card-payment.gbataxi.com Open in urlscan Pro
118.140.169.50 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://card-payment.gbataxi.com/
Submission: On January 29 via api (January 29th 2024, 8:43:03 am UTC) from US — Scanned from US

Summary HTTP 88 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 7 domains to perform 88 HTTP transactions. The main IP is 118.140.169.50, located in Central, Hong Kong and belongs to HUTCHISON-AS-AP HGC Global Communications Limited, HK. The main domain is card-payment.gbataxi.com.
TLS certificate: Issued by R3 on January 29th 2024. Valid for: 3 months.

This is the only time card-payment.gbataxi.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	118.140.169.50 118.140.169.50	9304 (HUTCHISON...) (HUTCHISON-AS-AP HGC Global Communications Limited)
1	2600:1901:0:7... 2600:1901:0:7f0c::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	2600:1901:0:9... 2600:1901:0:9672::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.244.231.134 35.244.231.134	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	2606:4700::68... 2606:4700::6810:523b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	99.86.91.3 99.86.91.3	16509 (AMAZON-02) (AMAZON-02)
1	3.162.38.113 3.162.38.113	16509 (AMAZON-02) (AMAZON-02)
11	192.225.157.157 192.225.157.157	30286 (THM) (THM)
1 2	13.249.9.72 13.249.9.72	() ()
1	54.158.164.13 54.158.164.13	() ()
5	54.243.108.33 54.243.108.33	() ()
10	34.120.214.181 34.120.214.181	() ()
2	130.211.27.57 130.211.27.57	() ()
1	18.164.52.63 18.164.52.63	() ()
1	192.225.158.1 192.225.158.1	() ()
88	16

3 118.140.169.50 (Central, Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)
PTR: mail.p360tec.com

card-payment.gbataxi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:7f0c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

checkout.airwallex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:1901:0:9672:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

checkout-demo.airwallex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.231.134 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 134.231.244.35.bc.googleusercontent.com

api-demo.airwallex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:523b (United States)

ASN13335 (CLOUDFLARENET, US)

static-demo.airwallex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.91.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-91-3.cdg50.r.cloudfront.net

cdn-scripts.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.162.38.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-113.cdg52.r.cloudfront.net

aac5fb818cb3.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 192.225.157.157 (United States)

ASN30286 (THM, US)

imgs.signifyd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.249.9.72 (None, ) 1 redirects

ASN- ()

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.158.164.13 (None, )

ASN- ()

0cc812d8f3e045e7aac9c03540437bb7-aac5fb818cb3.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.243.108.33 (None, )

ASN- ()

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.120.214.181 (None, )

ASN- ()

featuregates.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
events.statsigapi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.27.57 (None, )

ASN- ()

bws-demo.airwallex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.52.63 (None, )

ASN- ()

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.1 (None, )

ASN- ()

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	airwallex.com checkout.airwallex.com — Cisco Umbrella Rank: 386328 checkout-demo.airwallex.com api-demo.airwallex.com static-demo.airwallex.com bws-demo.airwallex.com	613 KB
13	signifyd.com cdn-scripts.signifyd.com — Cisco Umbrella Rank: 8946 imgs.signifyd.com — Cisco Umbrella Rank: 7684	94 KB
10	forter.com 1 redirects aac5fb818cb3.cdn4.forter.com cdn9.forter.com 0cc812d8f3e045e7aac9c03540437bb7-aac5fb818cb3.cdn.forter.com cdn0.forter.com cdn3.forter.com	157 KB
6	featuregates.org featuregates.org	5 KB
4	statsigapi.net events.statsigapi.net	184 B
3	gbataxi.com card-payment.gbataxi.com	136 KB
1	online-metrix.net h.online-metrix.net w2txo5aado7wqstko4tserz3ainqwahbf6zjv3vs3ac6871b81f68000sac.d.aa.online-metrix.net Failed	15 KB
88	7

	Domain	Requested by
18	checkout-demo.airwallex.com	card-payment.gbataxi.com checkout-demo.airwallex.com
11	imgs.signifyd.com	cdn-scripts.signifyd.com imgs.signifyd.com
6	featuregates.org	checkout-demo.airwallex.com
5	cdn0.forter.com
4	events.statsigapi.net	checkout-demo.airwallex.com
4	static-demo.airwallex.com	checkout-demo.airwallex.com static-demo.airwallex.com
3	api-demo.airwallex.com	checkout-demo.airwallex.com static-demo.airwallex.com
3	card-payment.gbataxi.com	card-payment.gbataxi.com
2	bws-demo.airwallex.com	static-demo.airwallex.com
2	cdn9.forter.com	1 redirects card-payment.gbataxi.com
2	cdn-scripts.signifyd.com	static-demo.airwallex.com cdn-scripts.signifyd.com
1	h.online-metrix.net	imgs.signifyd.com
1	cdn3.forter.com
1	0cc812d8f3e045e7aac9c03540437bb7-aac5fb818cb3.cdn.forter.com
1	aac5fb818cb3.cdn4.forter.com	card-payment.gbataxi.com
1	checkout.airwallex.com	card-payment.gbataxi.com
0	w2txo5aado7wqstko4tserz3ainqwahbf6zjv3vs3ac6871b81f68000sac.d.aa.online-metrix.net Failed
88	17

This site contains no links.

Subject Issuer	Validity	Valid
card-payment.gbataxi.com R3	`2024-01-29` - `2024-04-28`	3 months	crt.sh
airwallex.com GeoTrust TLS RSA CA G1	`2023-07-20` - `2024-08-18`	a year	crt.sh
cdn-scripts.signifyd.com Amazon RSA 2048 M01	`2023-07-03` - `2024-07-31`	a year	crt.sh
*.cdn4.forter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-28` - `2024-12-15`	a year	crt.sh
imgs.signifyd.com Go Daddy Secure Certificate Authority - G2	`2023-10-20` - `2024-11-20`	a year	crt.sh
*.cdn.forter.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2023-11-23` - `2024-07-22`	8 months	crt.sh
cdn0.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-22`	a year	crt.sh
featuregates.org R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
cdn3.forter.com GeoTrust TLS RSA CA G1	`2023-06-22` - `2024-07-03`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2023-10-20` - `2024-10-21`	a year	crt.sh
statsigapi.net R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://card-payment.gbataxi.com/
Frame ID: D430CE102CD0495295D872E77744CE60
Requests: 27 HTTP requests in this frame

Frame: https://checkout-demo.airwallex.com/
Frame ID: D9DD3D7C6A6D9899B98142A8C9E07AAF
Requests: 15 HTTP requests in this frame

Frame: https://checkout-demo.airwallex.com/
Frame ID: 7986B0E5BB3D3CEBEBE271C5DA767C10
Requests: 13 HTTP requests in this frame

Frame: https://checkout-demo.airwallex.com/
Frame ID: 5FCF8D4D12B2326E6A87601765380D14
Requests: 12 HTTP requests in this frame

Frame: https://imgs.signifyd.com/AkTTeMVorf_wxDtV?426be9bbc0d78381=AERZ2jvZAz68L5B4bKTFV3Aig9_mJgHJ2oOs_PCcu4d2uHUZB5-nPPCNqXxbkoOCF1QzvyoBivBhp8eWZwT1-DqFg9E88lxkzSbAyrE0VZNRA_QZj-WjrvhU7bhzV_xMCTCXwSgfACuPWbSSL1tAuAhy-58F11SocSl2H9ddNNMoh5R7hfwd0N8a48g6nxoL2tIDgUkd3gXbSVbi&jb=3539262668736f77355f616c646777732e687b6d3d576b666c6f75712530303139266a7362753d436a726f6f6d2e6271623543687a6d6567253232393a30
Frame ID: 1392B1456EEBF9E1E2C1572A56CBE9D0
Requests: 9 HTTP requests in this frame

Frame: https://imgs.signifyd.com/LU9tiZowsA6pM36R?41b94b2df2a4784d=ZTNskmLfFeIcsWeNYC46r0t869ZElWIjKGlraPR5mv_0yoIA_mLnOOfOtAQdTSfiPvtgHFDvMMbXCbpJ8gZ46Vz8IZR_hbL8UYz5Y-HTGMFP9gjx1IQs5l4QI2fLykOKtMdPWY5yLGi0grWJI8AHN5lZPTVIcxU1MTz2pgtXUFfHy9cy-mdFkA_txr7vdeA7OQSf-VVufzhgNq326cw
Frame ID: 3B43A1A597B52513B47A8C155AA6BD29
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/gR_cWrYt3lPBbDG_?04fdfe54f5a6e2e8=cQ3uDcDgWKPPhI7VaYFER7rGQ-AXB9NDLxO3G4JPnDpEw55wqs3JAPh75PMZ8CDshqHQrT4N75d5eK9XOzTbQhgMDNwFsZiu4B7-7PaIcoAuV8wQz8Ffzy59UXuxi7q8sjD9SDJguC74WkJ8SK6_eyo_CDGyq_hgMh0mW0lEetQU8ZCE3q_E-pNusP65SSxw5Znn7yBA35JRcMjPTsUm
Frame ID: 318C51CC07EBE3D525155785977D316F
Requests: 2 HTTP requests in this frame

Frame: https://imgs.signifyd.com/ognz4e_MNlHms_GR?f06e502dad84bde2=sAguP5mkSnQGozy3rj3yREys3gKHruxaEZ0z4g-e4yLgCdcOOVT9rQfcLj18TYd8zl19WLHZfTr6DWCaevyQoyQVHqq46zjeb9K5kb-5dxdM__FKPM4M4N7UZ86y5LnM3jaTPF5HLKHF-0dtW3qqN7goG3yLGP0OdTLekdm2OXqQhhO3H5c0U-5MPEcsLDIyD-w_p3_-PX6btvEUaIDG
Frame ID: A19F7ED8AD45097D01760C877257BC4A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GBA Taxi Credit Card Payment

Detected technologies

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Page Statistics

88
Requests

72 %
HTTPS

20 %
IPv6

7
Domains

17
Subdomains

16
IPs

2
Countries

1020 kB
Transfer

2969 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/7eec09933d4878736b27e71a18ab53b8a1e2cd027d884560bce6655cb8969013ac7f4ace651256e0def848d3a079

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
card-payment.gbataxi.com/ 684 B
940 B 1035ms
469ms Document
text/html 118.140.169.50
HUTCHISON-AS-AP H...

General

Check archive.org

Show headers Download Go to

Full URL: https://card-payment.gbataxi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.140.169.50 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS: mail.p360tec.com
Software: nginx /
Resource Hash: d4d73cbfa356cc0dc09dcf7ef3b30d6c14f1df27ff7582355e8b50d0cf1c5648

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 684
Content-Type: text/html
Date: Mon, 29 Jan 2024 08:42:56 GMT
ETag: "65b74184-2ac"
Keep-Alive: timeout=120
Last-Modified: Mon, 29 Jan 2024 06:11:16 GMT
Server: nginx

GET
H/1.1 200
OK main.9772d2d5.js Show response
card-payment.gbataxi.com/static/js/ 133 KB
133 KB 502ms
498ms Script
application/javascript 118.140.169.50
HUTCHISON-AS-AP H...

General

Check archive.org

Show headers Download Go to

Full URL: https://card-payment.gbataxi.com/static/js/main.9772d2d5.js
Requested by: Host: card-payment.gbataxi.com
URL: https://card-payment.gbataxi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.140.169.50 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS: mail.p360tec.com
Software: nginx /
Resource Hash: 987d0dea11ae4ba309ae7267a7ea83a447de0b8e74f196c961de418eed9c46ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 08:42:57 GMT
Last-Modified: Mon, 29 Jan 2024 06:11:16 GMT
Server: nginx
ETag: "65b74184-2131e"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 135966

GET
H/1.1 200
OK main.60d07aa3.css
card-payment.gbataxi.com/static/css/ 1 KB
2 KB 762ms
241ms Stylesheet
text/css 118.140.169.50
HUTCHISON-AS-AP H...

General

Check archive.org

Show headers Download Go to

Full URL: https://card-payment.gbataxi.com/static/css/main.60d07aa3.css
Requested by: Host: card-payment.gbataxi.com
URL: https://card-payment.gbataxi.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 118.140.169.50 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS: mail.p360tec.com
Software: nginx /
Resource Hash: fbd4f9bb8822a16dc07774774bce9c18aeed9d7c9b5b16f4683fd828a7a938b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 08:42:57 GMT
Last-Modified: Mon, 29 Jan 2024 06:11:16 GMT
Server: nginx
ETag: "65b74184-5c3"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 1475

GET
H2 200 CircularXXWeb-Regular.woff2
checkout.airwallex.com/fonts/CircularXXWeb/ 69 KB
70 KB 270ms
35ms Font
application/octet-stream 2600:1901:0:7f0c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout.airwallex.com/fonts/CircularXXWeb/CircularXXWeb-Regular.woff2
Requested by: Host: card-payment.gbataxi.com
URL: https://card-payment.gbataxi.com/static/css/main.60d07aa3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7f0c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fc3a9ae217b06062e27a237bc11fb37a309cd0ed7310da414d165995179eb7a9

Request headers

Referer: https://card-payment.gbataxi.com/
Origin: https://card-payment.gbataxi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 23:01:45 GMT
age: 34873
x-guploader-uploadid: ABPtcPoJg-xAxr4TkCq1OzSWEHsm3BzhZixIzjfzlYQ_kK2UQ7U_O4LekprutHsFWIWqSMrJjUVa6fVD4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71120
last-modified: Mon, 09 Aug 2021 08:50:10 GMT
server: UploadServer
etag: "1e5523271205dbd752a25f022e3878bb"
x-goog-generation: 1628499010433886
x-goog-hash: crc32c=x97jtQ==, md5=HlUjJxIF29dSol8CLjh4uw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 71120
accept-ranges: bytes
content-type: application/octet-stream

GET
H2 200 elements.bundle.min.js Show response
checkout-demo.airwallex.com/assets/ 76 KB
15 KB 819ms
597ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/assets/elements.bundle.min.js?version=1.25.0
Requested by: Host: card-payment.gbataxi.com
URL: https://card-payment.gbataxi.com/static/js/main.9772d2d5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 0362a5d689351251d885851f17e539915b4ac4a1e442aef989dc46d88313bbc2

Request headers

Referer: https://card-payment.gbataxi.com/
Origin: https://card-payment.gbataxi.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:42:58 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrcbhHVvzRW47_glHARQ1_cOk-0FoPZqAy0v1djZgu5cfx1IAobjZIPxBvxVLc6Moc0uBA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14608
last-modified: Mon, 29 Jan 2024 07:22:06 GMT
server: UploadServer
etag: "d6be08498f241323676ae290ad3e126a"
vary: Accept-Encoding
x-goog-generation: 1706512925852913
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=ihODIQ==, md5=1r4ISY8kEyNnauKQrT4Sag==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: private,no-cache,max-age=0
x-goog-stored-content-length: 14608
accept-ranges: bytes
expires: Mon, 29 Jan 2024 08:42:58 GMT

POST
H2 200 logs
api-demo.airwallex.com/papluginlogs/ 2 B
362 B 396ms
237ms Ping
text/plain 35.244.231.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-demo.airwallex.com/papluginlogs/logs
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/assets/elements.bundle.min.js?version=1.25.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.231.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 134.231.244.35.bc.googleusercontent.com
Software: APISIX /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://card-payment.gbataxi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Mon, 29 Jan 2024 08:42:59 GMT
via: 1.1 google, 1.1 google, 1.1 google
server: APISIX
x-b3-traceid: 969753971721dd3f4d72f7898c3bc1a3
access-control-max-age: 5
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
access-control-expose-headers: *
x-envoy-upstream-service-time: 5
server-timing: traceparent;desc="00-969753971721dd3f4d72f7898c3bc1a3-514881ec50452fdc-01"
access-control-allow-headers: *
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 index.js Show response
static-demo.airwallex.com/webapp/fraud/device-fingerprint/ 6 KB
4 KB 1317ms
1150ms Script
application/javascript 2606:4700::6810:523b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/index.js?sessionId=ee40cea7-8975-4d83-b552-9a6303d48e04&hasScriptId=false&disable3rdTracking=false
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/assets/elements.bundle.min.js?version=1.25.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:523b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73f330247155b9028a06a06a6904efb67da2b7e43a036e1b1d8bacbfb565966

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: MISS
x-b3-traceid: 830881bbabeecbd10eed6602e0e34542
x-guploader-uploadid: ABPtcPokLQkEo9B1ujekAXrdMBWv_BMhJiPm68sH9RVAYw19isdBgJl8E-EWlzk3KiLlrtGcjIJKodPLdw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
last-modified: Tue, 23 Jan 2024 06:14:43 GMT
server: cloudflare
etag: W/"8d2f685102a53ade05534abc61fba220"
vary: Origin, Accept-Encoding
x-goog-generation: 1705990483493762
content-type: application/javascript; charset=utf-8
x-goog-hash: crc32c=7i0NKw==, md5=jS9oUQKlOt4FU0q8YfuiIA==
cache-control: public,max-age=0
x-goog-stored-content-length: 5925
cf-ray: 84d02f56bc935e7c-EWR
expires: Mon, 29 Jan 2024 08:43:00 GMT

GET
H3 200 / Show response
checkout-demo.airwallex.com/ Frame D9DD 7 KB
4 KB 3023ms
2929ms Document
text/html 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/assets/elements.bundle.min.js?version=1.25.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 49967b137d4d2bb49d4d8850b27db852010f4da30c78aefb46f14a49b00135c9

Request headers

Referer: https://card-payment.gbataxi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private,no-store,no-cache,max-age=0
content-encoding: gzip
content-length: 3653
content-type: text/html
date: Mon, 29 Jan 2024 08:43:01 GMT
etag: "03625289992852b6ed7bdb366cadc88d"
expires: Mon, 29 Jan 2024 08:43:01 GMT
last-modified: Mon, 29 Jan 2024 07:22:05 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1706512925804562
x-goog-hash: crc32c=moyoMw== md5=A2JSiZkoUrbte9s2bK3IjQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3653
x-guploader-uploadid: ABPtcPp0hMzgIfiY9RmJjyrP27XGEaN7ouER9e0eVsR6LtrdGVDZQryMSrgdfviidNHOuzc7p44

GET
H3 200 / Show response
checkout-demo.airwallex.com/ Frame 7986 7 KB
4 KB 1223ms
1131ms Document
text/html 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/assets/elements.bundle.min.js?version=1.25.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 49967b137d4d2bb49d4d8850b27db852010f4da30c78aefb46f14a49b00135c9

Request headers

Referer: https://card-payment.gbataxi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private,no-store,no-cache,max-age=0
content-encoding: gzip
content-length: 3653
content-type: text/html
date: Mon, 29 Jan 2024 08:42:59 GMT
etag: "03625289992852b6ed7bdb366cadc88d"
expires: Mon, 29 Jan 2024 08:42:59 GMT
last-modified: Mon, 29 Jan 2024 07:22:05 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1706512925804562
x-goog-hash: crc32c=moyoMw== md5=A2JSiZkoUrbte9s2bK3IjQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3653
x-guploader-uploadid: ABPtcPqvlToTm-17LTxpTYQNfOKjhJhekbrkCDcjupf-Xr3HAXIzRTHfCLrLn311huFSOR0GCJI

GET
H3 200 / Show response
checkout-demo.airwallex.com/ Frame 5FCF 7 KB
4 KB 2306ms
2215ms Document
text/html 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/assets/elements.bundle.min.js?version=1.25.0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 49967b137d4d2bb49d4d8850b27db852010f4da30c78aefb46f14a49b00135c9

Request headers

Referer: https://card-payment.gbataxi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private,no-store,no-cache,max-age=0
content-encoding: gzip
content-length: 3653
content-type: text/html
date: Mon, 29 Jan 2024 08:43:00 GMT
etag: "03625289992852b6ed7bdb366cadc88d"
expires: Mon, 29 Jan 2024 08:43:00 GMT
last-modified: Mon, 29 Jan 2024 07:22:05 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1706512925804562
x-goog-hash: crc32c=moyoMw== md5=A2JSiZkoUrbte9s2bK3IjQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3653
x-guploader-uploadid: ABPtcPq4CBI_cqV4nWbvUYAVRpUiqIC0ahMBh7NF661bLEJZl4R6HbEU03nd_9kBH7LkoS1lStk

GET
H2 200 script-tag.js Show response
cdn-scripts.signifyd.com/api/ 10 KB
3 KB 509ms
228ms Script
application/javascript 99.86.91.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/script-tag.js?session_id=ee40cea7-8975-4d83-b552-9a6303d48e04
Requested by: Host: static-demo.airwallex.com
URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/index.js?sessionId=ee40cea7-8975-4d83-b552-9a6303d48e04&hasScriptId=false&disable3rdTracking=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-3.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:27:11 GMT
content-encoding: gzip
via: 1.1 6a7dbdb209ec7dcfec16316a2b155e06.cloudfront.net (CloudFront)
last-modified: Wed, 10 Jan 2024 11:26:22 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 950
x-amz-server-side-encryption: AES256
etag: W/"d34fe38d39e71cd6ace9ab1bfc0bb10a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: 9SXzsI_Tk4aICMpyelscfbG7HXg715K2j8GybbVrhht8oAdX5WZgWg==

GET
H2 200 120cf370d96685e30703.js Show response
static-demo.airwallex.com/webapp/fraud/device-fingerprint/ 95 KB
34 KB 43ms
41ms Script
application/javascript 2606:4700::6810:523b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/120cf370d96685e30703.js
Requested by: Host: static-demo.airwallex.com
URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/index.js?sessionId=ee40cea7-8975-4d83-b552-9a6303d48e04&hasScriptId=false&disable3rdTracking=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:523b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080fb41cfd92ab3b1a5ee8148a722817a7d116e379eb318c68c35502e250393d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-b3-traceid: 5833bd0ecead2100ebf3aa71e29e4818
age: 501136
cf-polished: origSize=97399
x-guploader-uploadid: ABPtcPpYYbrtKTgGWnN_FeGsymUlQfPSe0Rbmg0NjFV7yHneIMYU2If3JLJ1MkBe6aAVYi6PAQQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Tue, 23 Jan 2024 06:14:21 GMT
server: cloudflare
etag: W/"5468a94d1758157758acf9d8ede09450"
vary: Origin, Accept-Encoding
x-goog-generation: 1705990461662451
content-type: application/javascript; charset=utf-8
x-goog-hash: crc32c=cnEecQ==, md5=VGipTRdYFXdYrPnY7eCUUA==
cache-control: public,max-age=31536000
x-goog-stored-content-length: 97399
cf-ray: 84d02f5de8365e7c-EWR
expires: Wed, 22 Jan 2025 13:30:44 GMT

GET
H2 200 70f7ce1b28a9fe2cc7ba.js Show response
static-demo.airwallex.com/webapp/fraud/device-fingerprint/ 9 KB
4 KB 64ms
62ms Script
application/javascript 2606:4700::6810:523b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/70f7ce1b28a9fe2cc7ba.js
Requested by: Host: static-demo.airwallex.com
URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/index.js?sessionId=ee40cea7-8975-4d83-b552-9a6303d48e04&hasScriptId=false&disable3rdTracking=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:523b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f797b3b93e86d0a09388830de88aaeff4d99d69a584972a030c49a4723e591

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-b3-traceid: 63c72b3912ae3ef581eb1c3257afccde
age: 501137
x-guploader-uploadid: ABPtcPogd-iCe_kmmNk5fRu_dTqiLIhWWPtY921idxflGGzVevQFyh_tqg7-VnK7o3NMLS872Ug
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Tue, 23 Jan 2024 06:14:37 GMT
server: cloudflare
etag: W/"bfbf0264a0e58540e6babcfebdc51684"
vary: Origin, Accept-Encoding
x-goog-generation: 1705990476978597
content-type: application/javascript; charset=utf-8
x-goog-hash: crc32c=qSCYeQ==, md5=v78CZKDlhUDmurz+vcUWhA==
cache-control: public,max-age=31536000
x-goog-stored-content-length: 8831
cf-ray: 84d02f5df83d5e7c-EWR
expires: Wed, 22 Jan 2025 13:30:43 GMT

POST
H2 200 logs
api-demo.airwallex.com/papluginlogs/ 2 B
139 B 230ms
229ms Ping
text/plain 35.244.231.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-demo.airwallex.com/papluginlogs/logs
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/assets/elements.bundle.min.js?version=1.25.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.231.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 134.231.244.35.bc.googleusercontent.com
Software: APISIX /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://card-payment.gbataxi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
via: 1.1 google, 1.1 google, 1.1 google
server: APISIX
x-b3-traceid: 431b9cdba3cd3130992519fdb137258b
access-control-max-age: 5
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
access-control-expose-headers: *
x-envoy-upstream-service-time: 5
server-timing: traceparent;desc="00-431b9cdba3cd3130992519fdb137258b-f4c73418782a5c95-01"
access-control-allow-headers: *
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 vendor.84419031.js Show response
checkout-demo.airwallex.com/static/js/ Frame 7986 162 KB
54 KB 1210ms
1208ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/vendor.84419031.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e1dd5c298d2c2edf6534d9e75bc8cc1f36728866b048916561a40b382e2367ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPpJXLtfDSpvjzlvJPOAbJngsZB2kXrkShZRcJhgI9wJzQf01DLJ0y92SSGPwBsOyQi_1dk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55023
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "bb1fd4b7e5c888b91b21e4afa78b006f"
vary: Accept-Encoding
x-goog-generation: 1706512927265178
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=EoUwWw==, md5=ux/Ut+XIiLkbIeSvp4sAbw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 55023
accept-ranges: bytes

GET
H3 200 checkout.e9c84e15.js Show response
checkout-demo.airwallex.com/static/js/ Frame 7986 311 KB
91 KB 1158ms
1156ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/checkout.e9c84e15.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c023f415585a76618599e6b68f8113a3bb81169ed931d8262b70f31b5b42c61d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPoTwssjZNSU2GQC_tsXvRqOJuH3O7xqxX6iIWUnHgd-jetb_xg29Lr1dPC6o_OrjMtwG0M
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93020
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "a0858f400263e20e14c8cf3f38844ba2"
vary: Accept-Encoding
x-goog-generation: 1706512927070857
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=VMXyaA==, md5=oIWPQAJj4g4UyM8/OIRLog==
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 93020
accept-ranges: bytes

GET
H2 200 5d72e4bc043065bd9a15.js Show response
static-demo.airwallex.com/webapp/fraud/device-fingerprint/ 9 KB
4 KB 41ms
40ms Script
application/javascript 2606:4700::6810:523b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/5d72e4bc043065bd9a15.js
Requested by: Host: static-demo.airwallex.com
URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/index.js?sessionId=ee40cea7-8975-4d83-b552-9a6303d48e04&hasScriptId=false&disable3rdTracking=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:523b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f709db9f61798e10736bf08832d9caac3ddd87d384fa8ca9bee60fd4ce9b4ea3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
x-b3-traceid: 62b9018f1ccf116c1d49570a90c0a840
age: 501135
x-guploader-uploadid: ABPtcPqtGDysjL46CTdKck0K-ZFvvhO8r_dGiwfLWA83tNvt6012yqufLf85CfzQeCHBp_Aoo3U
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
cf-bgj: minify
last-modified: Tue, 23 Jan 2024 06:14:31 GMT
server: cloudflare
etag: W/"1aac319bf003f49912ef98c1109e446d"
vary: Origin, Accept-Encoding
x-goog-generation: 1705990471811537
content-type: application/javascript; charset=utf-8
x-goog-hash: crc32c=oqde9Q==, md5=Gqwxm/AD9JkS75jBEJ5EbQ==
cache-control: public,max-age=31536000
x-goog-stored-content-length: 8873
cf-ray: 84d02f5eb88d5e7c-EWR
expires: Wed, 22 Jan 2025 13:30:45 GMT

GET
H2 200 script.js Show response
aac5fb818cb3.cdn4.forter.com/sn/aac5fb818cb3/ 324 KB
153 KB 452ms
192ms Script
application/javascript 3.162.38.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aac5fb818cb3.cdn4.forter.com/sn/aac5fb818cb3/script.js

Requested by

Host: card-payment.gbataxi.com
URL: https://card-payment.gbataxi.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.162.38.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-162-38-113.cdg52.r.cloudfront.net

Software

Resource Hash

446068aebfb94cf7d332d3964eec2519355a09fc4f431c8beaa79ab37111553c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 a28484674ba426e000be2ae849e78a26.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P6
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 11 Jan 2024 16:09:32 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/aac5fb818cb3/32035695490
etag: W/"362fa8ad58c2dba2397b669e11bf8b0c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, immutable, max-age=600
timing-allow-origin: *
x-amz-cf-id: izGJzXCK6hhlnidGweqfEa5TdQrBfU3OGGlDEh4kYpO1fK-jfx14NA==

GET
H2 200 company_toolkit.js Show response
cdn-scripts.signifyd.com/api/ 4 KB
2 KB 97ms
96ms Script
application/javascript 99.86.91.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js
Requested by: Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/script-tag.js?session_id=ee40cea7-8975-4d83-b552-9a6303d48e04
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.91.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-91-3.cdg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:14:59 GMT
content-encoding: gzip
via: 1.1 6a7dbdb209ec7dcfec16316a2b155e06.cloudfront.net (CloudFront)
last-modified: Tue, 30 May 2023 10:18:44 GMT
server: AmazonS3
x-amz-cf-pop: CDG50-C1
age: 1682
x-amz-server-side-encryption: AES256
etag: W/"2c3950f122b3977df61b0e077aaa92c8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=1800
x-amz-cf-id: CiIsdMoyHoC2w9CW3lZx0qrmcOmRvEPLlJCTs0iQj2g7vGTxpaO5TA==

GET
H/1.1 200
OK edoa4pydnyveuvah.js Show response
imgs.signifyd.com/ 95 KB
13 KB 415ms
169ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/edoa4pydnyveuvah.js?z9isdpag6kqnnx0v=w2txo5aa&6iakd5erqltdznyx=ee40cea7-8975-4d83-b552-9a6303d48e04

Requested by

Host: cdn-scripts.signifyd.com
URL: https://cdn-scripts.signifyd.com/api/company_toolkit.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e92cb609b5a0e77d0483dc07d8c28a6848769f840b48f514ebcaa0700c6e4352

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 08:43:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK b5d66057-d342-4480-8379-9f01a2637dfa
https://card-payment.gbataxi.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://card-payment.gbataxi.com/b5d66057-d342-4480-8379-9f01a2637dfa
Requested by: Host: card-payment.gbataxi.com
URL: https://card-payment.gbataxi.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 89a225c5b253d4af4857b2f0fa9e41f2a1af6384748b93b7a54dca3d771950e1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 5318
Content-Type: application/javascript

GET
H3 200 vendor.84419031.js Show response
checkout-demo.airwallex.com/static/js/ Frame 5FCF 162 KB
54 KB 276ms
275ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/vendor.84419031.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e1dd5c298d2c2edf6534d9e75bc8cc1f36728866b048916561a40b382e2367ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ABPtcPpJXLtfDSpvjzlvJPOAbJngsZB2kXrkShZRcJhgI9wJzQf01DLJ0y92SSGPwBsOyQi_1dk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55023
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "bb1fd4b7e5c888b91b21e4afa78b006f"
vary: Accept-Encoding
x-goog-generation: 1706512927265178
x-goog-hash: crc32c=EoUwWw==, md5=ux/Ut+XIiLkbIeSvp4sAbw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 55023
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 checkout.e9c84e15.js Show response
checkout-demo.airwallex.com/static/js/ Frame 5FCF 311 KB
91 KB 232ms
231ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/checkout.e9c84e15.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c023f415585a76618599e6b68f8113a3bb81169ed931d8262b70f31b5b42c61d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ABPtcPoTwssjZNSU2GQC_tsXvRqOJuH3O7xqxX6iIWUnHgd-jetb_xg29Lr1dPC6o_OrjMtwG0M
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93020
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "a0858f400263e20e14c8cf3f38844ba2"
vary: Accept-Encoding
x-goog-generation: 1706512927070857
x-goog-hash: crc32c=VMXyaA==, md5=oIWPQAJj4g4UyM8/OIRLog==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 93020
accept-ranges: bytes
content-type: application/javascript

GET
H2

200

7eec09933d4878736b27e71a18ab53b8a1e2cd027d884560bce6655cb8969013ac7f4ace651256e0def848d3a079 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/7eec09933d4878736b27e71a18ab53b8a1e2cd027d884560bce6655cb8969013ac7f4ace651256e0def848d3a079

0
324 B

319ms
319ms

XHR
text/plain

13.249.9.72

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/7eec09933d4878736b27e71a18ab53b8a1e2cd027d884560bce6655cb8969013ac7f4ace651256e0def848d3a079

Requested by

Host: card-payment.gbataxi.com
URL: https://card-payment.gbataxi.com/

Protocol

Server

13.249.9.72 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:01 GMT
via: 1.1 d3c8e64039dcd16cd7cc4074aaecf75c.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: nzzaz3x9DJ-WagNxKcIyzIuZYtRwUP2VWW4yXJH-tW_m50XmUJKplg==

Redirect headers

date: Mon, 29 Jan 2024 08:43:01 GMT
via: 1.1 d3c8e64039dcd16cd7cc4074aaecf75c.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: CDG53-C1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/7eec09933d4878736b27e71a18ab53b8a1e2cd027d884560bce6655cb8969013ac7f4ace651256e0def848d3a079
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: zOIhBqAxC-Wec9s3CGvihvtlZ_Uiua8_vWf23Kvz164J0hFs0odAew==

GET
BLOB 200
OK 4065df7d-0a46-47fc-81f1-fddeceb5e294
https://card-payment.gbataxi.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://card-payment.gbataxi.com/4065df7d-0a46-47fc-81f1-fddeceb5e294
Requested by: Host: card-payment.gbataxi.com
URL: https://card-payment.gbataxi.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d169691c923cb22a72888d8684adf60e03f03a4ce220678f3ff4c6f4d71b99

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 17325
Content-Type: application/javascript

POST
H/1.1 200
OK prop.json
0cc812d8f3e045e7aac9c03540437bb7-aac5fb818cb3.cdn.forter.com/ 2 B
632 B 320ms
81ms Ping
application/json 54.158.164.13

General

Check archive.org

Show headers Download Go to

Full URL: https://0cc812d8f3e045e7aac9c03540437bb7-aac5fb818cb3.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.158.164.13 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://card-payment.gbataxi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 29 Jan 2024 08:43:01 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Sun, 28 Jan 2024 11:05:29 GMT
Server: Apache
ETag: "2-60fff81cd030c"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://card-payment.gbataxi.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/ 20 B
368 B 258ms
24ms XHR
application/json 54.243.108.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/prop.json?_=1706517781203
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:01 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://card-payment.gbataxi.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

OPTIONS
H2 204 initialize
featuregates.org/v1/ Frame 0
0 331ms
76ms Preflight 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://featuregates.org/v1/initialize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,statsig-api-key,statsig-client-time,statsig-encoded,statsig-sdk-type,statsig-sdk-version
Access-Control-Request-Method: POST
Origin: https://checkout-demo.airwallex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,statsig-api-key,statsig-client-time,statsig-encoded,statsig-sdk-type,statsig-sdk-version
access-control-allow-methods: POST, GET, DELETE, PATCH, PUT
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy: frame-ancestors *.statsig.com
date: Mon, 29 Jan 2024 08:43:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff;
x-envoy-upstream-service-time: 5
x-statsig-region: gke-us-east1

POST
H2 200 initialize Show response
featuregates.org/v1/ Frame 7986 7 KB
2 KB 129ms
129ms Fetch
application/json 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://featuregates.org/v1/initialize

Requested by

Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/checkout.e9c84e15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

03d6712eaf8782db8848660141b6d1c2a7024f196a43d60f30de096e08b27255

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

STATSIG-CLIENT-TIME: 1706517781550
STATSIG-API-KEY: client-LJmokBKXH96F2ZdI0ZYDyd27hX7Z8HfNU35XJvv3jxa
STATSIG-SDK-VERSION: 1.30.3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json; charset=UTF-8
Referer: https://checkout-demo.airwallex.com/
STATSIG-ENCODED: 1
STATSIG-SDK-TYPE: react-client

Response headers

date: Mon, 29 Jan 2024 08:43:01 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors *.statsig.com
via: 1.1 google
server: istio-envoy
x-content-type-options: nosniff;
x-statsig-region: gke-us-east1
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 55
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1668

POST
H2 200 initialize Show response
featuregates.org/v1/ Frame 5FCF 7 KB
2 KB 74ms
72ms Fetch
application/json 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://featuregates.org/v1/initialize

Requested by

Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/checkout.e9c84e15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

404fe746810c067ceb997b7b87320701c61606c0d4e2751a69c5807bff8c9e3e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

STATSIG-CLIENT-TIME: 1706517781561
STATSIG-API-KEY: client-LJmokBKXH96F2ZdI0ZYDyd27hX7Z8HfNU35XJvv3jxa
STATSIG-SDK-VERSION: 1.30.3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json; charset=UTF-8
Referer: https://checkout-demo.airwallex.com/
STATSIG-ENCODED: 1
STATSIG-SDK-TYPE: react-client

Response headers

date: Mon, 29 Jan 2024 08:43:01 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors *.statsig.com
via: 1.1 google
server: istio-envoy
x-content-type-options: nosniff;
x-statsig-region: gke-us-east1
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 18
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1667

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/ 20 B
368 B 24ms
24ms XHR
application/json 54.243.108.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/prop.json?_=1706517781546
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:01 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://card-payment.gbataxi.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

OPTIONS
H2 204 initialize
featuregates.org/v1/ Frame 0
0 320ms
76ms Preflight 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://featuregates.org/v1/initialize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,statsig-api-key,statsig-client-time,statsig-encoded,statsig-sdk-type,statsig-sdk-version
Access-Control-Request-Method: POST
Origin: https://checkout-demo.airwallex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,statsig-api-key,statsig-client-time,statsig-encoded,statsig-sdk-type,statsig-sdk-version
access-control-allow-methods: POST, GET, DELETE, PATCH, PUT
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy: frame-ancestors *.statsig.com
date: Mon, 29 Jan 2024 08:43:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff;
x-envoy-upstream-service-time: 1
x-statsig-region: gke-us-east1

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/ 20 B
368 B 22ms
22ms XHR
application/json 54.243.108.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/prop.json?_=1706517781644
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:01 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://card-payment.gbataxi.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/ 20 B
449 B 22ms
22ms XHR
application/json 54.243.108.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/wpt.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://card-payment.gbataxi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:01 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://card-payment.gbataxi.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Keep-Alive: timeout=10
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/ Frame 0
0 22ms
22ms Preflight 54.243.108.33

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/aac5fb818cb3/0cc812d8f3e045e7aac9c03540437bb7/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.243.108.33 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://card-payment.gbataxi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Mon, 29 Jan 2024 08:43:01 GMT
Keep-Alive: timeout=10
Vary: Access-Control-Request-Headers

GET
H3 200 vendor.84419031.js Show response
checkout-demo.airwallex.com/static/js/ Frame D9DD 162 KB
54 KB 31ms
30ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/vendor.84419031.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e1dd5c298d2c2edf6534d9e75bc8cc1f36728866b048916561a40b382e2367ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ABPtcPpJXLtfDSpvjzlvJPOAbJngsZB2kXrkShZRcJhgI9wJzQf01DLJ0y92SSGPwBsOyQi_1dk
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55023
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "bb1fd4b7e5c888b91b21e4afa78b006f"
vary: Accept-Encoding
x-goog-generation: 1706512927265178
x-goog-hash: crc32c=EoUwWw==, md5=ux/Ut+XIiLkbIeSvp4sAbw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 55023
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 checkout.e9c84e15.js Show response
checkout-demo.airwallex.com/static/js/ Frame D9DD 311 KB
91 KB 51ms
50ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/checkout.e9c84e15.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c023f415585a76618599e6b68f8113a3bb81169ed931d8262b70f31b5b42c61d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:00 GMT
content-encoding: gzip
age: 1
x-guploader-uploadid: ABPtcPoTwssjZNSU2GQC_tsXvRqOJuH3O7xqxX6iIWUnHgd-jetb_xg29Lr1dPC6o_OrjMtwG0M
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93020
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "a0858f400263e20e14c8cf3f38844ba2"
vary: Accept-Encoding
x-goog-generation: 1706512927070857
x-goog-hash: crc32c=VMXyaA==, md5=oIWPQAJj4g4UyM8/OIRLog==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 93020
accept-ranges: bytes
content-type: application/javascript

POST
H3 200 initialize Show response
featuregates.org/v1/ Frame D9DD 7 KB
2 KB 93ms
92ms Fetch
application/json 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://featuregates.org/v1/initialize

Requested by

Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/checkout.e9c84e15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

3fadbbf04f824dc6b7ad204848012056afc1609b4857eda1b6afc50ad58a9418

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

STATSIG-CLIENT-TIME: 1706517781927
STATSIG-API-KEY: client-LJmokBKXH96F2ZdI0ZYDyd27hX7Z8HfNU35XJvv3jxa
STATSIG-SDK-VERSION: 1.30.3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json; charset=UTF-8
Referer: https://checkout-demo.airwallex.com/
STATSIG-ENCODED: 1
STATSIG-SDK-TYPE: react-client

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors *.statsig.com
via: 1.1 google
server: istio-envoy
x-content-type-options: nosniff;
x-statsig-region: gke-us-east1
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 53
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1667

OPTIONS
H2 204 initialize
featuregates.org/v1/ Frame 0
0 85ms
84ms Preflight 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://featuregates.org/v1/initialize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,statsig-api-key,statsig-client-time,statsig-encoded,statsig-sdk-type,statsig-sdk-version
Access-Control-Request-Method: POST
Origin: https://checkout-demo.airwallex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,statsig-api-key,statsig-client-time,statsig-encoded,statsig-sdk-type,statsig-sdk-version
access-control-allow-methods: POST, GET, DELETE, PATCH, PUT
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-security-policy: frame-ancestors *.statsig.com
date: Mon, 29 Jan 2024 08:43:01 GMT
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-content-type-options: nosniff;
x-envoy-upstream-service-time: 5
x-statsig-region: gke-us-east1

POST
H2 200 ee40cea7-8975-4d83-b552-9a6303d48e04
bws-demo.airwallex.com/bws/v1/ 0
0 604ms
268ms Ping
application/json 130.211.27.57

General

Check archive.org

Show headers Download Go to

Full URL: https://bws-demo.airwallex.com/bws/v1/ee40cea7-8975-4d83-b552-9a6303d48e04
Requested by: Host: static-demo.airwallex.com
URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/70f7ce1b28a9fe2cc7ba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.27.57 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://card-payment.gbataxi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK AkTTeMVorf_wxDtV Show response
imgs.signifyd.com/ Frame 1392 272 KB
46 KB 98ms
98ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/AkTTeMVorf_wxDtV?426be9bbc0d78381=AERZ2jvZAz68L5B4bKTFV3Aig9_mJgHJ2oOs_PCcu4d2uHUZB5-nPPCNqXxbkoOCF1QzvyoBivBhp8eWZwT1-DqFg9E88lxkzSbAyrE0VZNRA_QZj-WjrvhU7bhzV_xMCTCXwSgfACuPWbSSL1tAuAhy-58F11SocSl2H9ddNNMoh5R7hfwd0N8a48g6nxoL2tIDgUkd3gXbSVbi&jb=3539262668736f77355f616c646777732e687b6d3d576b666c6f75712530303139266a7362753d436a726f6f6d2e6271623543687a6d6567253232393a30

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/edoa4pydnyveuvah.js?z9isdpag6kqnnx0v=w2txo5aa&6iakd5erqltdznyx=ee40cea7-8975-4d83-b552-9a6303d48e04

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

af5adefe8839cac56cbc9a4a7642aaad5a70e98d87d0f11cca84b485b61e47cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 08:43:01 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 3ac6871b81f68000
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK hz0Nl-dTeoKnEOs2
imgs.signifyd.com/ Frame 1392 81 B
475 B 402ms
201ms Image
image/png 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/hz0Nl-dTeoKnEOs2?ddc935f3f3db4782=FVot7zOYyTurWWy85ADuNxf8Rdq03uflgzxmu3wcwA6HdT9CkTUm_hSCtvOBIIxjBPPMlja5Dq5Lf-6Sd2sI6YYAKkVm7Mh_deHSNFIyqMxuCtg4Vyq0SYQFkcIt5azRHZzeeriwnbnGKXasNvxZ6hkwcDlxPW7wZTUIAi4

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK eyUb1IYBIm0YnLU4
imgs.signifyd.com/ Frame 1392 81 B
475 B 411ms
206ms Image
image/png 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/eyUb1IYBIm0YnLU4?abb35eed7ec5999a=kGsoLy0tOvQ9_8i0M8rX0A4TGzRpl4yGol6J6diSBWaRThy56Bb8cApCpjvu8X0NSInpmDkjeh_1ZJPnZ4WcmbUNdu2tXqd6cQdLBLaFzdYN-RaSxZI9MuRGaYGOovptdMpy5Em_bphuPsv2KCLlAPEQ8h9470huxB6FxwY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET 1033.ac346b2d.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 5FCF 0
0

GET 7333.f029bc4c.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 5FCF 0
0

GET 5725.1a6c0bef.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 5FCF 0
0

GET 6191.3432040a.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 5FCF 0
0

GET
H3 200 8109.1a3b81f4.chunk.js Show response
checkout-demo.airwallex.com/static/js/ Frame 5FCF 14 KB
6 KB 595ms
593ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/8109.1a3b81f4.chunk.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e70f3b87307c3af2a194855fd3ec39b2d897f43eb1f2a245534897c8d73d4bd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPq2evZHvhidlws8GxoTS1JNpE_yfW07bqzBK8tdcCixK0s9JaYd1RsYriPgzC840uD7sIc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6089
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "c0056eab45303157df9b7abbcd73fb0c"
vary: Accept-Encoding
x-goog-generation: 1706512926914574
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=n0MLWA==, md5=wAVuq0UwMVffm3q7zXP7DA==
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 6089
accept-ranges: bytes

GET
H3 200 9973.9bf5f8c7.chunk.js Show response
checkout-demo.airwallex.com/static/js/ Frame 5FCF 9 KB
4 KB 637ms
636ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/9973.9bf5f8c7.chunk.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: fb2096985df4cc04f38a570d0631ac26fc642e4e90b74109dc8eaa970c1f4065

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrzm99LXbEeytZitdi__fSA2MY6I8pCV3PdImW7b3VEzijTob-D6X8cKiAEAeshYPBIaBI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3905
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "943644209bc26406fae1b052b27de953"
vary: Accept-Encoding
x-goog-generation: 1706512927071126
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=+2tz+w==, md5=lDZEIJvCZAb64bBSsn3pUw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 3905
accept-ranges: bytes

GET 4645.bbae72d3.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 5FCF 0
0

GET 1033.ac346b2d.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 7986 0
0

GET 7333.f029bc4c.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 7986 0
0

GET 5725.1a6c0bef.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 7986 0
0

GET 6191.3432040a.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 7986 0
0

GET
H3 200 5653.708482a8.chunk.js Show response
checkout-demo.airwallex.com/static/js/ Frame 7986 8 KB
3 KB 607ms
605ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/5653.708482a8.chunk.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5f37fe3458e2f6780771d644ec27700056f86539e6d787903ea12023a3d9545e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPpTGsfNV3DzNmEB5Sm2QuGI8QcRNZpzCcjV4wEu6JzGcYsPAt6AOGsxfTY5Oo2m9M7-sqw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2713
last-modified: Mon, 29 Jan 2024 07:22:06 GMT
server: UploadServer
etag: "74cf39bcf7eb8ecae6a822823994355b"
vary: Accept-Encoding
x-goog-generation: 1706512926635780
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=zSjuVw==, md5=dM85vPfrjsrmqCKCOZQ1Ww==
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 2713
accept-ranges: bytes

GET
H3 200 8109.1a3b81f4.chunk.js Show response
checkout-demo.airwallex.com/static/js/ Frame 7986 14 KB
6 KB 582ms
580ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/8109.1a3b81f4.chunk.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e70f3b87307c3af2a194855fd3ec39b2d897f43eb1f2a245534897c8d73d4bd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPq2evZHvhidlws8GxoTS1JNpE_yfW07bqzBK8tdcCixK0s9JaYd1RsYriPgzC840uD7sIc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6089
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "c0056eab45303157df9b7abbcd73fb0c"
vary: Accept-Encoding
x-goog-generation: 1706512926914574
x-goog-hash: crc32c=n0MLWA==, md5=wAVuq0UwMVffm3q7zXP7DA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 6089
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 2452.c4191e87.chunk.js Show response
checkout-demo.airwallex.com/static/js/ Frame 7986 18 KB
6 KB 611ms
609ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/2452.c4191e87.chunk.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 62f619c3ea6901443bb27954198c74036bcb5930fc7aefb54135492c1f9ea9ab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrxmP91rCFTxGSBF7WGsPo22iURAjsafwW56ASBlQGTucjENWw8Crq5ZnKOYYqbpxMil7I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6330
last-modified: Mon, 29 Jan 2024 07:22:06 GMT
server: UploadServer
etag: "2f4d9351ca5913cba2b04f2f62fc1baf"
vary: Accept-Encoding
x-goog-generation: 1706512926222808
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=yRCHBw==, md5=L02TUcpZE8uisE8vYvwbrw==
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 6330
accept-ranges: bytes

GET 4645.bbae72d3.chunk.js
checkout-demo.airwallex.com/static/js/ Frame 7986 0
0

GET 1033.ac346b2d.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 0
0

GET 7333.f029bc4c.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 0
0

GET 5725.1a6c0bef.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 0
0

GET 6191.3432040a.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 0
0

GET
H3 200 5653.708482a8.chunk.js Show response
checkout-demo.airwallex.com/static/js/ Frame D9DD 8 KB
3 KB 527ms
525ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/5653.708482a8.chunk.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5f37fe3458e2f6780771d644ec27700056f86539e6d787903ea12023a3d9545e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPpTGsfNV3DzNmEB5Sm2QuGI8QcRNZpzCcjV4wEu6JzGcYsPAt6AOGsxfTY5Oo2m9M7-sqw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2713
last-modified: Mon, 29 Jan 2024 07:22:06 GMT
server: UploadServer
etag: "74cf39bcf7eb8ecae6a822823994355b"
vary: Accept-Encoding
x-goog-generation: 1706512926635780
x-goog-hash: crc32c=zSjuVw==, md5=dM85vPfrjsrmqCKCOZQ1Ww==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 2713
accept-ranges: bytes
content-type: application/javascript

GET 71.72121520.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 0
0

GET 9323.e6be261f.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 0
0

GET 3348.44c5a1b2.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 0
0

GET
H3 200 8109.1a3b81f4.chunk.js Show response
checkout-demo.airwallex.com/static/js/ Frame D9DD 14 KB
6 KB 499ms
498ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/8109.1a3b81f4.chunk.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash: e70f3b87307c3af2a194855fd3ec39b2d897f43eb1f2a245534897c8d73d4bd0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPq2evZHvhidlws8GxoTS1JNpE_yfW07bqzBK8tdcCixK0s9JaYd1RsYriPgzC840uD7sIc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6089
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "c0056eab45303157df9b7abbcd73fb0c"
vary: Accept-Encoding
x-goog-generation: 1706512926914574
x-goog-hash: crc32c=n0MLWA==, md5=wAVuq0UwMVffm3q7zXP7DA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 6089
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 8923.8bbdc670.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 14 KB
5 KB 609ms
608ms Script
application/javascript 2600:1901:0:9672::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://checkout-demo.airwallex.com/static/js/8923.8bbdc670.chunk.js
Requested by: Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:9672:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: UploadServer /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://checkout-demo.airwallex.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrvE8qvbv59jutSoa9DnhdS4FCi7wWbEnDw_nED7RHYzQQfY6JYPzETccuJVeMSTWz6eEU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5075
last-modified: Mon, 29 Jan 2024 07:22:07 GMT
server: UploadServer
etag: "b9776d8346f45312e554c3b6d7aacdd4"
vary: Accept-Encoding
x-goog-generation: 1706512927035955
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=orEOeg==, md5=uXdtg0b0UxLlVMO216rN1A==
access-control-expose-headers: Content-Type
cache-control: public,max-age=3600
x-goog-stored-content-length: 5075
accept-ranges: bytes

GET 4645.bbae72d3.chunk.js
checkout-demo.airwallex.com/static/js/ Frame D9DD 0
0

POST
H2 200 events
cdn3.forter.com/ 0
427 B 467ms
191ms Ping
text/plain 18.164.52.63

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.52.63 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://card-payment.gbataxi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Mon, 29 Jan 2024 08:43:02 GMT
strict-transport-security: max-age=86400; includeSubDomains
via: 1.1 03e404344c9f165c7468cdb109674f3a.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG50-P4
vary: Origin
x-cache: Miss from cloudfront
access-control-allow-origin: https://card-payment.gbataxi.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0B7wSQmxXDSdhAoG4YT0fswQo7aL_HYvQnPmLHYbzo5_viOE2GDdkw==
expires: -1

GET
H/1.1 200
OK clear.png Show response
imgs.signifyd.com/fp/ Frame 1392 81 B
540 B 363ms
161ms XHR
image/png 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/fp/clear.png

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/AkTTeMVorf_wxDtV?426be9bbc0d78381=AERZ2jvZAz68L5B4bKTFV3Aig9_mJgHJ2oOs_PCcu4d2uHUZB5-nPPCNqXxbkoOCF1QzvyoBivBhp8eWZwT1-DqFg9E88lxkzSbAyrE0VZNRA_QZj-WjrvhU7bhzV_xMCTCXwSgfACuPWbSSL1tAuAhy-58F11SocSl2H9ddNNMoh5R7hfwd0N8a48g6nxoL2tIDgUkd3gXbSVbi&jb=3539262668736f77355f616c646777732e687b6d3d576b666c6f75712530303139266a7362753d436a726f6f6d2e6271623543687a6d6567253232393a30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, w2txo5aa/3ac6871b81f68000ee40cea7-8975-4d83-b552-9a6303d48e04
Referer: https://card-payment.gbataxi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 08:43:02 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 29 Jan 2024 08:43:02 GMT
Server: Apache
Etag: 962322db880f445aab97bfb99edb4413
Content-Type: image/png
Access-Control-Allow-Origin: https://card-payment.gbataxi.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 27 Jan 2029 08:43:02 GMT

GET
H/1.1 200
OK LU9tiZowsA6pM36R Show response
imgs.signifyd.com/ Frame 3B43 90 KB
14 KB 173ms
95ms Document
text/html 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/LU9tiZowsA6pM36R?41b94b2df2a4784d=ZTNskmLfFeIcsWeNYC46r0t869ZElWIjKGlraPR5mv_0yoIA_mLnOOfOtAQdTSfiPvtgHFDvMMbXCbpJ8gZ46Vz8IZR_hbL8UYz5Y-HTGMFP9gjx1IQs5l4QI2fLykOKtMdPWY5yLGi0grWJI8AHN5lZPTVIcxU1MTz2pgtXUFfHy9cy-mdFkA_txr7vdeA7OQSf-VVufzhgNq326cw

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

32bf8a52717a97e66029d882a852f6aef0da30d3f641f483de65c556ec99c221

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://card-payment.gbataxi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 29 Jan 2024 08:43:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content SKPWhSJiaHzciL06 Show response
imgs.signifyd.com/ Frame 1392 0
387 B 90ms
90ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK gR_cWrYt3lPBbDG_
h.online-metrix.net/ Frame 318C 103 KB
15 KB 523ms
169ms Document
text/html 192.225.158.1

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/gR_cWrYt3lPBbDG_?04fdfe54f5a6e2e8=cQ3uDcDgWKPPhI7VaYFER7rGQ-AXB9NDLxO3G4JPnDpEw55wqs3JAPh75PMZ8CDshqHQrT4N75d5eK9XOzTbQhgMDNwFsZiu4B7-7PaIcoAuV8wQz8Ffzy59UXuxi7q8sjD9SDJguC74WkJ8SK6_eyo_CDGyq_hgMh0mW0lEetQU8ZCE3q_E-pNusP65SSxw5Znn7yBA35JRcMjPTsUm

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.1 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://card-payment.gbataxi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 29 Jan 2024 08:43:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ognz4e_MNlHms_GR Show response
imgs.signifyd.com/ Frame A19F 90 KB
14 KB 171ms
94ms Document
text/html 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/ognz4e_MNlHms_GR?f06e502dad84bde2=sAguP5mkSnQGozy3rj3yREys3gKHruxaEZ0z4g-e4yLgCdcOOVT9rQfcLj18TYd8zl19WLHZfTr6DWCaevyQoyQVHqq46zjeb9K5kb-5dxdM__FKPM4M4N7UZ86y5LnM3jaTPF5HLKHF-0dtW3qqN7goG3yLGP0OdTLekdm2OXqQhhO3H5c0U-5MPEcsLDIyD-w_p3_-PX6btvEUaIDG

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

53f6dafafc0daaaf471f379c7275e3b69b16945ffc916fa1b9c4ad4579eb8e61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://card-payment.gbataxi.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 29 Jan 2024 08:43:02 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 SKPWhSJiaHzciL06 Show response
imgs.signifyd.com/ Frame 1392 0
218 B 176ms
91ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/SKPWhSJiaHzciL06?8ba136e02ab55e45=7xtc72-gRfvhTyGBhHR7QSoiFb1AeT7P1KPKgB_bUHGIvs0NaiaI3m2CcSOM96SaDsglDeSJkx3y3nBNk46Qw-YFDeqBTgZFtTxM9VRrrZ__RSv4huRuARkrJpdQy9NcAGlHY98eOfKmd4IEKB5O3W1HhhI&ja=313832302426633f253e383226723d302e64353336303270393232322663663d39363030783132303226737a7135387a302e64707a3f392e3136323824313032302e313638302c313230302c3336303224393a32302431363832243332303224382c32246d763d613038326162636463353764666e6c6e3b6569383439333c3530366031693763246d6c3d342e7363643d3234266e683d6a7c7c7871253b41253a442d304663637a6c2d7263796f656e7c2e6762617461786b2e636d652d3a4426786c3d3b24786a3d373a6e3a386363366063666a653131336237333a376167386c3b60646a32643c24606a3d35613c30636363613566323b38313334306234323632313e316e3b383f31346c2462716f3d556166646d75732732303931266a73623d436a726f6f6d2d3a32313a3026627167773d576b666c6f7571266873627d3d4368726f6d65246e6861353c2e6c64653d382e6c6576703d322e7c7a663f506363696e6963253246486f6c6f6c77647d2e6f617c6872353638323364336b3a626761303065366b63353630303832636431373d3c3833666c3435303a39363164346d6961303664613934696662643732333131313934692e6c703d60747478712d314125304e2d3244616170642d7861796d656e742e656261766970612c63676d253a442e723d706e7d6f696c5d666e61736025354566616c736721706e7d6f616c5f7f696e6c6d7f715f6d676c61615d726c6379657a25354566616c736721706e7d6f616c5f69646f6a67576363726d6a697427374564616c7b6521706c7567696c5f7177616b6376696565253d476e636c736729786c7765696c5f73606f636b776176652735456469647b6721786c756f6b665d72656364786c637b657025354d66616c736521706e75676b66577e6e6357706c697b6d702535476e696c716721726c756f696e5f646576616e7672273d4d6e636c7b6521786e7d65696e5d7b7e675d74696777657a25354566616c736721706e7d6f616c5f62617669273d4766616e7b6d26656e5f613d776d62676c576562474e253232392638273238284f786766454c2530384d53273030302e302d32304368726f6d6b756d2b5f6d6a454c2d32304f4e5b4e2532324d5b253032312c30253a30284f70656e474e2532324d5b2d30304f4c5344273a324553273a38312c322530304360726f6d69756d2955656249617c5f67624369742d30385565624544494e454e455d696e7b74616e6365645f63727263717b2d31422d32304d5a5c5d626c67666c5f6f6b6e6f61782d33422532304558565f636d64677a5d627d66666d70576a616c64576e6c6d63742733422d32304558545f666e6f6176576a64676e6c25334a273a32455856576e7263655f6665707c682533422532304758545d7b606966657a5f746d7a7c7772655d6467642731422732304d58545f746578747772655d6b676572726d7373616d665d6270766b2d334027323245585c5f746578747572675f636d65787a67737b696f665d7a657463273b4a253032455a545f7c6578747572655f64696c766d7a57636e61736f7c7067726963273b4a253032455a545f7b5247422533422530304f475b576d6e6565656e7c5d616c64657a577d696c76253142253a304f45535f66626d5f7267666c6d705f656970656378273342273a384f47515f71746166646172645f6465706976637c617e67732d33422d30384d45535d7c6d78767772675f66646f61742533422530304f475b577c67787c75726d5d6e6e6f61765764696c67617025334a2532304f45535f766578767d7a6d5d68696c665764646d6174273b4a2530324f47535f7c6578747572655f6a616c64576e646d617c5f6c616c6d637225314a2d32324d45515f766d727465785f61727061795d676a6267637c25334a273a325745404f445f616d6c6d725f6a75666665725f666e6f61762d3b4a27323857454a45445d636f6f787a65717165665f746d78747572655f61717463273b4a2d30305f45424f4e57616f6d727a6d737167645d746570747572655f6574612533402d3a3855454a474c5761676f7072677b7b65665d746778747d72655f65746331273342273a385f47424f4c5f6b6d65727265717b6d645d76657a74757a655f733374632531422530385f4d4047445f63676f78706573716d6c5f7667787675726d5f733374635f73706762273b4a2d30305f45424f4e57666562776f5772676c646772657a5f696e666f2533402532325f4d4a454c5764657876605d74657a7c7d7267273340253238574542474c5f647061775d6a7d6e64657a73253b402d303057474a4f4c5d6e6f71655f6b6f6e746578742531422530385f4d4047445f6d7d6e7c6b5f6470697f313424676e5f683533666635646666363734326c6c6b36303f65363a606d326537366c3a353736363330346c343235392677676e763d4b667c6d6e253a30496661262477676e7a35496c76656e253238497269732532304d70656c4f442d30304d6e67616c6d246363663539&jb=313535266e713d4f6772616e6c6925324e372632253232205f696c666f7573253a304e5425323031322e30273b4a2d30305f696e3e362d31422530387036362b2530304178706c655765624b6b7425304e3d3b352e3b36253a32204948544f442d32412732326c696365253230476563696f29273a384b6a72676d652d304e3332302c382636323b392c32323c25323053616661706925304e3d3b352e3b36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Mon, 29 Jan 2024 08:43:02 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET 9u6oxKk9_7QWxSiI
w2txo5aado7wqstko4tserz3ainqwahbf6zjv3vs3ac6871b81f68000sac.d.aa.online-metrix.net/ Frame 1392 0
0

POST
H2 200 ee40cea7-8975-4d83-b552-9a6303d48e04
bws-demo.airwallex.com/bws/v1/ 0
0 271ms
270ms Ping
application/json 130.211.27.57

General

Check archive.org

Show headers Download Go to

Full URL: https://bws-demo.airwallex.com/bws/v1/ee40cea7-8975-4d83-b552-9a6303d48e04
Requested by: Host: static-demo.airwallex.com
URL: https://static-demo.airwallex.com/webapp/fraud/device-fingerprint/70f7ce1b28a9fe2cc7ba.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.27.57 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://card-payment.gbataxi.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 204
204 8Idq2Jgc-Yym-_HG
imgs.signifyd.com/ Frame 1392 0
400 B 229ms
204ms Image
image/png 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imgs.signifyd.com/8Idq2Jgc-Yym-_HG?a909ff4a5ee25635=5j62EN_cWBxSfPB4SpgZHAckH-M1F_-Amg3tICTMBBfwdZ250RvRJiReLpPjLd7_f52yAo0i8KSxE_vAONhZzWTQwllbwbZc7zldgCpP1hK-PxSpTsjocdZ0OCkQRqKvuhSdcnKtV9IWQ_fJj0BMwt6QQ0qUbVP7QOydEdqSf9iApATW1guIR87iMm-rGbMSH8kD4yK_ITuSDddu5PY&jf=343136267169645d7a666c3f746c725f785339346d724d79384a5b64764e59722e7369645f646174673d3135383e3d33373f38322e7161665f747b786d3d7567623865636c7361267369645f6965793f3b383d3b333831333834383532613a3e3c3861673366303238313036303832613a36343a6b6d3b66303b3031383538313432323838343167633a323369393666303036333230623b3f3d3c30363d343831376c643735303169633334396765653d34643831313061303264603e6d6c366430613339666a643463606c3b326637393066616a3531623639656467366631383e3163623b62313f31313b3762676b3f37343b616630656a32353962613161633630666d382e71696c5f7361653531303437383a323332306134376b323131343138663237363630693964393063386a326b3b6632673a31323163313a63346961633534323435673438343e6e3d3a363f35333f673d3b6230303a38356763383236373133303631346162613262373c6a3d67366e36383c3538343936606a3e656363393734616b6661383130363334326234696a3160643c623338247b6b66723f38

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://card-payment.gbataxi.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content imMkPWyPYWu0pChb Show response
imgs.signifyd.com/ Frame 3B43 0
387 B 91ms
90ms Script
text/javascript 192.225.157.157
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://imgs.signifyd.com/imMkPWyPYWu0pChb?afd6694e521a9682=8Axv6udZtuTQaa3OIvREPZZxJs652pqSp4gmT9HiGQS5Z-FkLHjwAk2qHfDTbGWKny0u6ySWs2aFpv87QheturwM1UUftlywgMXHLsCzmMzjmtVsnr1Ck_O-MTZ01BK_24g2F5VNv8Ag-fONAcySvYRBR_A&jf=3336266c71623d373e316967323b613130613c36656130303c393161373a343330383763383239

Requested by

Host: imgs.signifyd.com
URL: https://imgs.signifyd.com/LU9tiZowsA6pM36R?41b94b2df2a4784d=ZTNskmLfFeIcsWeNYC46r0t869ZElWIjKGlraPR5mv_0yoIA_mLnOOfOtAQdTSfiPvtgHFDvMMbXCbpJ8gZ46Vz8IZR_hbL8UYz5Y-HTGMFP9gjx1IQs5l4QI2fLykOKtMdPWY5yLGi0grWJI8AHN5lZPTVIcxU1MTz2pgtXUFfHy9cy-mdFkA_txr7vdeA7OQSf-VVufzhgNq326cw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.157 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://imgs.signifyd.com/LU9tiZowsA6pM36R?41b94b2df2a4784d=ZTNskmLfFeIcsWeNYC46r0t869ZElWIjKGlraPR5mv_0yoIA_mLnOOfOtAQdTSfiPvtgHFDvMMbXCbpJ8gZ46Vz8IZR_hbL8UYz5Y-HTGMFP9gjx1IQs5l4QI2fLykOKtMdPWY5yLGi0grWJI8AHN5lZPTVIcxU1MTz2pgtXUFfHy9cy-mdFkA_txr7vdeA7OQSf-VVufzhgNq326cw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 29 Jan 2024 08:43:02 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 202 rgstr
events.statsigapi.net/v1/ Frame 7986 16 B
100 B 48ms
47ms Fetch
application/json 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://events.statsigapi.net/v1/rgstr

Requested by

Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/checkout.e9c84e15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff, nosniff;
X-Frame-Options	SAMEORIGIN

Request headers

STATSIG-CLIENT-TIME: 1706517782560
STATSIG-API-KEY: client-LJmokBKXH96F2ZdI0ZYDyd27hX7Z8HfNU35XJvv3jxa
STATSIG-SDK-VERSION: 1.30.3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json; charset=UTF-8
Referer: https://checkout-demo.airwallex.com/
STATSIG-ENCODED: 0
STATSIG-SDK-TYPE: react-client

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-security-policy: frame-ancestors *.statsig.com
x-content-type-options: nosniff, nosniff;
via: 1.1 google
x-statsig-region: gke-us-east1
x-envoy-upstream-service-time: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
x-response-time: 0 ms
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, PATCH, DELETE, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 7200
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
access-control-allow-headers: *

POST
H2 202 rgstr
events.statsigapi.net/v1/ Frame 5FCF 16 B
84 B 59ms
58ms Fetch
application/json 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://events.statsigapi.net/v1/rgstr

Requested by

Host: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/checkout.e9c84e15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff, nosniff;
X-Frame-Options	SAMEORIGIN

Request headers

STATSIG-CLIENT-TIME: 1706517782565
STATSIG-API-KEY: client-LJmokBKXH96F2ZdI0ZYDyd27hX7Z8HfNU35XJvv3jxa
STATSIG-SDK-VERSION: 1.30.3
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-type: application/json; charset=UTF-8
Referer: https://checkout-demo.airwallex.com/
STATSIG-ENCODED: 0
STATSIG-SDK-TYPE: react-client

Response headers

date: Mon, 29 Jan 2024 08:43:02 GMT
content-security-policy: frame-ancestors *.statsig.com
x-content-type-options: nosniff, nosniff;
via: 1.1 google
x-statsig-region: gke-us-east1
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
x-response-time: 0 ms
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, PATCH, DELETE, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 7200
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
access-control-allow-headers: *

OPTIONS
H2 200 rgstr
events.statsigapi.net/v1/ Frame 0
0 175ms
73ms Preflight 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://events.statsigapi.net/v1/rgstr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff nosniff;
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,statsig-api-key,statsig-client-time,statsig-encoded,statsig-sdk-type,statsig-sdk-version
Access-Control-Request-Method: POST
Origin: https://checkout-demo.airwallex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, PATCH, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-security-policy: frame-ancestors *.statsig.com
date: Mon, 29 Jan 2024 08:43:02 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
via: 1.1 google
x-content-type-options: nosniff nosniff;
x-envoy-upstream-service-time: 10
x-frame-options: SAMEORIGIN
x-response-time: 0 ms
x-statsig-region: gke-us-east1

OPTIONS
H2 200 rgstr
events.statsigapi.net/v1/ Frame 0
0 174ms
73ms Preflight 34.120.214.181

General

Check archive.org

Show headers Download Go to

Full URL

https://events.statsigapi.net/v1/rgstr

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.214.181 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff nosniff;
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,statsig-api-key,statsig-client-time,statsig-encoded,statsig-sdk-type,statsig-sdk-version
Access-Control-Request-Method: POST
Origin: https://checkout-demo.airwallex.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, PATCH, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 7200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-security-policy: frame-ancestors *.statsig.com
date: Mon, 29 Jan 2024 08:43:01 GMT
permissions-policy: interest-cohort=()
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
via: 1.1 google
x-content-type-options: nosniff nosniff;
x-envoy-upstream-service-time: 11
x-frame-options: SAMEORIGIN
x-response-time: 0 ms
x-statsig-region: gke-us-east1

OPTIONS
H3 200 logs
api-demo.airwallex.com/papluginlogs/ Frame 0
0 94ms
30ms Preflight
text/plain 35.244.231.134
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api-demo.airwallex.com/papluginlogs/logs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.231.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 134.231.244.35.bc.googleusercontent.com
Software: APISIX /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://card-payment.gbataxi.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: OPTIONS,POST
access-control-allow-origin: *
access-control-expose-headers: *
access-control-max-age: 5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8
date: Mon, 29 Jan 2024 08:43:02 GMT
server: APISIX
via: 1.1 google
x-b3-traceid: 4315260ce7d7e94f77f66903762f1949

POST logs
api-demo.airwallex.com/papluginlogs/ 0
0

GET SKPWhSJiaHzciL06
imgs.signifyd.com/ Frame 1392 0
0

GET Xo-MbDr2IKnvq8l3
h.online-metrix.net/ Frame 318C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/1033.ac346b2d.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/7333.f029bc4c.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/5725.1a6c0bef.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/6191.3432040a.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/4645.bbae72d3.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/1033.ac346b2d.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/7333.f029bc4c.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/5725.1a6c0bef.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/6191.3432040a.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/4645.bbae72d3.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/1033.ac346b2d.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/7333.f029bc4c.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/5725.1a6c0bef.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/6191.3432040a.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/71.72121520.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/9323.e6be261f.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/3348.44c5a1b2.chunk.js

Domain: checkout-demo.airwallex.com
URL: https://checkout-demo.airwallex.com/static/js/4645.bbae72d3.chunk.js

Domain: w2txo5aado7wqstko4tserz3ainqwahbf6zjv3vs3ac6871b81f68000sac.d.aa.online-metrix.net
URL: https://w2txo5aado7wqstko4tserz3ainqwahbf6zjv3vs3ac6871b81f68000sac.d.aa.online-metrix.net/9u6oxKk9_7QWxSiI?cdc7c8334df023e3=6Yzdd7H-HGZ7az1sgO0w9E4V98fFJHJkVjBn77Ir2y9OVRL9Os-Bpk534g-d81LiiimSFeMj0oaS9dVskLlerc67-YfNln8BhAwMTVX0F-IKVJfbB82AzAnYGkSqNerr2vpk4sScbGepPLKg-so15M3dt5keZHzFmt7s

Domain: api-demo.airwallex.com
URL: https://api-demo.airwallex.com/papluginlogs/logs

Domain: imgs.signifyd.com
URL: https://imgs.signifyd.com/SKPWhSJiaHzciL06?8ba136e02ab55e45=7xtc72-gRfvhTyGBhHR7QSoiFb1AeT7P1KPKgB_bUHGIvs0NaiaI3m2CcSOM96SaDsglDeSJkx3y3nBNk46Qw-YFDeqBTgZFtTxM9VRrrZ__RSv4huRuARkrJpdQy9NcAGlHY98eOfKmd4IEKB5O3W1HhhI&jac=1&je=353239262477656b353a38342e3e362e3134263a32267265356e6d24626374737c3d2537422532326e657667642d3a30253b4131263238273243273a3a737663747773253a32253341253232616861706f616665253a32253f462e6375646a356b613560396736653e38316363616336643261356b393130393b36333c346a376333333f31366036643a64643c38363030333866673466323b6e6b66383c35392e6770313d63333b6b346732353b653839643037376633666662306630303f6339303434693a6a676333613b6a267763683f25374a253232617263686b7465617c7d7a67253a32253b432d303225303a2d324127323062697c6e657373253232273341273a3a2d30322d32432d303a6072616c6c7b253030253141253d42253544253243273232647d646454657a7369676c446b7374273a3a253143253742253d442532432532326f6f626b646d2d30322d33416e6364716525304b2d32306f6f66656c2d32322533412532302532302d3a4b27323a706c69766e6d726d273a3a253143253032253a32253243253232726c61766e677a6f566d7273616d66273232273b49253030253032253a43253232776f77343425303a2d3b4366696c736d273f462675636435253540253032627a616e6473253232273341273d4a2d37442d32432d303a6f6f626b646d25303025314166696c7365253243253032706e697c6e6d726525323a273b432532302d3a32273544

Domain: h.online-metrix.net
URL: https://h.online-metrix.net/Xo-MbDr2IKnvq8l3?1f479f3dc28a0a2e=Gsxj5W27M0rOgD8evujOx1woaCwVAPQPVJidZCwDEnZiLeLGmTfPs2KdszudpL4FVLOr1HF3UHCDb6p87LDP2kx_JInOZiKVnXecYYcDFjzTuPiG0qtQGxL_5BapZj1tMyiY7cHi-8oaoKFUO5l4GKt4L35FEoMsyNH2NXbsMOohOvAaHGBynbVZS4syO33h0lE6OaEdbCQZWqouRLg&jf=343138267169645d7a666c3f746c725f4f4c5958304553466b526154796833432e7369645f646174673d3135383e3d33373f38322e7161665f747b786d3d7567623865636c7361267369645f6965793f3b383d3b333831333834383532613a3e3c3861673366303238313036303832613a36343a6b6d3b66303b3031383538313432323838346036363062303f33353033376634363565646c316b3b373164316a63383366663a306e633530626030326b3163313761336231643061303d3a376269393569306b363036643d3d3760366166383738386461616232663537653a6b3a393b333d3837383b38603964323e3f3664603733373869383962636634643b3838343a6c2e71696c5f7361653531303434383a323332306631303d65386239323461336538336c313863396c65336e6730646630673869633563643562366b346336643766613636343a3c6b6e6330693738303b3e633430303a39303266333a63626e36366564396532663935343f3b6a64366a666269636c666334343c6b306137653539326e35353438313736616630333f6a3164303e32613c333a247369647a3531

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.airwallex.com/	1970-01-20 18:01:59	Name: __cf_bm Value: 91JGkeGzcjhAfDMtkFOVzKqeZp7d8ICctRKuHJkuASU-1706517780-1-AYe+WkcKQMuTIFXYZZZPExfBjEM8c/+OEKtT+2N9lOoZj6p20w7scTSBy7MsrK+cIuswnNUbY7AIg74MyawL90I=
.airwallex.com/	1969-12-31 23:59:59	Name: __cfruid Value: 0fd70c471d1fddc0047d6cecb2014d2b07e7828f-1706517780
.airwallex.com/	1969-12-31 23:59:59	Name: _cfuvid Value: vSPl3UiqVkCkY.xDdJpqydQARVDY7y4G90jdIIGyK8E-1706517780106-0-604800000
.card-payment.gbataxi.com/	1970-01-21 03:37:57	Name: AWX_RISK_ID Value: 19726cecc9d2add828e07325946262374b6b02ee
.card-payment.gbataxi.com/	1970-01-20 18:02:12	Name: AWX_RISK_SID Value: ee40cea7-8975-4d83-b552-9a6303d48e04
.card-payment.gbataxi.com/	1970-01-21 03:37:57	Name: __AWX_TEMP_F_D__ Value: 282d901b218e0b319cb27e54b08be387
.gbataxi.com/	1970-01-21 03:37:57	Name: forterToken Value: 0cc812d8f3e045e7aac9c03540437bb7_1706517780324__UDF43_20ck_
imgs.signifyd.com/	1970-01-21 03:37:57	Name: thx_guid Value: cae8995ee03caf12ed2c1cace26c28c4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cc812d8f3e045e7aac9c03540437bb7-aac5fb818cb3.cdn.forter.com
aac5fb818cb3.cdn4.forter.com
api-demo.airwallex.com
bws-demo.airwallex.com
card-payment.gbataxi.com
cdn-scripts.signifyd.com
cdn0.forter.com
cdn3.forter.com
cdn9.forter.com
checkout-demo.airwallex.com
checkout.airwallex.com
events.statsigapi.net
featuregates.org
h.online-metrix.net
imgs.signifyd.com
static-demo.airwallex.com
w2txo5aado7wqstko4tserz3ainqwahbf6zjv3vs3ac6871b81f68000sac.d.aa.online-metrix.net
api-demo.airwallex.com
checkout-demo.airwallex.com
h.online-metrix.net
imgs.signifyd.com
w2txo5aado7wqstko4tserz3ainqwahbf6zjv3vs3ac6871b81f68000sac.d.aa.online-metrix.net
118.140.169.50
13.249.9.72
130.211.27.57
18.164.52.63
192.225.157.157
192.225.158.1
2600:1901:0:7f0c::
2600:1901:0:9672::
2606:4700::6810:523b
3.162.38.113
34.120.214.181
35.244.231.134
54.158.164.13
54.243.108.33
99.86.91.3
0362a5d689351251d885851f17e539915b4ac4a1e442aef989dc46d88313bbc2
03d6712eaf8782db8848660141b6d1c2a7024f196a43d60f30de096e08b27255
080fb41cfd92ab3b1a5ee8148a722817a7d116e379eb318c68c35502e250393d
08f797b3b93e86d0a09388830de88aaeff4d99d69a584972a030c49a4723e591
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
32bf8a52717a97e66029d882a852f6aef0da30d3f641f483de65c556ec99c221
3fadbbf04f824dc6b7ad204848012056afc1609b4857eda1b6afc50ad58a9418
404fe746810c067ceb997b7b87320701c61606c0d4e2751a69c5807bff8c9e3e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446068aebfb94cf7d332d3964eec2519355a09fc4f431c8beaa79ab37111553c
49967b137d4d2bb49d4d8850b27db852010f4da30c78aefb46f14a49b00135c9
53f6dafafc0daaaf471f379c7275e3b69b16945ffc916fa1b9c4ad4579eb8e61
5f37fe3458e2f6780771d644ec27700056f86539e6d787903ea12023a3d9545e
6082597f3871c77c9b31aa1383577f8c0e54cb5ff09275dc817bc70d96e6217d
62f619c3ea6901443bb27954198c74036bcb5930fc7aefb54135492c1f9ea9ab
68f6710cb2cc63e278cd3be6a0593c700b3ac346e36c1d636c5c13374dc20e91
89a225c5b253d4af4857b2f0fa9e41f2a1af6384748b93b7a54dca3d771950e1
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
987d0dea11ae4ba309ae7267a7ea83a447de0b8e74f196c961de418eed9c46ab
a3d169691c923cb22a72888d8684adf60e03f03a4ce220678f3ff4c6f4d71b99
af5adefe8839cac56cbc9a4a7642aaad5a70e98d87d0f11cca84b485b61e47cc
c023f415585a76618599e6b68f8113a3bb81169ed931d8262b70f31b5b42c61d
d4d73cbfa356cc0dc09dcf7ef3b30d6c14f1df27ff7582355e8b50d0cf1c5648
e1dd5c298d2c2edf6534d9e75bc8cc1f36728866b048916561a40b382e2367ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70f3b87307c3af2a194855fd3ec39b2d897f43eb1f2a245534897c8d73d4bd0
e92cb609b5a0e77d0483dc07d8c28a6848769f840b48f514ebcaa0700c6e4352
f709db9f61798e10736bf08832d9caac3ddd87d384fa8ca9bee60fd4ce9b4ea3
f73f330247155b9028a06a06a6904efb67da2b7e43a036e1b1d8bacbfb565966
fb2096985df4cc04f38a570d0631ac26fc642e4e90b74109dc8eaa970c1f4065
fbd4f9bb8822a16dc07774774bce9c18aeed9d7c9b5b16f4683fd828a7a938b8
fc3a9ae217b06062e27a237bc11fb37a309cd0ed7310da414d165995179eb7a9

card-payment.gbataxi.com Open in urlscan Pro 118.140.169.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

72 %HTTPS

20 %IPv6

7 Domains

17 Subdomains

16 IPs

2 Countries

1020 kBTransfer

2969 kBSize

8 Cookies

0 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

card-payment.gbataxi.com Open in urlscan Pro
118.140.169.50 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

72 %
HTTPS

20 %
IPv6

7
Domains

17
Subdomains

16
IPs

2
Countries

1020 kB
Transfer

2969 kB
Size

8
Cookies

88 HTTP transactions
0 data transactions