URL: https://payments.wayfarers.lk/
Submission: On February 07 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 7 IPs in 3 countries across 6 domains to perform 17 HTTP transactions. The main IP is 207.148.127.230, located in Singapore and belongs to AS-CHOOPA, US. The main domain is payments.wayfarers.lk.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 7th 2023. Valid for: 3 months.
This is the only time payments.wayfarers.lk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 207.148.127.230 20473 (AS-CHOOPA)
1 2a00:1450:400... 15169 (GOOGLE)
5 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
17 7
Apex Domain
Subdomains
Transfer
5 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 850
86 KB
3 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 742
51 KB
3 wayfarers.lk
payments.wayfarers.lk
41 KB
2 gstatic.com
fonts.gstatic.com
59 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
13 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 295
31 KB
17 6
Domain Requested by
5 use.fontawesome.com payments.wayfarers.lk
use.fontawesome.com
3 maxcdn.bootstrapcdn.com payments.wayfarers.lk
maxcdn.bootstrapcdn.com
3 payments.wayfarers.lk payments.wayfarers.lk
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com payments.wayfarers.lk
1 ajax.googleapis.com payments.wayfarers.lk
1 fonts.googleapis.com payments.wayfarers.lk
17 7

This site contains links to these domains. Also see Links.

Domain
www.wayfarers.lk
benworldwide.com
Subject Issuer Validity Valid
payments.wayfarers.lk
cPanel, Inc. Certification Authority
2023-02-07 -
2023-05-08
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-09 -
2023-04-03
3 months crt.sh

This page contains 1 frames:

Primary Page: https://payments.wayfarers.lk/
Frame ID: FAB99B6123AD39F4C7DAA353069DD409
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

WayFarers

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

86 %
IPv6

6
Domains

7
Subdomains

7
IPs

3
Countries

282 kB
Transfer

543 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
payments.wayfarers.lk/
6 KB
2 KB
Document
General
Full URL
https://payments.wayfarers.lk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.148.127.230 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sghighend.benworldwide.com
Software
/
Resource Hash
e0bc7dbc334334326740649db92d0cbfb81e89623b6b89dcaac57d923946c511

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
1
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1935
Content-Type
text/html; charset=UTF-8
Date
Tue, 07 Feb 2023 05:15:09 GMT
Vary
Accept-Encoding
X-Cache
HIT
X-Cache-Hits
1
X-Varnish
1186584 2721647
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato|Montserrat:300,400,500,600,700|Playfair+Display:400,700
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34d3f12df9cb99861a8123e52853629bb12e05574a32ef010d3b870f14e000cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 07 Feb 2023 05:15:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 05:15:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 07 Feb 2023 05:15:10 GMT
6474df5036.js
use.fontawesome.com/
4 KB
2 KB
Script
General
Full URL
https://use.fontawesome.com/6474df5036.js
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a2f0e1962dba3f78ee14fa6c89cfe3dfaecc833cf70c24c48c4e2619f23826

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 30 Jun 2021 20:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
X5SWR0D4TPNRCA2S
etag
W/"df82dea0978edd8bbba9bebba2fad6b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLfeMYXkIHEU78aw%2F7ykRYtP8bofGoubNnHfjuIOKS3tXAm403GML%2BOtvr71CKX%2BaADY3CmLPsuuTUPmEMpuLwc5uXBUFhoYm%2BWSv73bUf%2BxBd3t%2FqZnU6hpMzqte1xucx1EZA1XJMt7BbDr33RILC%2FA"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cache-control
max-age=1800
cf-ray
7959a5708b379096-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
01cDY6DT6OAwffD9q1yL98oQs6OpIfq2Utl1332E54D0Zj2f4RstBFIXnSZbEkjwY1q0ZH3Go7Eg8vaMyuoONQ==
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/
107 KB
19 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
752, 617, 617
age
1903351
cdn-cachedat
2021-08-02 15:14:19
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
1660cb5d59e09a84acd67052dfe2b7c5
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7959a570785b92b9-FRA
cdn-requestpullsuccess
True
datepicker.css
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.3.0/css/
18 KB
3 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.3.0/css/datepicker.css
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ba89116416afe1b5ba68a954dd5c9f84da4df93e0f1a08507db0e22736e2fa
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4092474
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1893
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-461a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwyWwZQgNLbaY0QSdaqLC79iltc8Wb8mMovtKCm5Rjy59WLYZRrnci9qfuiHzyY36V2z70jPtdDa8vKzoJ0e4U89tdfV5KUIRa59HIfX6NFBjQwp06E94l1Vh06CxztnIxX6J9L%2BbldB8TJakJoSqhvo"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7959a570786abb74-FRA
expires
Sun, 28 Jan 2024 05:15:10 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 18:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
210723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Feb 2024 18:43:07 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/
31 KB
9 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/js/bootstrap.min.js
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617
age
1107169
cdn-cachedat
2021-06-16 21:45:41
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
f49888d0efde4250a350aaefa5312ca9
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7959a570785c92b9-FRA
cdn-requestpullsuccess
True
bootstrap-datepicker.js
cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.3.0/js/
46 KB
11 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.3.0/js/bootstrap-datepicker.js
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
986511f1a769906aaa5557b6267180f43596342bddf89b7e86c61508df0729f3
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4615432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10419
last-modified
Mon, 04 May 2020 16:06:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8e-b6e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63%2BjL%2Fq1bdriPwf5%2Bq0gnqpL9NQ0k8%2FFc%2BAaExcx1sIgBUxof43Y3AgydEqOst8%2F3nV6af2d%2BFn9xaYIWtkPIutmRxPX3oEU7h8GrV50leDNx4AKOYY%2BL1c266lm1dlbbg3FGpf0DPlb9HnoCBTYmfG7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7959a570786cbb74-FRA
expires
Sun, 28 Jan 2024 05:15:10 GMT
style.css
payments.wayfarers.lk/css/
8 KB
3 KB
Stylesheet
General
Full URL
https://payments.wayfarers.lk/css/style.css
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.148.127.230 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sghighend.benworldwide.com
Software
/
Resource Hash
508790a513e1af409663552d93b1adb8ff56b172ee6be51a3266f654f9ee2479

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 05:15:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 17 Jan 2023 06:33:19 GMT
Age
0
Vary
Accept-Encoding
X-Cache
MISS
X-Varnish
1186585
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
Accept-Ranges
bytes
logo.jpg
payments.wayfarers.lk/img/
36 KB
36 KB
Image
General
Full URL
https://payments.wayfarers.lk/img/logo.jpg
Requested by
Host: payments.wayfarers.lk
URL: https://payments.wayfarers.lk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
207.148.127.230 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
sghighend.benworldwide.com
Software
/
Resource Hash
a25155ae3897d8ced601943d37c33f3ba0c5c6111ac5e0ec6a6da0d78587afe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Tue, 07 Feb 2023 05:15:11 GMT
Last-Modified
Tue, 17 Jan 2023 06:32:38 GMT
Age
0
X-Cache
MISS
X-Varnish
3541395
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36423
webfontloader.js
use.fontawesome.com/webfontloader/1.6.24/
12 KB
5 KB
Script
General
Full URL
https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/6474df5036.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
6GFAZ8J5XNGG0SQX
age
1061
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
Qa7RgxNROUjuTqFOqNs1eJn0YME2H+5o8jsJVg36D+AuGHT+vZ/4+3WMB8UpQLZrgr+4wxLdTXM=
last-modified
Wed, 30 Jun 2021 15:26:30 GMT
server
cloudflare
etag
W/"9064ce12d2c81f68123c93bc1a8b0cad"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8QbJa%2BHjpm3xcEosN2CykmH9XlDESirKPtSajvN2uaT4jrtSBMFoLP%2BTJ8xvjrCUz4d7Z59VvEZJSDOE90GScYNTUGgtZ0Xtp4IosfFXlHGs9LwLUxVf5zEemIH%2Bb51Eh9fGWDwxteJpf%2B8UzwmtXMuv"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
max-age=31556926
cf-ray
7959a5722bcf9096-FRA
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Montserrat:300,400,500,600,700|Playfair+Display:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payments.wayfarers.lk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 31 Jan 2023 15:21:12 GMT
x-content-type-options
nosniff
age
568439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 15:21:12 GMT
nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
fonts.gstatic.com/s/playfairdisplay/v30/
35 KB
35 KB
Font
General
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v30/nuFiD-vYSZviVYUb_rj3ij__anPXDTzYgA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato|Montserrat:300,400,500,600,700|Playfair+Display:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://payments.wayfarers.lk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 02 Feb 2023 12:52:40 GMT
x-content-type-options
nosniff
age
404551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35764
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:06:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Feb 2024 12:52:40 GMT
glyphicons-halflings-regular.woff
maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/
23 KB
23 KB
Font
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/fonts/glyphicons-halflings-regular.woff
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/bootstrap/3.2.0/css/bootstrap.min.css
Origin
https://payments.wayfarers.lk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
865
cdn-cachedat
08/20/2022 02:40:02
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23320
last-modified
Mon, 25 Jan 2021 22:03:57 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
"68ed1dac06bf0409c18ae7bc62889170"
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
accdb543d52eeb074061bae4963b69bb
accept-ranges
bytes
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
7959a5724c36914d-FRA
cdn-requestpullsuccess
True
6474df5036.css
use.fontawesome.com/
1 KB
1005 B
Stylesheet
General
Full URL
https://use.fontawesome.com/6474df5036.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/webfontloader/1.6.24/webfontloader.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400b849f2f3785797ffb7eda3c89895794573dd445326b77d873508ce1306cf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://payments.wayfarers.lk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:11 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 30 Jun 2021 20:04:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-amz-request-id
5SK1YYYEJ2M95TDM
etag
W/"eec2afc117a54f86ccd39c795d150ec8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2B%2BI7IPNhUQQB21fmoJIRfSrlgXQ4Zqi7ZJ11j4BQN5szU3u5Fx95PzLoG4%2BDFQRT%2FfWrseWQrnI6W9dCdmHSxSpj14o8aaBfCT%2FQyWzz0g0HyCrCYdJPwDlFmKsQH%2BMI8%2FDgUBWyf84wbvJfNZ195MI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=1800
cf-ray
7959a5724d523a92-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
zjBTtTox+mH3+JpSpVCZvFe62a1nvW54Ck7lDRIea1xqZbDfxSmi2d46B9bfbe9fEq1HkDWQwzoY3Jt0p4mR/w==
font-awesome-css.min.css
use.fontawesome.com/releases/v4.6.3/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v4.6.3/css/font-awesome-css.min.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/6474df5036.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.fontawesome.com/6474df5036.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:11 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BW4HZKJARJ5HKRA1
age
525927
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
MxXmI7I075DL3CfthCjQwem7gpecpFWvO+Pb/zkbiMv8h3TJNMTyuB/6k7Eek0J72A8wwjJXIgZyfMZf52WceQ==
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
W/"7937bc10f6c59ceed1ff6e6bbebfcd8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vDhmA%2BDDmgxB2asusD4aFQVRbm0VdXd6PRP4jlSETZhMeGurJhMUZZuOd%2BQf9Am3LngcTVtzcb2L37EbO1BcYdQ7UDUZ5w3W2KsRLootPBtpmX4NIMkK1deyosIZKCU38cX3NOwQ97arNIkOILB0SYjy"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7959a573de5d3a92-FRA
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.6.3/fonts/
70 KB
71 KB
Font
General
Full URL
https://use.fontawesome.com/releases/v4.6.3/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/6474df5036.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://use.fontawesome.com/6474df5036.css
Origin
https://payments.wayfarers.lk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 05:15:11 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
5SK9JMQFYBPDE857
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
71896
x-amz-id-2
N4+PNIU+BpZjKlup/RMtLJHiVma2Z3QVmAiBEyU6c58tDISsBumrfFPggf6On59r+XdxRt6jvQM=
last-modified
Wed, 30 Jun 2021 15:26:48 GMT
server
cloudflare
etag
"e6cf7c6ec7c2d6f670ae9d762604cb0b"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSCoZAn4CmgBC1dmU5QPIuOhaicie%2BKSmgHJiXCHaX%2BcWVH30HwHLijsDvfpBvxeSTOztpFgSaWMhsWKSHAiiMPyzUDeIqKA5fNsjBGeKb%2BAp6Z4l4iMjv5vxDzqQ8oko3IkHNeRGiWYVxkdQw6dgHI1"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7959a5740a896904-FRA

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| FontAwesomeCdnConfig object| WebFontConfig function| $ function| jQuery object| currDate object| WebFont

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
payments.wayfarers.lk
use.fontawesome.com
207.148.127.230
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700:e2::ac40:840f
2a00:1450:400d:802::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80a::200a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
22b6cdc450204c1cb32b31e679d812fea1c17ac506a7b78daeb12bd0ab25fde8
22ba89116416afe1b5ba68a954dd5c9f84da4df93e0f1a08507db0e22736e2fa
24cc29533598f962823c4229bc280487646a27a42a95257c31de1b9b18f3710f
2711b037e078e306e59765e9fc22d9f86867eb26af8c6af72d864a1c52bed8ac
34d3f12df9cb99861a8123e52853629bb12e05574a32ef010d3b870f14e000cc
35a2f0e1962dba3f78ee14fa6c89cfe3dfaecc833cf70c24c48c4e2619f23826
400b849f2f3785797ffb7eda3c89895794573dd445326b77d873508ce1306cf7
508790a513e1af409663552d93b1adb8ff56b172ee6be51a3266f654f9ee2479
61f7de13520a14ec37ba246b4846f5850ab87ffbc0d5b366709509c1d97d83b5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
986511f1a769906aaa5557b6267180f43596342bddf89b7e86c61508df0729f3
a25155ae3897d8ced601943d37c33f3ba0c5c6111ac5e0ec6a6da0d78587afe6
b5fd723750763ebb731f9221e413e7d64d58d5192dc040e42292ed3dcccca732
e0bc7dbc334334326740649db92d0cbfb81e89623b6b89dcaac57d923946c511
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e