 12:29:29 GMT
content-type
image/x-icon
last-modified
Fri, 20 Sep 2024 09:44:16 GMT
vary
Accept-Encoding
server
cloudflare
956891.gif
hexagon-analytics.com/images/
43 B
288 B
Image
General
Full URL
https://hexagon-analytics.com/images/956891.gif?bk=65960b63de&tm=28&r=834211950&v=108&cs=UTF-8&h=payment.flywire.com&l=de-DE&S=4b337f3f4f1e4a538a5ab3fc31814485&uu=21be98645dc4a7b1f08c17a913ab1f6&t=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&u=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.9%20Safari%2F537.36&nm=2&mh=63196a00446a1e285d1992cfe444aa55&np=5&ph=332b72bdb211e34e6e3c24f88d7c393b&sh=1200&sw=1600&cd=24&p=Linux%20x86_64&to=-120&d=60&ce=true&tp=0&ol=true&pr=Gecko&ps=20030107&vd=Google%20Inc.&vs=&hc=12&je=false&ss=true&ls=true&in=true&db=false&tl=true&tr=false&ts=true&tb=false&ab=false&cf=a3c415e4f447c1ed3c87d70fb939054d&z=z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.232.42 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
42.232.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.9 Safari/537.36
Referer
https://payment.flywire.com/

Response headers

cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
pragma
no-cache
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
via
1.1 google
expires
Thu, 01 Jan 1970 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 22 Sep 2024 12:29:30 GMT
content-type
image/gif
server
nginx

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| SENTRY_ENVIRONMENT string| requester string| FLYWIRE_JS_ENVIRONMENT object| webpackChunkpayex_web object| SENTRY_RELEASE object| SENTRY_RELEASES function| clearImmediate function| setImmediate string| __reactRouterVersion object| __SENTRY__ object| __sentry_instrumentation_handlers__ object| __post_robot_10_0_41__ object| __zoid_9_0_62__ object| flywire object| heap function| gtag object| dataLayer object| _sift function| fbq function| _fbq function| hj object| _hjSettings object| adaSettings object| hjSiteSettings object| hjLazyModules function| hjBootstrap object| hjBootstrapCalled object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| __AdaEmbedLoaderVersion boolean| __AdaEmbedLoaderScriptLoaded object| adaEmbed function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| __AdaEmbedLoaderInitialActionQueue boolean| __AdaEmbedLoaded function| __siftFlashCB object| PluginDetect

17 Cookies

Domain/Path Name / Value
payment.flywire.com/ Name: fingerprint
Value: rB/CH2bwDacxNQARBmRSAg==
.flywire.com/ Name: _cfuvid
Value: KvK9kQD1MBZyZPSo1NpojM0xTEUyNShGpDEd.rRtwW8-1727008167070-0.0.1.1-604800000
.flywire.com/ Name: flywire-lang
Value: en
.flywire.com/ Name: _fbp
Value: fb.1.1727008168362.78653453012434190
.flywire.com/ Name: _gcl_au
Value: 1.1.409629624.1727008168
.flywire.com/ Name: _gid
Value: GA1.2.1246331582.1727008169
.flywire.com/ Name: _gat_gtag_UA_21478818_13
Value: 1
.flywire.com/ Name: _hjSessionUser_3487825
Value: eyJpZCI6IjZmOWM2YWQwLTk0MjgtNTk2Yi1iMzk0LWE5ZmU3MTAwYjBjNSIsImNyZWF0ZWQiOjE3MjcwMDgxNjg3OTksImV4aXN0aW5nIjpmYWxzZX0=
.flywire.com/ Name: _hjSession_3487825
Value: eyJpZCI6IjM4OGUwYzc4LTkyMDktNDBjNS1iMjY0LTJhNDRkOTUyYzA3YiIsImMiOjE3MjcwMDgxNjg4MDQsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.flywire.com/ Name: _hp2_ses_props.476072953
Value: %7B%22ts%22%3A1727008168330%2C%22d%22%3A%22payment.flywire.com%22%2C%22h%22%3A%22%2Fpay%22%2C%22q%22%3A%22%3Frecipient%3DUIG%22%7D
.flywire.com/ Name: _hp2_id.476072953
Value: %7B%22userId%22%3A%227962578803493471%22%2C%22pageviewId%22%3A%226501980942106776%22%2C%22sessionId%22%3A%222710698360990065%22%2C%22identity%22%3A%22rB%2FCH2bwDacxNQARBmRSAg%3D%3D%22%2C%22trackerVersion%22%3A%224.0%22%2C%22identityField%22%3Anull%2C%22isIdentified%22%3A1%7D
.flywire.com/ Name: _ga
Value: GA1.1.1859191764.1727008169
payment.flywire.com/ Name: AWSALB
Value: LO87fNFvRgwFAATR5VqjzEqv442uLDtLqJw3kIYJhaQ5IdKUxK98uzDXFR83yFoFuO7XsgIseZbuWxzmlyPjNy46eassxxcHvS89S7V2Jw7nwRfhXkzvBwMwbPKU
payment.flywire.com/ Name: AWSALBCORS
Value: LO87fNFvRgwFAATR5VqjzEqv442uLDtLqJw3kIYJhaQ5IdKUxK98uzDXFR83yFoFuO7XsgIseZbuWxzmlyPjNy46eassxxcHvS89S7V2Jw7nwRfhXkzvBwMwbPKU
.flywire.com/ Name: __ssid
Value: 21be98645dc4a7b1f08c17a913ab1f6
.flywire.com/ Name: _ga_G39TL6QXH6
Value: GS1.1.1727008168.1.1.1727008169.0.0.0
.flywire.com/ Name: _ga_6KR0YF0GH0
Value: GS1.1.1727008169.1.1.1727008169.0.0.0

70 Console Messages

Source Level URL
Text
security error URL: https://payment.flywire.com/?recipient=UIG(Line 40)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-SMQrEs4+LuqS/1u26vMXl3CTntnYIyjcjnMxWhoyCyI='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://payment.flywire.com/?recipient=UIG(Line 40)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-tEzngX0hvmlglEOEBN64sedxFfr0HTkBU2tra9gOIqk='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://payment.flywire.com/?recipient=UIG(Line 40)
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-PHm3oPbL95fGpn1Y3fCm4Y6/AsQMhqJV21UCIfniAWg='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://payment.flywire.com/?recipient=UIG
Message:
[Report Only] Refused to load the script 'https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/?recipient=UIG
Message:
[Report Only] Refused to load the script 'https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-xRq3GSTDvXVLIlTC5/klBfGTUfpX2/M2Xy9CJ2njKeU='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 1)
Message:
[Report Only] Refused to load the script 'https://cdn.heapanalytics.com/js/heap-476072953.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=UA-21478818-13' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-NvgR8ztPcxxwaezmqDfNDHz4iV6oY+hy3Wuqz4Y1EFc='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-+h58Paed9t64I/qu4vJQ9kGPREU/jaPYvK6VmGxxUYQ='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=AW-410801422' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-o5V5bjO8Jw4I00Ha6YZ5PKoDfyeM4+2tmTgjw8bCcqE='), or a nonce ('nonce-...') is required to enable inline execution.
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-cnRgj+pg4vXSqtoA8g9kiZDh9EU/INht2nHkBD6Hm3Q='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 7)
Message:
[Report Only] Refused to load the script 'https://connect.facebook.net/en_US/fbevents.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to execute inline script because it violates the following Content Security Policy directive: "script-src 'none'". Either the 'unsafe-inline' keyword, a hash ('sha256-DT8dgZf1vAChNIulyAs7Vr6SSfMNttuJxBxuFyRWUKs='), or a nonce ('nonce-...') is required to enable inline execution.
security error (Line 7)
Message:
[Report Only] Refused to load the script 'https://static.hotjar.com/c/hotjar-3487825.js?sv=6' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/feature_flags?features[]=PAAR-2945-payex_maintenance_mode&features[]=PAAR-4230-PollingInTrackingPage&features[]=PAAR-4583-profileCreditCards&features[]=PAAR-4646-use-tag-manager&features[]=REM-1040-coupons&features[]=REM-1186-coupons-in&features[]=PAAR-5246-payRemainingBalance&features[]=PAAR-5353-holidayBannerCN&features[]=PAAR-5353-holidayBannerVN&features[]=PAAR-5247-userWallet&features[]=REM-867-RedeemCashback&features[]=REM-1238-WhatsappSubscriptions&features[]=PAAR-5645-Non_FX_Payments&features[]=PAAR-5643-Mario&features[]=REM-1374-bannerCouponsCN&features[]=PAAR-5826-hideKycButton&fingerprint=rB/CH2bwDacxNQARBmRSAg==' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/feature_flags?features[]=PAAR-2945-payex_maintenance_mode&features[]=PAAR-4230-PollingInTrackingPage&features[]=PAAR-4583-profileCreditCards&features[]=PAAR-4646-use-tag-manager&features[]=REM-1040-coupons&features[]=REM-1186-coupons-in&features[]=PAAR-5246-payRemainingBalance&features[]=PAAR-5353-holidayBannerCN&features[]=PAAR-5353-holidayBannerVN&features[]=PAAR-5247-userWallet&features[]=REM-867-RedeemCashback&features[]=REM-1238-WhatsappSubscriptions&features[]=PAAR-5645-Non_FX_Payments&features[]=PAAR-5643-Mario&features[]=REM-1374-bannerCouponsCN&features[]=PAAR-5826-hideKycButton&fingerprint=rB/CH2bwDacxNQARBmRSAg==' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/localize' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/localize' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to load the script 'https://static.ada.support/embed2.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/v3/recipients/UIG?locale=en' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/v3/recipients/UIG?locale=en' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/v3/recipients/UIG/countries?locale=en' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/v3/recipients/UIG/countries?locale=en' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/v3/countries?locale=en' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/v3/countries?locale=en' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://connect.facebook.net/en_US/fbevents.js(Line 125)
Message:
[Report Only] Refused to load the script 'https://connect.facebook.net/signals/config/671130799943476?v=2.9.167&r=stable&domain=payment.flywire.com&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://static.hotjar.com/c/hotjar-3487825.js?sv=6(Line 2)
Message:
[Report Only] Refused to load the script 'https://script.hotjar.com/modules.0721e7cf944cf9d78a0b.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=UA-21478818-13(Line 87)
Message:
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-G39TL6QXH6&l=dataLayer&cx=c' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtag/js?id=UA-21478818-13(Line 87)
Message:
[Report Only] Refused to load the script 'https://www.google-analytics.com/analytics.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://static.ada.support/embed-manifest.json' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://static.ada.support/embed-manifest.json' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/localize' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/localize' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/main.fc283e14524717b53107.min.js
Message:
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-NRLXKJFZ' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-G39TL6QXH6&gtm=45je49j0v899164153za200&_p=1727008168073&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1727008168&sct=1&seg=0&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2915' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-G39TL6QXH6&gtm=45je49j0v899164153za200&_p=1727008168073&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1727008168&sct=1&seg=0&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2915' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2117561452&t=pageview&_s=1&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&ul=de-de&de=UTF-8&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1697639074&gjid=1082804919&cid=1859191764.1727008169&tid=UA-21478818-13&_gid=1246331582.1727008169&_r=1&gtm=457e49j0za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&jsscut=1&npa=1&z=1566906520' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://static.ada.support/embed2.js
Message:
[Report Only] Refused to load the script 'https://static.ada.support/embed2.69d2a1d.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.googletagmanager.com/gtm.js?id=GTM-NRLXKJFZ(Line 91)
Message:
[Report Only] Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-6KR0YF0GH0&l=dataLayer&cx=c' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://rollout.ada.support/flywire/client.json?ada_request_origin=embed' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://static.ada.support/chat-manifest.json' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://static.ada.support/chat-manifest.json' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/tracker' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/tracker' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/feature_flags?features[]=PAAR-2945-payex_maintenance_mode&features[]=PAAR-4230-PollingInTrackingPage&features[]=PAAR-4583-profileCreditCards&features[]=PAAR-4646-use-tag-manager&features[]=REM-1040-coupons&features[]=REM-1186-coupons-in&features[]=PAAR-5246-payRemainingBalance&features[]=PAAR-5353-holidayBannerCN&features[]=PAAR-5353-holidayBannerVN&features[]=PAAR-5247-userWallet&features[]=REM-867-RedeemCashback&features[]=REM-1238-WhatsappSubscriptions&features[]=PAAR-5645-Non_FX_Payments&features[]=PAAR-5643-Mario&features[]=REM-1374-bannerCouponsCN&features[]=PAAR-5826-hideKycButton&fingerprint=rB/CH2bwDacxNQARBmRSAg==' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/feature_flags?features[]=PAAR-2945-payex_maintenance_mode&features[]=PAAR-4230-PollingInTrackingPage&features[]=PAAR-4583-profileCreditCards&features[]=PAAR-4646-use-tag-manager&features[]=REM-1040-coupons&features[]=REM-1186-coupons-in&features[]=PAAR-5246-payRemainingBalance&features[]=PAAR-5353-holidayBannerCN&features[]=PAAR-5353-holidayBannerVN&features[]=PAAR-5247-userWallet&features[]=REM-867-RedeemCashback&features[]=REM-1238-WhatsappSubscriptions&features[]=PAAR-5645-Non_FX_Payments&features[]=PAAR-5643-Mario&features[]=REM-1374-bannerCouponsCN&features[]=PAAR-5826-hideKycButton&fingerprint=rB/CH2bwDacxNQARBmRSAg==' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/localize' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://payment.flywire.com/localize' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://rollout.ada.support/flywire/client.json?ada_request_origin=embed' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6KR0YF0GH0&gtm=45je49j0v890468871z89173687837za200zb9173687837&_p=1727008168073&gcd=13l3lPl2l1l1&npa=1&dma_cps=sya&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727008169&sct=1&seg=0&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=page_view&_fv=1&_ss=1&tfd=3434' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6KR0YF0GH0&gtm=45je49j0v890468871z89173687837za200zb9173687837&_p=1727008168073&gcd=13l3lPl2l1l1&npa=1&dma_cps=sya&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727008169&sct=1&seg=0&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=page_view&_fv=1&_ss=1&tfd=3434' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error (Line 10)
Message:
[Report Only] Refused to load the script 'https://cdn.siftscience.com/s.js' because it violates the following Content Security Policy directive: "script-src 'none'". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-G39TL6QXH6&gtm=45je49j0v899164153za200&_p=1727008168073&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&sid=1727008168&sct=1&seg=0&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&_s=2&tfd=7983' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-G39TL6QXH6&gtm=45je49j0v899164153za200&_p=1727008168073&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAI&sid=1727008168&sct=1&seg=0&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&_s=2&tfd=7983' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-G39TL6QXH6&gtm=45je49j0v899164153za200&_p=1727008168073&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=3&sid=1727008168&sct=1&seg=1&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dr=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=user_engagement&_et=3717&tfd=8017' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-G39TL6QXH6&gtm=45je49j0v899164153za200&_p=1727008168073&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=3&sid=1727008168&sct=1&seg=1&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dr=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=user_engagement&_et=3717&tfd=8017' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6KR0YF0GH0&gtm=45je49j0v890468871za200zb9173687837&_p=1727008168073&gcd=13l3lPl2l1l1&npa=1&dma_cps=sya&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dr=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&sid=1727008169&sct=1&seg=1&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=page_view&_et=866&tfd=8029' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6KR0YF0GH0&gtm=45je49j0v890468871za200zb9173687837&_p=1727008168073&gcd=13l3lPl2l1l1&npa=1&dma_cps=sya&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dr=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&sid=1727008169&sct=1&seg=1&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=page_view&_et=866&tfd=8029' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6KR0YF0GH0&gtm=45je49j0v890468871za200zb9173687837&_p=1727008168073&gcd=13l3lPl2l1l1&npa=1&dma_cps=sya&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1727008169&sct=1&seg=1&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dr=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=user_engagement&_et=3705&tfd=8030' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://region1.google-analytics.com/g/collect?v=2&tid=G-6KR0YF0GH0&gtm=45je49j0v890468871za200zb9173687837&_p=1727008168073&gcd=13l3lPl2l1l1&npa=1&dma_cps=sya&dma=1&tag_exp=0&cid=1859191764.1727008169&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=3&sid=1727008169&sct=1&seg=1&dl=https%3A%2F%2Fpayment.flywire.com%2Fpay%2Fpayment&dr=https%3A%2F%2Fpayment.flywire.com%2Fpay%3Frecipient%3DUIG&dt=Flywire%20-%20Delivering%20the%20most%20important%20%26%20complex%20payments&en=user_engagement&_et=3705&tfd=8030' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0' because it violates the following Content Security Policy directive: "connect-src 'none'".
security error URL: https://payment.flywire.com/assets/js/vendors.9180a376d94d2d3fbcaa.min.js(Line 1)
Message:
[Report Only] Refused to connect to 'https://sentry.io/api/271161/envelope/?sentry_key=e148c89ca64c434d865048f29cfa9e56&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.0' because it violates the following Content Security Policy directive: "connect-src 'none'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.heapanalytics.com
cdn.siftscience.com
connect.facebook.net
dxvn2m2gq0cmw.cloudfront.net
flywire.ada.support
fonts.googleapis.com
fonts.gstatic.com
heapanalytics.com
hexagon-analytics.com
payment.flywire.com
region1.google-analytics.com
rollout.ada.support
script.hotjar.com
sentry.io
static.ada.support
static.hotjar.com
uigar.flywire.com
www.facebook.com
www.flywire.com
www.google-analytics.com
www.googletagmanager.com
13.32.27.86
13.33.187.68
18.208.73.18
18.245.175.102
18.245.253.48
2001:4860:4802:32::36
2600:9000:266e:9200:10:b29e:7e00:21
2606:4700::6810:c40d
2a00:1450:4001:808::2008
2a00:1450:4001:811::2003
2a00:1450:4001:81c::200a
2a00:1450:4001:830::200e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
34.102.232.42
34.96.67.224
35.186.247.156
52.222.236.34
52.222.236.42
0055aa18da3581f4a468aaa7257d84f798e0fc070899c8008d9b321b76b98096
102b41f84e4271f363d46a7355e1477ca45b558ac337954548db61fdae565c89
1e61d45105dd99115437489381bfec09e56348cb9d1ad5a7aef096f169a7f1fe
205e68fdfdbcd8bef53b55ea1aaacd51d06474d2443dd5efc454ab0165c2320d
2229995d9d8e3087ae918acd2277647870fe77822b8abc449be0a48dc6e30741
260ac151b4a5504668e0178759bd5754af66a37f19a9cb0692f3dc4d3dba929a
2c81cc3c013e563ad03b70adcb3c9651ec391c768dafbe3e36f2da35320f8de4
2d8e1de797d741bb51035220b302e932a28ab630135b4a622ebda6ed03bff992
43da18f909be2ce7b2a6908460d55c1e85440107401bb04706c2bf725ff55fe5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47374cb7d373f9a8450e1237c80bc5fe68c61fbf0cdf958df7a298143b7dd445
4bacdd302bf60290262423b42196779018bbd793c50435732e7e756fc9ce3725
4d1cd2ad4fa15cd184957ae36e6484b6469429c98ee267873802d8af035b4b6d
4fe555f29da72aab5040ed8caa97c0afd089846bee273318663309c727f60491
55b6dfe6c3dc944c18a07aaecf8656ccc2c90b1c21fe9eb73ba17c8ecb8d58f5
58181f144beee70cde2bde5b35d9fdcdb49c91a46cb1e8057a8c8f561d619413
67c482243f604951ac751908daddf1a2b1b3f3cf9923d9526c2e2b25e909176d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
798e575d7aae2c90c23aa68421a0fca3eb75d4b6b921fa6be5de48274a74319d
7e570ef5c2ceb0fd64023cc716d4a93937147847a8f7d098a16873bfa86a438a
9118df92de8da50a4d8d64ee5b52965b62eacb1f9ab0a0e52dca7462359aa3cb
9a4f24ba696cea746ebddee15c232eeab34209b45573079e8ef80a50e036ba67
9aa10afacf02173561c6a29eb45e9f3871a29dc6231fc015903b3c67990e5874
9e144414aced4c04533fbf09dea6267f5fcde7f92107b557e9e7912e6e6b0d54
9f9ec0252a521fe33a19472a29be75aab2340a9a5327070d5919245415046334
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a13bf4ab35e85457f88cfa956636b4fd3273ec06a9f17ff116c4af7b17915647
a2f35f675b0624ca1b5da88237c2b88c8294659d311d1bb59a531248ee08f3e8
a81a878d410b540c6e52af6c62ad501e7523abc56fe631ff858c1847899cb7ea
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad05631e7ab4c47a345a7dc1673e916cd18d8946bc2aaa260e2ebaf1ecf38202
afd2285d8526f5ee0c8cb1a48689920828677838b29abf7ea3d0c2b4c6b17d23
afe4a2e011c649e63cdefc50f663b6300351086b50e88f9e67b5196531ab5ed9
b59aea27fa8369f30285b9c3875597435dfce1fc0571555adcc11d210cb9bd1b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcfab42c6f3d3f58176bc79833e5b6c3d098ec7bf7aad41748246b8fd6b40b54
cc7107496f15aa1b37e35f52c9ebdd75c1da47d9474345a4aa92f30258113ef9
ce1b542a830df77614b24e34329519d040f6fe241257126e703801fa1ea0469e
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e1a0d3d68d05c3b5103c5448530a1619047569b0e2e4408cbcd7cc5c490440fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855