secure.payu.co.za Open in urlscan Pro
76.223.80.153 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://secure.payu.co.za/rpp.do?PayUReference=594595382739463
Submission: On December 23 via manual (December 23rd 2024, 8:50:07 pm UTC) from ZA — Scanned from PL

Summary HTTP 70 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 70 HTTP transactions. The main IP is 76.223.80.153, located in United States and belongs to AMAZON-02, US. The main domain is secure.payu.co.za.
TLS certificate: Issued by Amazon RSA 2048 M03 on May 21st 2024. Valid for: a year.

This is the only time secure.payu.co.za was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: PayU (Financial)

Domain & IP information

	IP Address	AS Autonomous System
18	76.223.80.153 76.223.80.153	16509 (AMAZON-02) (AMAZON-02)
2	172.67.142.245 172.67.142.245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.181.234 142.250.181.234	15169 (GOOGLE) (GOOGLE)
18	2.18.64.28 2.18.64.28	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	104.19.209.81 104.19.209.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.212.203.180 23.212.203.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.102.58.204 104.102.58.204	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.19.208.81 104.19.208.81	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.71.10.106 139.71.10.106	6307 (AMERICAN-...) (AMERICAN-EXPRESS)
6	3.130.124.194 3.130.124.194	16509 (AMAZON-02) (AMAZON-02)
13	91.235.133.112 91.235.133.112	30286 (THM) (THM)
1 3	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	192.225.158.1 192.225.158.1	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
70	15

18 76.223.80.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8100121443bb0c1.awsglobalaccelerator.com

secure.payu.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.payu.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.142.245 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2.18.64.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-18-64-28.deploy.static.akamaitechnologies.com

src.mastercard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.209.81 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.checkout.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.203.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-203-180.deploy.static.akamaitechnologies.com

www.aexp-static.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.102.58.204 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-58-204.deploy.static.akamaitechnologies.com

webapp.src.discover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.208.81 (None, )

ASN13335 (CLOUDFLARENET, US)

secure.checkout.visa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.71.10.106 (United States)

ASN6307 (AMERICAN-EXPRESS, US)
PTR: srcdcf-euse1-vip.americanexpress.com

srcdcf.americanexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.130.124.194 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-130-124-194.us-east-2.compute.amazonaws.com

src.apis.discover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 91.235.133.112 (United States)

ASN30286 (THM, US)

content.discovercard.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.225.158.1 (United States)

ASN30286 (THM, US)

h64.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

2ol9uikbv6ced6ypopm3ik56xgfyyvjjppw6x4v7de95e3465e6bb966am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	mastercard.com src.mastercard.com — Cisco Umbrella Rank: 31936	643 KB
18	payu.co.za secure.payu.co.za www.payu.co.za	475 KB
13	discovercard.com content.discovercard.com — Cisco Umbrella Rank: 25441	69 KB
7	discover.com webapp.src.discover.com — Cisco Umbrella Rank: 36981 src.apis.discover.com — Cisco Umbrella Rank: 36504	38 KB
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2565 h64.online-metrix.net — Cisco Umbrella Rank: 2033 2ol9uikbv6ced6ypopm3ik56xgfyyvjjppw6x4v7de95e3465e6bb966am1.e.aa.online-metrix.net	2 KB
3	visa.com secure.checkout.visa.com — Cisco Umbrella Rank: 27864	47 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 415 fonts.googleapis.com — Cisco Umbrella Rank: 29	33 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1331	91 KB
1	americanexpress.com srcdcf.americanexpress.com — Cisco Umbrella Rank: 39168
1	aexp-static.com www.aexp-static.com — Cisco Umbrella Rank: 15341	9 KB
1	gstatic.com fonts.gstatic.com	47 KB
70	11

	Domain	Requested by
18	src.mastercard.com	secure.payu.co.za src.mastercard.com
17	secure.payu.co.za	secure.payu.co.za
13	content.discovercard.com	webapp.src.discover.com content.discovercard.com
6	src.apis.discover.com	webapp.src.discover.com
3	h.online-metrix.net	1 redirects content.discovercard.com
3	secure.checkout.visa.com	src.mastercard.com secure.checkout.visa.com
2	use.fontawesome.com	secure.payu.co.za use.fontawesome.com
1	2ol9uikbv6ced6ypopm3ik56xgfyyvjjppw6x4v7de95e3465e6bb966am1.e.aa.online-metrix.net
1	h64.online-metrix.net	content.discovercard.com
1	srcdcf.americanexpress.com	www.aexp-static.com
1	webapp.src.discover.com	src.mastercard.com
1	www.aexp-static.com	src.mastercard.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	secure.payu.co.za
1	www.payu.co.za	secure.payu.co.za
1	ajax.googleapis.com	secure.payu.co.za
70	16

This site contains links to these domains. Also see Links.

Domain
www.entrust.net
www.pcisecuritystandards.org
southafrica.payu.com

Subject Issuer	Validity	Valid
*.payu.co.za Amazon RSA 2048 M03	`2024-05-21` - `2025-06-20`	a year	crt.sh
use.fontawesome.com WE1	`2024-11-07` - `2025-02-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
src.mastercard.com Entrust Certification Authority - L1K	`2024-07-10` - `2025-07-10`	a year	crt.sh
*.gstatic.com WR2	`2024-12-02` - `2025-02-24`	3 months	crt.sh
secure.checkout.visa.com Cloudflare TLS Issuing RSA CA 1	`2024-09-09` - `2025-09-09`	a year	crt.sh
m.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-10-29` - `2025-10-28`	a year	crt.sh
www.discover.com DigiCert SHA2 Extended Validation Server CA	`2024-05-15` - `2025-06-15`	a year	crt.sh
srcdcf-euse1.americanexpress.com DigiCert SHA2 Extended Validation Server CA	`2024-09-20` - `2025-09-20`	a year	crt.sh
*.prod.zeus-src.com Amazon RSA 2048 M02	`2024-11-04` - `2025-12-03`	a year	crt.sh
content.discover.com DigiCert TLS RSA SHA256 2020 CA1	`2024-06-26` - `2025-07-27`	a year	crt.sh
online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh
*.aa.online-metrix.net Viking Cloud Organization Validation CA, Level 1	`2024-09-19` - `2025-10-20`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463
Frame ID: 8786F1B23F008EFC07BDE5C7A898975B
Requests: 46 HTTP requests in this frame

Frame: https://src.mastercard.com/srci/merchant/2/communicator-frame.1.0.0.html
Frame ID: 7D682185C8481C6F1BA6D4193DAED620
Requests: 1 HTTP requests in this frame

Frame: https://src.mastercard.com/sdk/communicator-frame.1.0.0.html
Frame ID: 1020685EC92E521FE001A269DA95EA45
Requests: 1 HTTP requests in this frame

Frame: https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fsecure.payu.co.za
Frame ID: BF19693132347EC3BCDB3EC6A325B93F
Requests: 1 HTTP requests in this frame

Frame: https://secure.checkout.visa.com/checkout-widget/sdk-loader?isSRCBranded=true
Frame ID: DA4243130423AF0D775970482DDD1B5D
Requests: 1 HTTP requests in this frame

Frame: https://srcdcf.americanexpress.com/iframe.html?v=1.0.0
Frame ID: 2EF669FFF161B31ED1FBA6D9E118DB58
Requests: 1 HTTP requests in this frame

Frame: https://content.discovercard.com/fp/check.js;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&jb=373824266a716f75354e696c7770266a736d354e69667570246871607d3f4b6a72676d67246271623d416872676f65273038313331
Frame ID: 1331BDAB4D42173E380602447364E55D
Requests: 13 HTTP requests in this frame

Frame: https://content.discovercard.com/fp/ls_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966
Frame ID: C6FF707287ACC2D9564E5FEAE88299E1
Requests: 1 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966
Frame ID: FBC8AACA5FA0597D788513838F11C0CE
Requests: 1 HTTP requests in this frame

Frame: https://content.discovercard.com/fp/top_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966
Frame ID: E1FB84ACBB91F7075B45D60B0D4919EA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayU

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Amex Express Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

aexp-static\.com

Visa Checkout (Payment processors) Expand

Overall confidence: 100%
Detected patterns

secure\.checkout\.visa\.com

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

70
Requests

99 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

1452 kB
Transfer

4147 kB
Size

19
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.entrust.net/customer/profile.cfm?domain=www.payu.co.za&lang=en

Search URL Search Domain Scan URL

URL: https://www.pcisecuritystandards.org/

Search URL Search Domain Scan URL

URL: https://southafrica.payu.com/privacy-statement/
Title: PayU Privacy Statement

Search URL Search Domain Scan URL

URL: https://southafrica.payu.com/legal/
Title: Legal Information

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://h.online-metrix.net/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&k=2

70 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request rpp.do Show response
secure.payu.co.za/ 85 KB
86 KB 625ms
439ms Document
text/html 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

5c4fd5fb60ab786afe846c103b134a5e70a4c920e7f0e4f3c7b7f116e202d7e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-ZA
content-type: text/html;charset=utf-8
date: Mon, 23 Dec 2024 20:49:57 GMT
expires: Mon, 01-Jan-1990 00:00:00 GMT
pragma: no-cache
strict-transport-security: max-age=31536000;includeSubDomains
x-content-type-options: nosniff

GET
H2 200 main.css
secure.payu.co.za/pjar/responsive/css/ 155 KB
156 KB 71ms
69ms Stylesheet
text/css 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/responsive/css/main.css

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

11ea508ce1b941a798e95f3c4ea2508400705a458d6fe42b8ba368a4e378c51c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"159077-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 159077
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/css
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 bootstrap.css
secure.payu.co.za/pjar/responsive/css/ 9 KB
9 KB 80ms
78ms Stylesheet
text/css 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/responsive/css/bootstrap.css

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

abce489d39f43c9c2bc07b95a8eedd7473185daa736d1cc82ada97051907eeb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"9204-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 9204
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/css
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.6.3/css/ 52 KB
13 KB 96ms
31ms Stylesheet
text/css 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by: Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://secure.payu.co.za/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"dc93d584e41f8417f6b7163320d34329"
age: 870019
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yJbJFjBRlrGVKF4Zwqo4scFRJ4LFGVz70hGfsbEcdU%2F1%2BhHYIU%2BqlYhcJ8%2FF9hNlNm1sbLncwoxgUqp3nCWrV0DukSJ70KpjOuGHS6fka7Ef0agmVId9mPNiJUwIi4PmOjen7Q5B"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=381&min_rtt=352&rtt_var=87&sent=6&recv=9&lost=0&retrans=0&sent_bytes=4031&recv_bytes=2202&delivery_rate=10392344&cwnd=253&unsent_bytes=0&cid=29a8d31cb73dc0c6&ts=53&x=0"
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:45:44 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f6b389dbd4201fe-WAW
access-control-allow-origin: *
server: cloudflare

GET
H2 200 modernizr-2.6.2-respond-1.1.0.min.js Show response
secure.payu.co.za/pjar/responsive/scripts/vendor/ 19 KB
19 KB 98ms
96ms Script
text/javascript 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/responsive/scripts/vendor/modernizr-2.6.2-respond-1.1.0.min.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"19484-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 19484
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.3/ 88 KB
31 KB 162ms
54ms Script
text/javascript 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

sffe /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

content-encoding: gzip
age: 559678
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options: nosniff
expires: Wed, 17 Dec 2025 09:21:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 17 Dec 2024 09:21:59 GMT
last-modified: Wed, 11 Jan 2023 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges: bytes
access-control-allow-origin: *
content-length: 31191
x-xss-protection: 0
server: sffe

GET
H2 200 jquery-migrate-1.4.1.min.js Show response
secure.payu.co.za/pjar/responsive/scripts/vendor/ 10 KB
10 KB 101ms
100ms Script
text/javascript 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/responsive/scripts/vendor/jquery-migrate-1.4.1.min.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"10056-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 10056
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 idle_timer.min.js Show response
secure.payu.co.za/pjar/js/plugins/idle_timer/ 3 KB
3 KB 103ms
102ms Script
text/javascript 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/js/plugins/idle_timer/idle_timer.min.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

5b49526c59eb4e6b2cce3d09caad09962757a32035c6182d1063f01900fb3414

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"2764-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2764
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 logo-PayU-reverse-byline.png
secure.payu.co.za/pjar/responsive/img/ 6 KB
6 KB 114ms
113ms Image
image/png 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.payu.co.za/pjar/responsive/img/logo-PayU-reverse-byline.png

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

3a82da3614f90b07fcf2c1f926b2db5cd3272cec6d48e0f283c0536ce0623b2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"5856-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 5856
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: image/png
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 logo.jpg
www.payu.co.za/BrandWeb/override/100264/img/ 20 KB
21 KB 99ms
86ms Image
image/jpeg 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payu.co.za/BrandWeb/override/100264/img/logo.jpg
Requested by: Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.80.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ad8100121443bb0c1.awsglobalaccelerator.com
Software: /
Resource Hash: 864343708352e8f5de707b18a5b61c72d3c59dc1915356db44db4e90e3f29495

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

accept-ranges: bytes
content-length: 20887
date: Mon, 23 Dec 2024 20:49:57 GMT
etag: W/"20887-1601119982000"
content-type: image/jpeg
last-modified: Sat, 26 Sep 2020 11:33:02 GMT

GET
H2 200 card-icons-mcard.png
secure.payu.co.za/pjar/responsive/img/ 2 KB
3 KB 67ms
67ms Image
image/png 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.payu.co.za/pjar/responsive/img/card-icons-mcard.png

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

3e2d7bba43858a0edcb08a3d6e94c7a1d186a4487f6e9622066e3c6f215bcbe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"2487-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2487
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: image/png
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 card-icons-visa.png
secure.payu.co.za/pjar/responsive/img/ 15 KB
16 KB 120ms
119ms Image
image/png 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.payu.co.za/pjar/responsive/img/card-icons-visa.png

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

9164e0a15c27533d2150146a74db052d0c43bb4759ac9433f690d7bd8caaec38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"15752-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 15752
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: image/png
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 lib.js Show response
src.mastercard.com//srci/integration/2/ 2 MB
417 KB 63ms
62ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com//srci/integration/2/lib.js?srcDpaId=2ebb59ef-df57-4556-89ad-e40da00c32f9&locale=en_ZA

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

a7ac5dab348967109c85dfde3296be52ecec5465d167b34eff182f6ca58f570f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: max-age=0, no-cache
content-encoding: gzip
etag: "76e14665297164ad3fe0d473d8e354fa:1731409273.002692"
pragma: no-cache
expires: Mon, 23 Dec 2024 20:49:57 GMT
accept-ranges: bytes
content-length: 426956
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: application/x-javascript
last-modified: Tue, 12 Nov 2024 10:46:24 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 src-ui-kit.esm.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 4 KB
2 KB 201ms
71ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/src-ui-kit.esm.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

0b134eebd75f767c7493e8793c2b979f8450bdc1c1117f0c9f19e54357a6fce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://secure.payu.co.za/

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
pragma: no-cache
expires: Mon, 23 Dec 2024 20:49:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1614
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 src-ui-kit.css
src.mastercard.com/srci/integration/components/src-ui-kit/ 24 B
303 B 186ms
84ms Stylesheet
text/css 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/src-ui-kit.css

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

069de3eb2e0f5d02852dabf0d0e125221adcb1a2f9e40c45cd4b34f883a244ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
pragma: no-cache
expires: Mon, 23 Dec 2024 20:49:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/css
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 spinner-dark.gif
secure.payu.co.za/pjar/responsive/img/ 2 KB
2 KB 64ms
64ms Image
image/gif 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.payu.co.za/pjar/responsive/img/spinner-dark.gif

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

25bad287bd5ff25d523e43460b10cdd063d900bd21fdcb597fc62bb095f5c3e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"1569-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1569
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: image/gif
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 logo-entrust.png
secure.payu.co.za/pjar/responsive/img/ 15 KB
15 KB 112ms
111ms Image
image/png 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.payu.co.za/pjar/responsive/img/logo-entrust.png

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

25f3114d6b3aa72cbeafd68e66dc5289ac6121ddf861b68746f2f03a77c769c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"15241-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 15241
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: image/png
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 logo-pci.png
secure.payu.co.za/pjar/responsive/img/ 18 KB
19 KB 113ms
113ms Image
image/png 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.payu.co.za/pjar/responsive/img/logo-pci.png

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

7075b8c247b62452a4d3bb9c9394594e535c9cc08ecb6efd475008ee7aba40ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"18716-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 18716
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: image/png
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 main-mini.js Show response
secure.payu.co.za/pjar/responsive/scripts/ 78 KB
78 KB 67ms
66ms Script
text/javascript 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/responsive/scripts/main-mini.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

3b1d6af9c796d3799cd1f3e97ae96a3d934fe2a144757ecfeff8c9c8fd1d480e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"80028-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 80028
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 custom.js Show response
secure.payu.co.za/pjar/javascript/ 24 KB
24 KB 115ms
114ms Script
text/javascript 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/javascript/custom.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

59b8a9fef743e6a3f8638520163fba8e98d6b8fa11e613bb01e235e88886506a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"24258-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 24258
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 payu.google.analytics.js Show response
secure.payu.co.za/pjar/javascript/ 4 KB
4 KB 110ms
110ms Script
text/javascript 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/javascript/payu.google.analytics.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

84ba6875bb799a056fa02535b706c5fb5c3750f3923343ea24824d7debd1e876

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"3905-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3905
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 payu.form.utils.js Show response
secure.payu.co.za/pjar/responsive/scripts/ 1 KB
2 KB 130ms
129ms Script
text/javascript 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/responsive/scripts/payu.form.utils.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

2fc910063911414e8ee4da7f313a7e11be6de409a55d7cd97df34d897efc6148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"1519-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 1519
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/javascript
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 23 KB
2 KB 164ms
63ms Stylesheet
text/css 142.250.181.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,600

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/pjar/responsive/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f10.1e100.net

Software

ESF /

Resource Hash

43fc587d4c7860e824a47a42fc2b758455429aaf36b6eeb270d7cfb6a8975c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 23 Dec 2024 20:49:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 23 Dec 2024 20:19:37 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 84ms
37ms Font
font/woff2 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,700,600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://fonts.googleapis.com/

Response headers

age: 600634
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 16 Dec 2025 21:59:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 16 Dec 2024 21:59:23 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

GET
H2 200 p-fef5b613.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 12 KB
6 KB 49ms
49ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

b5db146042ca9334ba35c99369aab7bd30610fdbb02c38c87d809cde8b9ec1b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/src-ui-kit.esm.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5727
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.6.3/webfonts/ 77 KB
78 KB 29ms
29ms Font
font/woff2 172.67.142.245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.6.3/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.142.245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://use.fontawesome.com/releases/v5.6.3/css/all.css

Response headers

cf-cache-status: HIT
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
age: 37646
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4aZNEz%2F00N8pZERqgv%2BlZ1I65KwWcADlfInDDO01gWH3C0WGtMOhOErqv6kicE0ZumHPOFbgjiKmejpdpOIjet5ND61XjM1IP3zt79oerSpC9qpOQlanVpZUvn9aC10ECWPWosI"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2367&min_rtt=352&rtt_var=2983&sent=19&recv=15&lost=0&retrans=0&sent_bytes=17302&recv_bytes=2365&delivery_rate=10392344&cwnd=257&unsent_bytes=0&cid=29a8d31cb73dc0c6&ts=298&x=0"
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:45:45 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8f6b389f4a8701fe-WAW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79100
server: cloudflare

GET
H2 200 p-2cdbcc22.entry.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 113 KB
15 KB 49ms
49ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-2cdbcc22.entry.js

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

6d670b6d3ea346a7a2222a3e4ed88f157a7a2bb695f9e7a47f89593ff8b625c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14767
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 p-279c1e40.entry.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 114 KB
15 KB 80ms
79ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-279c1e40.entry.js

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

9dc758d4bf7126d0715d8ef1a2105a3c26bff6fa4848b515c75dc6c6e938040d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:57 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15511
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 communicator-frame.1.0.0.html
src.mastercard.com/srci/merchant/2/ Frame 7D68 0
0 245ms
149ms Document
text/html 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/merchant/2/communicator-frame.1.0.0.html

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com//srci/integration/2/lib.js?srcDpaId=2ebb59ef-df57-4556-89ad-e40da00c32f9&locale=en_ZA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Referer: https://secure.payu.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 23 Dec 2024 20:49:58 GMT
etag: "2a89dbdbfe548ef2153fc8226a20c563:1731324720.241246"
expires: Mon, 23 Dec 2024 20:49:58 GMT
last-modified: Mon, 11 Nov 2024 11:16:41 GMT
pragma: no-cache
server: undisclosed
strict-transport-security: max-age=86400 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,3mRUM,1

GET
H2 200 srcsdk.mastercard.js Show response
src.mastercard.com/sdk/ 335 KB
93 KB 52ms
52ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/sdk/srcsdk.mastercard.js

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com//srci/integration/2/lib.js?srcDpaId=2ebb59ef-df57-4556-89ad-e40da00c32f9&locale=en_ZA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

40104efd79af82cb847dabb411be14824b857b477ae1d10dbf660127808d52e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: max-age=0, no-cache
content-encoding: gzip
etag: "eead5822a901ab2dd352754caccdf76f:1730116084.711987"
pragma: no-cache
expires: Mon, 23 Dec 2024 20:49:57 GMT
accept-ranges: bytes
content-length: 94987
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: application/x-javascript
last-modified: Mon, 28 Oct 2024 11:29:04 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 visaSdk.js Show response
secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/ 123 KB
47 KB 167ms
84ms Script
application/javascript 104.19.209.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com//srci/integration/2/lib.js?srcDpaId=2ebb59ef-df57-4556-89ad-e40da00c32f9&locale=en_ZA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.209.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afdda8cf36d788ca8658f7bbd148572f65138daf069b330b598e92cd9c108221

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' .visa.com https://accounts.google.com .bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .americanexpress.com .aexp-static.com .google-analytics.com .googleapis.com .googletagmanager.com .doubleclick.net https://payments.google.com https://translate.google.com .amazonaws.com https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; script-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .americanexpress.com .aexp-static.com .amazonaws.com https://payments.google.com https://translate.google.com .google-analytics.com .googleapis.com .googletagmanager.com .doubleclick.net https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; frame-src data: 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com .americanexpress.com .aexp-static.com .discover.com .discover-src.com .discovercard.com .online-metrix.net https://www.googletagmanager.com .googleapis.com .doubleclick.net .cardinalcommerce.com; style-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .aexp-static.com .assets.mastercard.com .discover.com .discover-src.com .discovercard.com .googleapis.com 'unsafe-inline'; style-src-elem 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .aexp-static.com .assets.mastercard.com .discover.com .discover-src.com .discovercard.com https://fonts.googleapis.com https://translate.googleapis.com 'unsafe-inline'; img-src data: 'self' .visa.com .staticv.me .bc.earlywarning.com bc.earlywarning.com .americanexpress.com .aexp-static.com .assets.mastercard.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .online-metrix.net .doubleclick.net .gstatic.com .google.com .analytics.google.com .google-analytics.com .googletagmanager.com .googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws; connect-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com .americanexpress.com .discover.com .discover-src.com .discovercard.com .doubleclick.net .gstatic.com .google.com .analytics.google.com .google-analytics.com .googletagmanager.com .googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws .optimizely.com .opendns.com https://policy.cookiereports.com https://gateway.zscaler.net; media-src 'none'; font-src data: 'self' .visa.com .mastercard.com .discover.com .discover-src.com .discovercard.com .aexp-static.com https://fonts.gstatic.com https://fonts.googleapis.com .googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
Strict-Transport-Security	max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

x-correlation-id: 2_1733936974_686_44_b2k8l55b9c85b4z6_CHECKOUT-WIDGET
cf-cache-status: HIT
age: 445218
content-encoding: br
report-to: { "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
x-content-type-options: nosniff
expires: Tue, 24 Dec 2024 00:49:58 GMT
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
x-served-by: b2k8l55b9c85b4z6
strict-transport-security: max-age=31536000 ; includeSubDomains, max-age=31536000; includeSubDomains
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com *.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.americanexpress.com *.aexp-static.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.doubleclick.net https://payments.google.com https://translate.google.com *.amazonaws.com https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; script-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.americanexpress.com *.aexp-static.com *.amazonaws.com https://payments.google.com https://translate.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.doubleclick.net https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; frame-src data: 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.discover.com *.discover-src.com *.discovercard.com *.online-metrix.net https://www.googletagmanager.com *.googleapis.com *.doubleclick.net *.cardinalcommerce.com; style-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.aexp-static.com *.assets.mastercard.com *.discover.com *.discover-src.com *.discovercard.com *.googleapis.com 'unsafe-inline'; style-src-elem 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.aexp-static.com *.assets.mastercard.com *.discover.com *.discover-src.com *.discovercard.com https://fonts.googleapis.com https://translate.googleapis.com 'unsafe-inline'; img-src data: 'self' *.visa.com *.staticv.me *.bc.earlywarning.com bc.earlywarning.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.online-metrix.net *.doubleclick.net *.gstatic.com *.google.com *.analytics.google.com *.google-analytics.com *.googletagmanager.com *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws; connect-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com *.americanexpress.com *.discover.com *.discover-src.com *.discovercard.com *.doubleclick.net *.gstatic.com *.google.com *.analytics.google.com *.google-analytics.com *.googletagmanager.com *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws *.optimizely.com *.opendns.com https://policy.cookiereports.com https://gateway.zscaler.net; media-src 'none'; font-src data: 'self' *.visa.com *.mastercard.com *.discover.com *.discover-src.com *.discovercard.com *.aexp-static.com https://fonts.gstatic.com https://fonts.googleapis.com *.googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
cache-control: public, max-age=14400
cf-ray: 8f6b38a1ceba0230-WAW
server: cloudflare

GET
H2 200 amexSDK-1.0.0.js Show response
www.aexp-static.com/cdaas/remotecommerce/scripts/ 35 KB
9 KB 253ms
101ms Script
application/javascript 23.212.203.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aexp-static.com/cdaas/remotecommerce/scripts/amexSDK-1.0.0.js
Requested by: Host: src.mastercard.com
URL: https://src.mastercard.com//srci/integration/2/lib.js?srcDpaId=2ebb59ef-df57-4556-89ad-e40da00c32f9&locale=en_ZA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.203.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-203-180.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6c90e6b8251091ae345137ecea09a24ed0cacaf01b5c12cda41bfdf0d24d57ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

cache-control: max-age=14400, must-revalidate
timing-allow-origin: *
content-encoding: gzip
etag: W/"6732d2e1-8b24"
content-length: 9370
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 04:00:33 GMT
vary: Origin, Accept-Encoding

GET
H2 200 dgnSS-SDK-1.1.1.js Show response
webapp.src.discover.com/websdk/ 139 KB
36 KB 340ms
200ms Script
application/javascript 104.102.58.204
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://webapp.src.discover.com/websdk/dgnSS-SDK-1.1.1.js

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com//srci/integration/2/lib.js?srcDpaId=2ebb59ef-df57-4556-89ad-e40da00c32f9&locale=en_ZA

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.102.58.204 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-102-58-204.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae9c885acfbe3baa95a226c373a7eb07802255a0ac0001e1929b06e60c09094a

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'
cache-control: public, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
expires: Mon, 23 Dec 2024 20:49:58 GMT
accept-ranges: bytes
content-length: 36485
x-xss-protection: 1; mode=block
date: Mon, 23 Dec 2024 20:49:58 GMT
last-modified: Fri, 08 Nov 2024 03:11:26 GMT
content-type: application/javascript
vary: Accept-Encoding

GET
H2 200 favicon.png
secure.payu.co.za/pjar/responsive/img/ 4 KB
4 KB 84ms
84ms Other
image/png 76.223.80.153
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.payu.co.za/pjar/responsive/img/favicon.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.80.153 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ad8100121443bb0c1.awsglobalaccelerator.com

Software

Resource Hash

406c6023e7cad4f4af92a6d4949f6c84776ae448986546d515afab2c5336c7fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Response headers

strict-transport-security: max-age=31536000;includeSubDomains
etag: W/"3738-1734508028000"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 3738
date: Mon, 23 Dec 2024 20:49:57 GMT
content-type: image/png
last-modified: Wed, 18 Dec 2024 07:47:08 GMT

GET
H2 200 p-f0a80894.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 6 KB
3 KB 57ms
56ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-f0a80894.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

fb0bcbf93473ceea14734408def8231d53f31da251ecedeed2d2eede21130ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-2cdbcc22.entry.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2475
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 p-10167221.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 150 KB
40 KB 57ms
57ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-10167221.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

e72a6c6d7cabebd8c7ad6798d500dcd2fa993c90cc81b3e8535b250db5d53b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-2cdbcc22.entry.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 41102
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 p-89456e89.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 332 B
460 B 73ms
73ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-89456e89.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

808096ec8f1a74c53d2fd3ac6cf8de654449d25dbaf2ea88cb953e7890b61456

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-2cdbcc22.entry.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 208
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 p-77e843b8.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 796 B
749 B 117ms
117ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-77e843b8.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

d62abd93db2be50c8a86a92ff1c9a6db76006966c089e3bb34ba142819afd6bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-279c1e40.entry.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 496
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 communicator-frame.1.0.0.html
src.mastercard.com/sdk/ Frame 1020 0
0 141ms
140ms Document
text/html 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/sdk/communicator-frame.1.0.0.html

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com/sdk/srcsdk.mastercard.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

Referer: https://secure.payu.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache
content-encoding: gzip
content-type: text/html
date: Mon, 23 Dec 2024 20:49:58 GMT
etag: "eead5822a901ab2dd352754caccdf76f:1730116084.711987"
expires: Mon, 23 Dec 2024 20:49:58 GMT
last-modified: Mon, 28 Oct 2024 11:29:04 GMT
pragma: no-cache
server: undisclosed
strict-transport-security: max-age=86400 ; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mTOE,3

GET
H2 200 p-ee58e804.entry.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 128 KB
16 KB 68ms
68ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-ee58e804.entry.js

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

6531a406f4e3a64de26f866b288da235bfacc2adaa19a53928a932110fc8297f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16579
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 p-ddc1b1f1.entry.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 239 KB
29 KB 77ms
77ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-ddc1b1f1.entry.js

Requested by

Host: src.mastercard.com
URL: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

2c62f18a605effd3ed4c04f83c37fe8a00bfbf6b63c1177e09b3c54cfd7e3862

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-fef5b613.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29705
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 click-to-pay.svg
src.mastercard.com/srci/integration/components/src-ui-kit/assets/ 3 KB
2 KB 61ms
61ms Image
image/svg+xml 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/assets/click-to-pay.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

d80ae650f6f300d52fdab903bffe3d2eaef819730f148a014ca6dc7042e9c5de

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
pragma: no-cache
expires: Mon, 23 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1559
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: image/svg+xml
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 p-861fc161.js Show response
src.mastercard.com/srci/integration/components/src-ui-kit/ 5 KB
1 KB 47ms
47ms Script
application/x-javascript 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/p-861fc161.js

Requested by

Host: secure.payu.co.za
URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

2827a7ba64dc3beb0240c1a7eba6551944f5e184eea7a78c34e19e7b6fa743e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://secure.payu.co.za
Referer: https://src.mastercard.com/srci/integration/components/src-ui-kit/p-ee58e804.entry.js

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: private, max-age=604800
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
expires: Mon, 30 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1151
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: application/x-javascript
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

GET
H2 200 external-src-system
secure.checkout.visa.com/checkout-widget/ Frame BF19 0
0 283ms
217ms Document
text/html 104.19.208.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checkout.visa.com/checkout-widget/external-src-system?parentUrl=https%3A%2F%2Fsecure.payu.co.za

Requested by

Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.208.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' .visa.com https://accounts.google.com .bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .americanexpress.com .aexp-static.com .google-analytics.com .googleapis.com .googletagmanager.com .doubleclick.net https://payments.google.com https://translate.google.com .amazonaws.com https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; script-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .americanexpress.com .aexp-static.com .amazonaws.com https://payments.google.com https://translate.google.com .google-analytics.com .googleapis.com .googletagmanager.com .doubleclick.net https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; frame-src data: 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com .americanexpress.com .aexp-static.com .discover.com .discover-src.com .discovercard.com .online-metrix.net https://www.googletagmanager.com .googleapis.com .doubleclick.net .cardinalcommerce.com; style-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .aexp-static.com .assets.mastercard.com .discover.com .discover-src.com .discovercard.com .googleapis.com 'unsafe-inline'; style-src-elem 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .aexp-static.com .assets.mastercard.com .discover.com .discover-src.com .discovercard.com https://fonts.googleapis.com https://translate.googleapis.com 'unsafe-inline'; img-src data: 'self' .visa.com .staticv.me .bc.earlywarning.com bc.earlywarning.com .americanexpress.com .aexp-static.com .assets.mastercard.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .online-metrix.net .doubleclick.net .gstatic.com .google.com .analytics.google.com .google-analytics.com .googletagmanager.com .googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws; connect-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com .americanexpress.com .discover.com .discover-src.com .discovercard.com .doubleclick.net .gstatic.com .google.com .analytics.google.com .google-analytics.com .googletagmanager.com .googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws .optimizely.com .opendns.com https://policy.cookiereports.com https://gateway.zscaler.net; media-src 'none'; font-src data: 'self' .visa.com .mastercard.com .discover.com .discover-src.com .discovercard.com .aexp-static.com https://fonts.gstatic.com https://fonts.googleapis.com .googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.payu.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8f6b38a33a75c047-WAW
content-encoding: br
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com *.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.americanexpress.com *.aexp-static.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.doubleclick.net https://payments.google.com https://translate.google.com *.amazonaws.com https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; script-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.americanexpress.com *.aexp-static.com *.amazonaws.com https://payments.google.com https://translate.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.doubleclick.net https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; frame-src data: 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.discover.com *.discover-src.com *.discovercard.com *.online-metrix.net https://www.googletagmanager.com *.googleapis.com *.doubleclick.net *.cardinalcommerce.com; style-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.aexp-static.com *.assets.mastercard.com *.discover.com *.discover-src.com *.discovercard.com *.googleapis.com 'unsafe-inline'; style-src-elem 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.aexp-static.com *.assets.mastercard.com *.discover.com *.discover-src.com *.discovercard.com https://fonts.googleapis.com https://translate.googleapis.com 'unsafe-inline'; img-src data: 'self' *.visa.com *.staticv.me *.bc.earlywarning.com bc.earlywarning.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.online-metrix.net *.doubleclick.net *.gstatic.com *.google.com *.analytics.google.com *.google-analytics.com *.googletagmanager.com *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws; connect-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com *.americanexpress.com *.discover.com *.discover-src.com *.discovercard.com *.doubleclick.net *.gstatic.com *.google.com *.analytics.google.com *.google-analytics.com *.googletagmanager.com *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws *.optimizely.com *.opendns.com https://policy.cookiereports.com https://gateway.zscaler.net; media-src 'none'; font-src data: 'self' *.visa.com *.mastercard.com *.discover.com *.discover-src.com *.discovercard.com *.aexp-static.com https://fonts.gstatic.com https://fonts.googleapis.com *.googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
content-type: text/html;charset=UTF-8
date: Mon, 23 Dec 2024 20:49:58 GMT
expires: Wed, 31 Dec 1969 23:59:59 GMT
pragma: no-cache
report-to: { "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-correlation-id: 1_1734986998_410_46746_b2k8l73-5558c47758p7l_CHECKOUT-WIDGET
x-served-by: b2k8l73-5558c47758p7l

GET
H2 200 sdk-loader
secure.checkout.visa.com/checkout-widget/ Frame DA42 0
0 285ms
221ms Document
text/html 104.19.208.81
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.checkout.visa.com/checkout-widget/sdk-loader?isSRCBranded=true

Requested by

Host: secure.checkout.visa.com
URL: https://secure.checkout.visa.com/checkout-widget/resources/js/src-i-adapter/visaSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.208.81 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' .visa.com https://accounts.google.com .bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .americanexpress.com .aexp-static.com .google-analytics.com .googleapis.com .googletagmanager.com .doubleclick.net https://payments.google.com https://translate.google.com .amazonaws.com https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; script-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .americanexpress.com .aexp-static.com .amazonaws.com https://payments.google.com https://translate.google.com .google-analytics.com .googleapis.com .googletagmanager.com .doubleclick.net https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; frame-src data: 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com .americanexpress.com .aexp-static.com .discover.com .discover-src.com .discovercard.com .online-metrix.net https://www.googletagmanager.com .googleapis.com .doubleclick.net .cardinalcommerce.com; style-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .aexp-static.com .assets.mastercard.com .discover.com .discover-src.com .discovercard.com .googleapis.com 'unsafe-inline'; style-src-elem 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .aexp-static.com .assets.mastercard.com .discover.com .discover-src.com .discovercard.com https://fonts.googleapis.com https://translate.googleapis.com 'unsafe-inline'; img-src data: 'self' .visa.com .staticv.me .bc.earlywarning.com bc.earlywarning.com .americanexpress.com .aexp-static.com .assets.mastercard.com .mastercard.com https://api-mastercard-src.nd.nudatasecurity.com .discover.com .discover-src.com .discovercard.com .online-metrix.net .doubleclick.net .gstatic.com .google.com .analytics.google.com .google-analytics.com .googletagmanager.com .googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws; connect-src 'self' .visa.com .bc.earlywarning.com bc.earlywarning.com .mastercard.com .americanexpress.com .discover.com .discover-src.com .discovercard.com .doubleclick.net .gstatic.com .google.com .analytics.google.com .google-analytics.com .googletagmanager.com .googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws .optimizely.com .opendns.com https://policy.cookiereports.com https://gateway.zscaler.net; media-src 'none'; font-src data: 'self' .visa.com .mastercard.com .discover.com .discover-src.com .discovercard.com .aexp-static.com https://fonts.gstatic.com https://fonts.googleapis.com .googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.payu.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 8f6b38a33a78c047-WAW
content-encoding: br
content-security-policy: block-all-mixed-content; upgrade-insecure-requests; base-uri 'self'; default-src 'self' *.visa.com https://accounts.google.com *.bc.earlywarning.com bc.earlywarning.com; script-src-elem 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.americanexpress.com *.aexp-static.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.doubleclick.net https://payments.google.com https://translate.google.com *.amazonaws.com https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; script-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.americanexpress.com *.aexp-static.com *.amazonaws.com https://payments.google.com https://translate.google.com *.google-analytics.com *.googleapis.com *.googletagmanager.com *.doubleclick.net https://spay.samsung.com https://cdnjs.cloudflare.com 'unsafe-eval' 'unsafe-inline'; frame-src data: 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com *.americanexpress.com *.aexp-static.com *.discover.com *.discover-src.com *.discovercard.com *.online-metrix.net https://www.googletagmanager.com *.googleapis.com *.doubleclick.net *.cardinalcommerce.com; style-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.aexp-static.com *.assets.mastercard.com *.discover.com *.discover-src.com *.discovercard.com *.googleapis.com 'unsafe-inline'; style-src-elem 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.aexp-static.com *.assets.mastercard.com *.discover.com *.discover-src.com *.discovercard.com https://fonts.googleapis.com https://translate.googleapis.com 'unsafe-inline'; img-src data: 'self' *.visa.com *.staticv.me *.bc.earlywarning.com bc.earlywarning.com *.americanexpress.com *.aexp-static.com *.assets.mastercard.com *.mastercard.com https://api-mastercard-src.nd.nudatasecurity.com *.discover.com *.discover-src.com *.discovercard.com *.online-metrix.net *.doubleclick.net *.gstatic.com *.google.com *.analytics.google.com *.google-analytics.com *.googletagmanager.com *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws; connect-src 'self' *.visa.com *.bc.earlywarning.com bc.earlywarning.com *.mastercard.com *.americanexpress.com *.discover.com *.discover-src.com *.discovercard.com *.doubleclick.net *.gstatic.com *.google.com *.analytics.google.com *.google-analytics.com *.googletagmanager.com *.googleapis.com www.google.ad www.google.ae www.google.al www.google.am www.google.as www.google.at www.google.az www.google.ba www.google.be www.google.bf www.google.bg www.google.bi www.google.bj www.google.bs www.google.bt www.google.by www.google.ca www.google.cat www.google.cd www.google.cf www.google.cg www.google.ch www.google.ci www.google.cl www.google.cm www.google.cn www.google.co.ao www.google.co.bw www.google.co.ck www.google.co.cr www.google.co.id www.google.co.il www.google.co.in www.google.co.jp www.google.co.ke www.google.co.kr www.google.co.ls www.google.co.ma www.google.co.mz www.google.co.nz www.google.co.th www.google.co.tz www.google.co.ug www.google.co.uk www.google.co.uz www.google.co.ve www.google.co.vi www.google.co.za www.google.co.zm www.google.co.zw www.google.com.af www.google.com.ag www.google.com.ai www.google.com.ar www.google.com.au www.google.com.bd www.google.com.bh www.google.com.bn www.google.com.bo www.google.com.br www.google.com.bz www.google.com.co www.google.com.cu www.google.com.cy www.google.com.do www.google.com.ec www.google.com.eg www.google.com.et www.google.com.fj www.google.com.gh www.google.com.gi www.google.com.gt www.google.com.hk www.google.com.jm www.google.com.kh www.google.com.kw www.google.com.lb www.google.com.ly www.google.com.mm www.google.com.mt www.google.com.mx www.google.com.my www.google.com.na www.google.com.nf www.google.com.ng www.google.com.ni www.google.com.np www.google.com.om www.google.com.pa www.google.com.pe www.google.com.pg www.google.com.ph www.google.com.pk www.google.com.pr www.google.com.py www.google.com.qa www.google.com.sa www.google.com.sb www.google.com.sg www.google.com.sl www.google.com.sv www.google.com.tj www.google.com.tr www.google.com.tw www.google.com.ua www.google.com.uy www.google.com.vc www.google.com.vn www.google.cv www.google.cz www.google.de www.google.dj www.google.dk www.google.dm www.google.dz www.google.ee www.google.es www.google.fi www.google.fm www.google.fr www.google.ga www.google.ge www.google.gg www.google.gl www.google.gm www.google.gp www.google.gr www.google.gy www.google.hn www.google.hr www.google.ht www.google.hu www.google.ie www.google.im www.google.iq www.google.is www.google.it www.google.je www.google.jo www.google.kg www.google.ki www.google.kz www.google.la www.google.li www.google.lk www.google.lt www.google.lu www.google.lv www.google.md www.google.me www.google.mg www.google.mk www.google.ml www.google.mn www.google.ms www.google.mu www.google.mv www.google.mw www.google.ne www.google.nl www.google.no www.google.nr www.google.nu www.google.pl www.google.pn www.google.ps www.google.pt www.google.ro www.google.rs www.google.ru www.google.rw www.google.sc www.google.se www.google.sh www.google.si www.google.sk www.google.sm www.google.sn www.google.so www.google.sr www.google.st www.google.td www.google.tg www.google.tk www.google.tl www.google.tm www.google.tn www.google.to www.google.tt www.google.vg www.google.vu www.google.ws *.optimizely.com *.opendns.com https://policy.cookiereports.com https://gateway.zscaler.net; media-src 'none'; font-src data: 'self' *.visa.com *.mastercard.com *.discover.com *.discover-src.com *.discovercard.com *.aexp-static.com https://fonts.gstatic.com https://fonts.googleapis.com *.googleusercontent.com; object-src 'self' https://thm.visa.com; report-uri /logging/logCSPReport; report-to csp-endpoint
content-type: text/html;charset=UTF-8
date: Mon, 23 Dec 2024 20:49:58 GMT
report-to: { "group": "csp-endpoint", "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }, { "max_age": 10886400, "endpoints": [{ "url": "/logging/logCSPReport" }] }
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-correlation-id: 1_1734986998_412_46958_b2k8l73-5558c47758p7l_CHECKOUT-WIDGET
x-served-by: b2k8l73-5558c47758p7l

GET
H/1.1 200
OK iframe.html
srcdcf.americanexpress.com/ Frame 2EF6 0
0 613ms
180ms Document
text/html 139.71.10.106
AMERICAN-EXPRESS

General

Check archive.org

Show headers Download Go to

Full URL

https://srcdcf.americanexpress.com/iframe.html?v=1.0.0

Requested by

Host: www.aexp-static.com
URL: https://www.aexp-static.com/cdaas/remotecommerce/scripts/amexSDK-1.0.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

139.71.10.106 , United States, ASN6307 (AMERICAN-EXPRESS, US),

Reverse DNS

srcdcf-euse1-vip.americanexpress.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src ; script-src 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src ; font-src ; frame-src ;connect-src 'self' .aexp-static.com .aexp.com .americanexpress.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://secure.payu.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Origin, Content-Type, Authorization, Content-Length, X-Requested-With, Accept
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
access-control-allow-origin: srcdcf.americanexpress.com
access-control-request-method: *
cache-control: no-store
content-length: 6994
content-security-policy: default-src *; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; img-src *; font-src *; frame-src *;connect-src 'self' *.aexp-static.com *.aexp.com *.americanexpress.com;
content-type: text/html; charset=UTF-8
date: Mon, 23 Dec 2024 20:49:58 GMT
etag: W/"1b52-19326fac930"
last-modified: Wed, 13 Nov 2024 19:23:10 GMT
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains;
x-content-type-options: nosniff
x-envoy-upstream-service-time: 25
x-permitted-cross-domain-policies: none
x-xss-protection: 1

GET
H2 200 mastercard.svg
src.mastercard.com/srci/integration/components/src-ui-kit/assets/ 3 KB
1 KB 133ms
133ms Image
image/svg+xml 2.18.64.28
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://src.mastercard.com/srci/integration/components/src-ui-kit/assets/mastercard.svg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.64.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-18-64-28.deploy.static.akamaitechnologies.com

Software

undisclosed /

Resource Hash

7e08bbb67778596ab2b06d32c2a15f9a7b9c408b50cae75a37dc90c8f5bcc4cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
etag: "590ac4ac1f984ffe5c4792fb47de1d9c:1731324643.47725"
pragma: no-cache
expires: Mon, 23 Dec 2024 20:49:58 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1076
date: Mon, 23 Dec 2024 20:49:58 GMT
content-type: image/svg+xml
last-modified: Mon, 11 Nov 2024 11:17:21 GMT
vary: Accept-Encoding
server: undisclosed

POST
H2 200 initialization Show response
src.apis.discover.com/sdk/v1.1/ 2 B
508 B 236ms
235ms XHR
application/json 3.130.124.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://src.apis.discover.com/sdk/v1.1/initialization

Requested by

Host: webapp.src.discover.com
URL: https://webapp.src.discover.com/websdk/dgnSS-SDK-1.1.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.130.124.194 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-124-194.us-east-2.compute.amazonaws.com

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-store
Referer: https://secure.payu.co.za/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json;charset=UTF-8
Content-Type: application/json;charset=UTF-8

Response headers

access-control-expose-headers: x-app-session
x-content-type-options: nosniff
x-amzn-requestid: 4cc690d0-4ca2-4cac-a0f4-5d6b62fa5399
date: Mon, 23 Dec 2024 20:49:59 GMT
content-type: application/json;charset=utf-8
vary: Access-Control-Request-Headers
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
x-amz-apigw-id: DQz2rFjiiYcEXlw=
pragma: no-cache
x-amzn-trace-id: Root=1-6769ccf7-3726a9751f3b8e8b257f97cc
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: https://secure.payu.co.za
x-app-session: b6a09ab7-a70c-4ea8-a8e0-32a459a4b800
content-length: 2
region: us-east-2

OPTIONS
H2 200 initialization
src.apis.discover.com/sdk/v1.1/ Frame 0
0 669ms
313ms Preflight
application/json 3.130.124.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://src.apis.discover.com/sdk/v1.1/initialization

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.130.124.194 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-124-194.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type
Access-Control-Request-Method: POST
Origin: https://secure.payu.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control, content-type
access-control-allow-methods: POST
access-control-allow-origin: https://secure.payu.co.za
access-control-expose-headers: x-app-session
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: application/json
date: Mon, 23 Dec 2024 20:49:58 GMT
expires: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
region: us-east-2
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-amz-apigw-id: DQz2oEoKiYcESJQ=
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-content-length: 0
x-amzn-remapped-date: Mon, 23 Dec 2024 20:49:58 GMT
x-amzn-requestid: 2a67788c-c7fc-4843-b0ba-e8186501db39
x-amzn-trace-id: Root=1-6769ccf6-666fdb3a65324c88373916c0
x-content-type-options: nosniff

GET
H2 404 recognise Show response
src.apis.discover.com/sdk/v1.1/identities/ 105 B
578 B 592ms
304ms XHR
application/json 3.130.124.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://src.apis.discover.com/sdk/v1.1/identities/recognise?srcClientId=d25b10f1-d572-4ea7-ab0d-a2a4a6aadb1a&srciTransactionId=c3d9d7e4-094f-4a1f-8e6f-727d5765637f&srcDpaId=2ebb59ef-df57-4556-89ad-e40da00c32f9

Requested by

Host: webapp.src.discover.com
URL: https://webapp.src.discover.com/websdk/dgnSS-SDK-1.1.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.130.124.194 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-124-194.us-east-2.compute.amazonaws.com

Software

Resource Hash

201d14dca4a68c77da61087957741edd0bdb4825f693bcf2aecef40b7de2bb1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-store
x-app-session: b6a09ab7-a70c-4ea8-a8e0-32a459a4b800
Referer: https://secure.payu.co.za/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json;charset=UTF-8
Content-Type: application/json;charset=UTF-8

Response headers

access-control-expose-headers: x-app-session
x-content-type-options: nosniff
x-amzn-requestid: eeb33041-a2c2-4abf-9971-9d6c195f4954
date: Mon, 23 Dec 2024 20:49:59 GMT
content-type: application/json;charset=utf-8
vary: Access-Control-Request-Headers
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
x-amz-apigw-id: DQz2yFfbCYcEGBw=
pragma: no-cache
x-amzn-trace-id: Root=1-6769ccf7-0f3ce48b3967aec7464ac1e5
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: https://secure.payu.co.za
content-length: 105
region: us-east-2

OPTIONS
H2 200 recognise
src.apis.discover.com/sdk/v1.1/identities/ Frame 0
0 152ms
151ms Preflight
application/json 3.130.124.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.130.124.194 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-124-194.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-app-session
Access-Control-Request-Method: GET
Origin: https://secure.payu.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control, content-type, x-app-session
access-control-allow-methods: GET
access-control-allow-origin: https://secure.payu.co.za
access-control-expose-headers: x-app-session
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: application/json
date: Mon, 23 Dec 2024 20:49:59 GMT
expires: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
region: us-east-2
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-amz-apigw-id: DQz2tEA3CYcEE1g=
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-content-length: 0
x-amzn-remapped-date: Mon, 23 Dec 2024 20:49:59 GMT
x-amzn-requestid: 873bd5a9-69ac-44ce-820c-f37aad600af7
x-amzn-trace-id: Root=1-6769ccf7-3a9d1bd150c60143651b468d
x-content-type-options: nosniff

POST
H2 200 lookup Show response
src.apis.discover.com/sdk/v1.1/identities/ 25 B
495 B 323ms
322ms XHR
application/json 3.130.124.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://src.apis.discover.com/sdk/v1.1/identities/lookup

Requested by

Host: webapp.src.discover.com
URL: https://webapp.src.discover.com/websdk/dgnSS-SDK-1.1.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.130.124.194 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-124-194.us-east-2.compute.amazonaws.com

Software

Resource Hash

1ef5200ef4905d1660c2f37f07b2537dd9655100a7af9526b2692a4bc9ba8f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-store
x-app-session: b6a09ab7-a70c-4ea8-a8e0-32a459a4b800
Referer: https://secure.payu.co.za/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json;charset=UTF-8
Content-Type: application/json;charset=UTF-8

Response headers

access-control-expose-headers: x-app-session
x-content-type-options: nosniff
x-amzn-requestid: a50cc38c-ec47-46eb-9e33-b2a3cbb01de3
date: Mon, 23 Dec 2024 20:50:00 GMT
content-type: application/json;charset=utf-8
vary: Access-Control-Request-Headers
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store
x-amz-apigw-id: DQz23Em7iYcEgLQ=
pragma: no-cache
x-amzn-trace-id: Root=1-6769ccf8-4a21d36c38cf32883463a664
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: https://secure.payu.co.za
content-length: 25
region: us-east-2

OPTIONS
H2 200 lookup
src.apis.discover.com/sdk/v1.1/identities/ Frame 0
0 151ms
151ms Preflight
application/json 3.130.124.194
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://src.apis.discover.com/sdk/v1.1/identities/lookup

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.130.124.194 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-130-124-194.us-east-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: cache-control,content-type,x-app-session
Access-Control-Request-Method: POST
Origin: https://secure.payu.co.za
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: cache-control, content-type, x-app-session
access-control-allow-methods: POST
access-control-allow-origin: https://secure.payu.co.za
access-control-expose-headers: x-app-session
access-control-max-age: 3600
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-type: application/json
date: Mon, 23 Dec 2024 20:50:00 GMT
expires: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
region: us-east-2
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-amz-apigw-id: DQz20FEQiYcEkWQ=
x-amzn-remapped-connection: keep-alive
x-amzn-remapped-content-length: 0
x-amzn-remapped-date: Mon, 23 Dec 2024 20:50:00 GMT
x-amzn-requestid: 56abd393-0a48-4e6e-9f0d-5f62f35521de
x-amzn-trace-id: Root=1-6769ccf8-294186a12993c69662bf929c
x-content-type-options: nosniff

GET
H/1.1 200
OK tags.js Show response
content.discovercard.com/fp/ 96 KB
13 KB 195ms
70ms Script
text/javascript 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/tags.js?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac

Requested by

Host: webapp.src.discover.com
URL: https://webapp.src.discover.com/websdk/dgnSS-SDK-1.1.1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1e37db4734d1e7c8574771df3f37bb34aefb6b22434390433472aead8ecbbdd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
P3P: CP=IVAa PSAa
Keep-Alive: timeout=2, max=100
Date: Mon, 23 Dec 2024 20:50:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK check.js;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE Show response
content.discovercard.com/fp/ Frame 1331 316 KB
52 KB 58ms
57ms Script
text/javascript 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/check.js;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&jb=373824266a716f75354e696c7770266a736d354e69667570246871607d3f4b6a72676d67246271623d416872676f65273038313331

Requested by

Host: content.discovercard.com
URL: https://content.discovercard.com/fp/tags.js?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

27f2e347876768908fed02833d2b2a70439adb98d17e91dd5a3de2d6dbeedc60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

X-Robots-Tag: noindex, nofollow
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=99
Date: Mon, 23 Dec 2024 20:50:00 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
tmx-nonce: de95e3465e6bb966
X-XSS-Protection: 1; mode=block
Server: Apache

GET
H/1.1 200
OK clear.png
content.discovercard.com/fp/ Frame 1331 81 B
475 B 192ms
108ms Image
image/png 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.discovercard.com/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Mon, 23 Dec 2024 20:50:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK clear.png
content.discovercard.com/fp/ Frame 1331 81 B
474 B 137ms
42ms Image
image/png 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.discovercard.com/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Keep-Alive: timeout=2, max=98
Date: Mon, 23 Dec 2024 20:50:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 200
OK clear.png Show response
content.discovercard.com/fp/ Frame 1331 81 B
533 B 207ms
102ms XHR
image/png 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/clear.png

Requested by

Host: content.discovercard.com
URL: https://content.discovercard.com/fp/check.js;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&jb=373824266a716f75354e696c7770266a736d354e69667570246871607d3f4b6a72676d67246271623d416872676f65273038313331

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*, 2ol9uikb/de95e3465e6bb96678c51fd0-c16f-11ef-b18e-3fb7868658ac
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: private, must-revalidate, max-age=0
Etag: 29445ba32e5245afafe9df7bc05359e4
Connection: Keep-Alive
Expires: Sat, 22 Dec 2029 20:50:00 GMT
Access-Control-Allow-Origin: https://secure.payu.co.za
Content-Length: 81
Keep-Alive: timeout=2, max=100
Date: Mon, 23 Dec 2024 20:50:00 GMT
Last-Modified: Mon, 23 Dec 2024 20:50:00 GMT
Content-Type: image/png
Server: Apache

GET
H/1.1

200
OK

clear.png Show response
h.online-metrix.net/fp/ Frame 1331
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&k=2

0
398 B

44ms
43ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=99
Date: Mon, 23 Dec 2024 20:50:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

Redirect headers

Strict-Transport-Security: max-age=31536000
Location: https://h.online-metrix.net/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&k=2
Connection: Keep-Alive
P3P: CP=IVAa PSAa
Content-Length: 0
Date: Mon, 23 Dec 2024 20:50:00 GMT
Keep-Alive: timeout=2, max=100
Server: Apache

GET
H/1.1 200
OK ls_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE
content.discovercard.com/fp/ Frame C6FF 0
0 170ms
69ms Document
text/html 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/ls_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.payu.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 23 Dec 2024 20:50:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
content.discovercard.com/fp/ Frame 1331 0
398 B 66ms
42ms Script
text/javascript 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&jb=313e246c73633d386d603067316e396634603136333f6331323435336e3b3e37613c3636313d64

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=97
Date: Mon, 23 Dec 2024 20:50:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 200
OK es.js Show response
content.discovercard.com/fp/ Frame 1331 134 B
656 B 110ms
43ms Script
text/javascript 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/es.js?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

7e7987a37258c640f38f66201b41b27e2b2e09dfecba8a3749b8fdaef3f1a08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Date: Mon, 23 Dec 2024 20:50:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: Apache

GET
H/1.1 200
OK sid_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE
h.online-metrix.net/fp/ Frame FBC8 0
0 48ms
48ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.payu.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 23 Dec 2024 20:50:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE
content.discovercard.com/fp/ Frame E1FB 0
0 173ms
69ms Document
text/html 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/top_fp.html;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.payu.co.za/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 23 Dec 2024 20:50:00 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
h64.online-metrix.net/fp/ Frame 1331 0
399 B 754ms
358ms Script
text/javascript 192.225.158.1
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h64.online-metrix.net/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&i=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

192.225.158.1 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=100
Date: Mon, 23 Dec 2024 20:50:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

GET
H/1.1 204
204 clear.png Show response
content.discovercard.com/fp/ Frame 1331 0
218 B 428ms
365ms Script
text/javascript 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&ja=303831362624633d3e3226783f3e3026663f39343038783930323224696435333638307a333a323026717879353538327a3f3830266678703d392c393432322e393038322c3936323224333230322c313e32302e333a30302c333e323024313a3a372e35303224353838266f76353037663731643b33343b673e626632323160363e626c313a356038636e31633c266f6c3530267361643d3a36266e6a35687474727b273349253a442730447b676b77726d2e726371772e636d2e7a692732447078702e646d2d3146586171575067646d706d6c636d2531463d3b34353b3533303037313b3c36332672643f352e70603f673a323a666e63353d35333b3b643465606538313b3367603c613939303132642e68603f6161306e3331323569333a67693564336737383137316330383263633a3866392e6a7b6d3f4e6b667770246a7b623f4160706f6d672532383333332462736f753f446b6e7d782e68716077354160706f6565246c60613d323a266e6c6f3d3a24666d74703f3824747264354777706d78672d30465f6170716975266d6374687a3f3432323b643163306a676338326d346161373e32383a32696433373d3630316464343d3a38333639643665636930346c6331366364606c353a31313b313b34692464723f68747c7273273149253246273a44736d637d70672c72697b7d2c63672e78632d30467272702e6c6d25314458617955506d64657a6566616727314c373136353135313a3a3533393636332e723d726e7d67696e5d6e6e617b682d3747646364716d23706475656b665d77696c646f7f715f6f676c69615f726463796d722d3747646364716d23706475656b665d61646d6265576363706d6a617425374d646164736d23726e776f6b665d717d6961697c6b6d652735456e636c716729706c7565616c5f7b6867616975637e672d37456e616e716d23706c776769665d72676364706c617b6d70253d456e636e71672972647767616e5d7464615f706e61796d702537476e616c736729726c7d67616c5d66677e636474722d354764696e736523706c7d65696c5d7b76675f746167776d722d3747646364716d23706475656b665d6a617461253d4766636e7b6526676e57613d7f656a656e55676a4544273238312c322d3030284d706566454c2730384553253038302e38253a32416a70676f61776d215767604f4e253232474c5b4e2530324d53253232392c302d32382a4d72676645442732384551273a32474c514c253a324551273a30312e322d30304b687a6d6f6b77652b5f6762436976556d604b69762532385565604544414e474e4d5d6966737c636c61676c5d697072697971273b4025323245585c5d626e6766645f6d6b666f6170253b402730324d5a5c5d636469725d6b6d6e74706f6c2d31422730384558545d6b6d6c677257607764646d70576a6164665d64646d61742733422d3030475a5c5f6465727c6a5f6b6c696f7227314a273a324550545d64646d61745d626c6d6c6427314a2532304750565f6e7269655d666778766027334a2530324d5a545f726f6c71656f6c5d67666673677c5d63646165722731402d303847585c5f716a696665725d74657076757067576c6f64273b40253a304d5a565d766d7a7c77726d5f616d65727265717369676c5f60727c632533402d30304d585c5d76677a7c777a675f6b6f6f727a6773736b6f6e57706776612d334225303847585c5f7c677a76777a675764696474677057636e69716f747a6d706b612d334225303847585c5f7c677a76777a67576f697a726d7057616c616f705f7c6d5f67666f652533402d30304d585c5d7150454a273b40253a304d475b5d656c676d6566765f6b6c6c65785f77616c742d334a2730324d4d51576462675f7067666665725d6d69786f6172273b4225323247475357737c636c66637a665766657a6974637c6b76657125334a2732324d4d535f74677076757a6557646e6d637c273b40253a304d475b5d74657a74757a675f646e6761745f6e616c6569722d31402730384d4d515f7c657a767d70655f6a616c6e5d666e6d69742533402d303047455b5d76677a7c777a675f60616e6457646c6f63745f646b6e67637a253342273a324f4d5357746770766d7a5763727a617b5d67606a656174253b402530325f4542474e57616f646f7a5d6077646e677a5d66646f63762d3142253030574d40474e5d6b6f6d70706d71736d645776677a767d706d5d617b7461273b4025323257454a454c5d61676d7072677b71656c5f7c677a76777a675767746b2531402d303057474247445d636d6f78726573716d665f7c65707677706757677c61312d3340273a32574540474c57616f6f727a657373676c5d746d787c7770675d7b317c61253b42273038554542454c5f6b6d6d72706d7373656657766570747d70675d713b766b5d737a6760273b4025323257454a454c5d666d6275675d7a676e6c657a67705d6b66646727334a2530325f4742474e5f646d6075655d7b686164677a71253b422d303255474a45445d646d70766a577665787675726d273340273a305745404f4e5f6c7269755d60776e646d70732d3340273a32574540474c576e6f716757636f6e766d7a742d334a273032554d404f4e5f65756e76615d64726377253b402530325f4542474e57726f64796f6d6c5d6f67666d33362e676e5d603f38366433633036613a3539623438676966383c3631636636633f603d61363838603a696635353336267f656c743f416e74656e2d3030416e6b2c2475656470354b6e7c656e273a3249726b73253a324f726766474c253038476e6f696667&jb=333b36266c733d4d6778696e6e69253246372632253a30205a3333273b402d303044696c77702732307a38365734342b273a304170726467576d62436b7627304e373b352e3b362730382a4b48564d4c2d30432730386c696b672d30304f656b696d2b273a324b6a72676d67273a443133332e3026322e32273a305361646970692d324e3731352c3b34

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=99
Date: Mon, 23 Dec 2024 20:50:00 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 200
OK clear.png
2ol9uikbv6ced6ypopm3ik56xgfyyvjjppw6x4v7de95e3465e6bb966am1.e.aa.online-metrix.net/fp/ Frame 1331 81 B
438 B 188ms
64ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2ol9uikbv6ced6ypopm3ik56xgfyyvjjppw6x4v7de95e3465e6bb966am1.e.aa.online-metrix.net/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&di=yes

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: close
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 81
Date: Mon, 23 Dec 2024 20:50:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png
Server: Apache

GET
H/1.1 204
204 clear3.png;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE Show response
content.discovercard.com/fp/ Frame 1331 0
219 B 134ms
103ms Script
text/javascript 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/clear3.png;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&jac=1&je=3a3c24266d676468352a3327304b312532413b27324b6169323534346c67316731303934636e323339353034693264603b6b356338673034386d6639343463313f373f61353e376767696362363139303f336567373a29

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Keep-Alive: timeout=2, max=100
Date: Mon, 23 Dec 2024 20:50:00 GMT
Content-Type: text/javascript;charset=UTF-8
Server: Apache
Connection: Keep-Alive

GET
H/1.1 204
204 clear1.png;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE
content.discovercard.com/fp/ Frame 1331 0
401 B 139ms
106ms Image
image/png 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.discovercard.com/fp/clear1.png;CIS3SID=73CFB7C4170CAFDB0F79776C2F6393EE?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&jf=36393426736b645f7a6c643f766c725f38523e65726646606f72365041326f33267b69665d6c6374653f31373b36393a35383030267161665f7c7978673f75676a386d61647b61247161665f6b67793d3b32353b31383133303438353269383e363a61673b6638303039303432303061383434386b673366323b303130353831343a3038323663673b613833313f386435696134643a33303832343b343b343761353163613b3531676360363034313b643a6330666a6438323238663c3263373b3e3136303669306669646a3b6336643d63693b383e36313b693b32356339653866303535693062633b3e67383a3969613533323f636e35666b6636303e606239666665313026716b6c5f7369653531303c353830303230383a3834346a3667643e6161613531643d3a3134333d613361643c336269623c37363b346a673f64613c663a3b6e6662363b38323b326431376d6435313b6e32323a3138323b666439676960303b3863313f3038346134366937663a666c393431633964303f316c313236613a3a6a31613b6235316d3035626634613f6364636130343166247b6b667a3d38

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Date: Mon, 23 Dec 2024 20:50:00 GMT
X-XSS-Protection: 1; mode=block
Content-Type: image/png;charset=UTF-8
Server: Apache

GET
H/1.1 200
OK clear.png Show response
content.discovercard.com/fp/ Frame 1331 0
398 B 66ms
66ms Script
text/javascript 91.235.133.112
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://content.discovercard.com/fp/clear.png?org_id=2ol9uikb&session_id=78c51fd0-c16f-11ef-b18e-3fb7868658ac&nonce=de95e3465e6bb966&jac=1&je=3438312626756969353337302c39372e302c3f2e31382e31342c322c3b302e7565613d33363e2c37302c3136392c313a3a2e706d3d6c67246269747b763f27354a273a306c6d76676e2d30322531413126323027304b253232717c63747d732d3030273149273a306360617065616c67253032253f462663776c683d63633f60396d366d343a33616b636b34663a613561393b32393136333c346237613b313739346a366430646c363a343238313064653c6632316e6164383635392e6778313f6b313363366d3235316530336632353f643b64646a30663a303561393a3434693a6267613b633362246d7a3435633f3a3536303a3a6963663132353638633362643565383b6267643e376663322e7761603d2d354027303a637a6168617467617c7772652732322d314127303a253232273a41253a326a6b766c677b712d30322d3343273a3025323025324b273230607a616e64712d30322d3349273740273d462d30432d3230647d6e6c56677273616d6e4e6b7b742532302d31412d354a273746273a412d3032656f606b646725323025334964616e716d253243273a306d67646d6e2730302d314927323a2530302d304325303270646374646d7a6d2532302d31412d323a273030273a412d3032786c63766e6d726d5465727b6b6f6c273a322533432d30322d323a273041273a307f6d773e3427303a27334164616c7b672535462e75616c3f2d35422d323a6070636c6c712d30322d3343273d4025354625324b2732306f6762696c672d30322d334964636e716d273a41253a32726e6976666f706d253a302531432d323225303a27374c267b6a663f6d786766

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

91.235.133.112 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://secure.payu.co.za/

Response headers

Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive
X-Content-Type-Options: nosniff
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 0
Keep-Alive: timeout=2, max=98
Date: Mon, 23 Dec 2024 20:50:01 GMT
X-XSS-Protection: 1; mode=block
Content-Type: text/javascript
Server: Apache

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: PayU (Financial)

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.payu.co.za/	1970-01-21 02:06:31	Name: AWSALB Value: uJv/HorfjzaScIyHHldC6sKQy3UxGflKiqRSJwa1VVRUgfoxVDxZUomjy35Hjb/aHTZ8zC9JO/xWIe3OvLSREyY198OtL+tfX162NhM0fiT5AVqMCrrreym1UP6a
secure.payu.co.za/	1970-01-21 02:06:31	Name: AWSALBCORS Value: uJv/HorfjzaScIyHHldC6sKQy3UxGflKiqRSJwa1VVRUgfoxVDxZUomjy35Hjb/aHTZ8zC9JO/xWIe3OvLSREyY198OtL+tfX162NhM0fiT5AVqMCrrreym1UP6a
secure.payu.co.za/	1969-12-31 23:59:59	Name: JSESSIONID Value: AE9F05D7D80F54949F79FB183F52BCAD
.secure.checkout.visa.com/	1969-12-31 23:59:59	Name: __cfruid Value: dfda84c7a2ddc72f8c65bd2215dc63ef74a06d93-1734986998
.secure.checkout.visa.com/	1969-12-31 23:59:59	Name: _cfuvid Value: xDhXVGaXZPJyoMYxFlhwn8CLh49C_vYyDUHKteOpSkI-1734986998602-0.0.1.1-604800000
.mastercard.com/	1970-01-21 01:56:41	Name: bm_sz Value: 2614D40E87770797E325018259E86BD3~YAAQW7MUAgS9sMGTAQAAkKNI9Rp8WCfcLwMGSMIe2uc3b52SnfQPQFqfkrA60u7jvBRN+lkTSxv0EZFIEtl6cwlsJ8iXxnjnpEnLBINtR5id82/m2bx+0PUJ6qPCqYqeoiU9ja9UaPw2fdla/NXKqCGKsw5skpok4zk9xNVNBMvazaymiUu5AGwrMTBpBqHCJ7hZTztpvHZvdnVmzJ/7WMpRj4E7YEwXfhsEWIwLFPCLkb20GbPykm9ncZyaoyJTC+D66XuslW3tuHbjnIzglnboHxWXZB88sLMqd3N4BhDUSJKQPjcYyzl1Wy8gSGcd109yY5vj3BXHiiEcOZYw+nlW2qUAKa7Hyxl1THv01/bw4ecBLZ6tCQu2Khel0AM=~3619127~3159877
.mastercard.com/	1970-01-21 01:56:34	Name: ak_bmsc Value: 752FEA1CCC299608454832239F617FCD~000000000000000000000000000000~YAAQW7MUAlO9sMGTAQAAmaRI9Rr5WXNUC9FJUTvSUeNtdCfcDz6mxbhEdqjE4bO/uDK/9JFDpQXocQyFuW/RRm5covmNhyMlJEEtaoicRwDrPGV0UKX9kLJDnjxYO5GbS2K5jAuxTmwqcUeKzV2Le3F08P3zIuI6+faAR5dXQdcesmkOfveA/RhzE8k95TLsKvtrqKJsF7IygtKjRM/EcA+akSysdjBb5ovgS1wGyYn2pjwjOXU2sE4cB6c7sjvzvIufempQ/unyuIGeAgzs2XYMajZmN5ORrGeik3uJWXngGNJVtz2E0RqHX90HEoJxE3tpvRHGXihTFGvYOAItVT389K72B/CCqH480BAc1qJ+A8HV6Ns2fc1AGJptiet23vHtJH23ws2EEpcT08bBecLIs17QJ3XtTBqT9zHWAn2srOkM+yLdsAC6do6M67WffzWLE34sBcVqhr4DXwPqhXY=
.visa.com/	1970-01-21 01:56:34	Name: _ga Value: GA1.1.487646889.1734986999
thm.visa.com/	1970-01-21 11:32:26	Name: thx_guid Value: 6159007615dffb63949c9b1fe18892d7
thm.visa.com/	1970-01-21 11:32:26	Name: tmx_guid Value: AAzT-m8_1MUhpFJTVjTGtxx0v7_9LbI6imdBPmfEQhYFnkr9EDLvmMH1moG8jKlBJEXsh72Vc0dwML6n70zFJegp7I1Rmw
.mastercard.com/	1970-01-21 10:42:02	Name: _abck Value: 84BF3369C9FDB9951A9B0532F126CBF3~-1~YAAQW7MUAuy9sMGTAQAAOKdI9Q2WAbS7sgauKimPvNAq9WmVivOoRUQ9Wf31TCbi06Og4qfB4xDCEp5rKj3tk2u89A9DTdIn6V99liybDav36QGlF/897GHJkz0Gu+lWA3swavovhis5F/LPeIWsAisIt6eVbeK+jR5wTZmKec3olv4+PJ6EPkXSfywdCPXfgO+Yr38a3sNwSuUePLlWnXqfe3ddF1pj2RNEcbANVTsTWMSxT5AXxzm3bXEjkr1LoKSu8z2CXzX/nqDeZqlUOrFlsG+5QzWkWEAxZlkFaRz3kkdHXlsovetvDl9tRx07DAkl3aPGPdkxjdu/pEFKCAImw6TWB1F9qqzpc6qH19vBSooH49tmEMfsJ+nOgc7fZmXTYvzyjuB+9H54VUp/8PmCL7UFBx0a8yAv2G5QZweBgu1obU0HmcjsAZbaVQ12KTqjCNIUPL0mYQXt3zSV0q0q1L6ZBvJzWKUgzrViPoE=~-1~\|\|0\|\|~-1
srcdcf.americanexpress.com/	1970-01-21 09:08:26	Name: SAFARI Value: test-cookie
www.cdn-path.com/	1970-01-21 06:15:39	Name: _cc-x Value: YTJlNDc3MGQtZDg2Yi00MTZkLWJjMjMtM2EzZmE5MDVmMzhjOjE3MzQ5ODY5OTk5NjA
.visa.com/	1970-01-21 01:56:34	Name: _ga_MDTPFSL60R Value: GS1.1.1734986999.1.0.1734987000.0.0.0
content.discovercard.com/	1970-01-21 11:32:27	Name: thx_guid Value: b7d191389264ca652e62b867bfa343d8
content.discovercard.com/	1970-01-21 11:32:27	Name: tmx_guid Value: AAxbH6UFBGUGJPRfa-zSkdVAU0E7_HEYvR7hc5v9uaj45QKU5zVthjwRmYLUkgUvYs9Cqjru7I-GVng2a1w-w7-CiLgaEw
srcdcf.americanexpress.com/	1970-01-21 10:42:06	Name: _cc Value: AZ9LA5lX01J0qGu37NTUfi5g
srcdcf.americanexpress.com/	1970-01-21 10:42:06	Name: _cid_cc Value: AZ9LA5lX01J0qGu37NTUfi5g
h.online-metrix.net/	1970-01-21 11:32:27	Name: thx_global_guid Value: e5590847a00f4a04b7bc831e2c8d9630

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://src.apis.discover.com/sdk/v1.1/identities/recognise?srcClientId=d25b10f1-d572-4ea7-ab0d-a2a4a6aadb1a&srciTransactionId=c3d9d7e4-094f-4a1f-8e6f-727d5765637f&srcDpaId=2ebb59ef-df57-4556-89ad-e40da00c32f9 Message: Failed to load resource: the server responded with a status of 404 ()
rendering	warning	URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463 Message: [GroupMarkerNotSet(crbug.com/242999)!:A09005083C210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0702E093C210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.
rendering	warning	URL: https://secure.payu.co.za/rpp.do?PayUReference=594595382739463 Message: [GroupMarkerNotSet(crbug.com/242999)!:A0D02E093C210000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2ol9uikbv6ced6ypopm3ik56xgfyyvjjppw6x4v7de95e3465e6bb966am1.e.aa.online-metrix.net
ajax.googleapis.com
content.discovercard.com
fonts.googleapis.com
fonts.gstatic.com
h.online-metrix.net
h64.online-metrix.net
secure.checkout.visa.com
secure.payu.co.za
src.apis.discover.com
src.mastercard.com
srcdcf.americanexpress.com
use.fontawesome.com
webapp.src.discover.com
www.aexp-static.com
www.payu.co.za
104.102.58.204
104.19.208.81
104.19.209.81
139.71.10.106
142.250.181.234
142.250.185.131
172.67.142.245
192.225.158.1
2.18.64.28
23.212.203.180
3.130.124.194
76.223.80.153
91.235.132.130
91.235.133.112
91.235.134.131
069de3eb2e0f5d02852dabf0d0e125221adcb1a2f9e40c45cd4b34f883a244ac
0b134eebd75f767c7493e8793c2b979f8450bdc1c1117f0c9f19e54357a6fce4
11ea508ce1b941a798e95f3c4ea2508400705a458d6fe42b8ba368a4e378c51c
1e37db4734d1e7c8574771df3f37bb34aefb6b22434390433472aead8ecbbdd8
1ef5200ef4905d1660c2f37f07b2537dd9655100a7af9526b2692a4bc9ba8f1b
201d14dca4a68c77da61087957741edd0bdb4825f693bcf2aecef40b7de2bb1c
25bad287bd5ff25d523e43460b10cdd063d900bd21fdcb597fc62bb095f5c3e8
25f3114d6b3aa72cbeafd68e66dc5289ac6121ddf861b68746f2f03a77c769c5
27f2e347876768908fed02833d2b2a70439adb98d17e91dd5a3de2d6dbeedc60
2827a7ba64dc3beb0240c1a7eba6551944f5e184eea7a78c34e19e7b6fa743e8
2c62f18a605effd3ed4c04f83c37fe8a00bfbf6b63c1177e09b3c54cfd7e3862
2fc910063911414e8ee4da7f313a7e11be6de409a55d7cd97df34d897efc6148
3a82da3614f90b07fcf2c1f926b2db5cd3272cec6d48e0f283c0536ce0623b2a
3b1d6af9c796d3799cd1f3e97ae96a3d934fe2a144757ecfeff8c9c8fd1d480e
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3e2d7bba43858a0edcb08a3d6e94c7a1d186a4487f6e9622066e3c6f215bcbe8
40104efd79af82cb847dabb411be14824b857b477ae1d10dbf660127808d52e1
406c6023e7cad4f4af92a6d4949f6c84776ae448986546d515afab2c5336c7fd
43fc587d4c7860e824a47a42fc2b758455429aaf36b6eeb270d7cfb6a8975c56
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
59b8a9fef743e6a3f8638520163fba8e98d6b8fa11e613bb01e235e88886506a
5b49526c59eb4e6b2cce3d09caad09962757a32035c6182d1063f01900fb3414
5c4fd5fb60ab786afe846c103b134a5e70a4c920e7f0e4f3c7b7f116e202d7e4
6531a406f4e3a64de26f866b288da235bfacc2adaa19a53928a932110fc8297f
6c90e6b8251091ae345137ecea09a24ed0cacaf01b5c12cda41bfdf0d24d57ed
6d670b6d3ea346a7a2222a3e4ed88f157a7a2bb695f9e7a47f89593ff8b625c6
7075b8c247b62452a4d3bb9c9394594e535c9cc08ecb6efd475008ee7aba40ad
7e08bbb67778596ab2b06d32c2a15f9a7b9c408b50cae75a37dc90c8f5bcc4cb
7e7987a37258c640f38f66201b41b27e2b2e09dfecba8a3749b8fdaef3f1a08c
808096ec8f1a74c53d2fd3ac6cf8de654449d25dbaf2ea88cb953e7890b61456
84ba6875bb799a056fa02535b706c5fb5c3750f3923343ea24824d7debd1e876
864343708352e8f5de707b18a5b61c72d3c59dc1915356db44db4e90e3f29495
9164e0a15c27533d2150146a74db052d0c43bb4759ac9433f690d7bd8caaec38
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
9dc758d4bf7126d0715d8ef1a2105a3c26bff6fa4848b515c75dc6c6e938040d
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a7ac5dab348967109c85dfde3296be52ecec5465d167b34eff182f6ca58f570f
abce489d39f43c9c2bc07b95a8eedd7473185daa736d1cc82ada97051907eeb3
ae9c885acfbe3baa95a226c373a7eb07802255a0ac0001e1929b06e60c09094a
afdda8cf36d788ca8658f7bbd148572f65138daf069b330b598e92cd9c108221
b5db146042ca9334ba35c99369aab7bd30610fdbb02c38c87d809cde8b9ec1b2
ce0f70d9e807bb959717d8350c21a107f5b6b7221a774b6d1ed057219468a260
d62abd93db2be50c8a86a92ff1c9a6db76006966c089e3bb34ba142819afd6bd
d80ae650f6f300d52fdab903bffe3d2eaef819730f148a014ca6dc7042e9c5de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72a6c6d7cabebd8c7ad6798d500dcd2fa993c90cc81b3e8535b250db5d53b87
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
fb0bcbf93473ceea14734408def8231d53f31da251ecedeed2d2eede21130ce8

secure.payu.co.za Open in urlscan Pro 76.223.80.153 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

0 %IPv6

11 Domains

16 Subdomains

15 IPs

3 Countries

1452 kBTransfer

4147 kBSize

19 Cookies

4 Outgoing links

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.payu.co.za Open in urlscan Pro
76.223.80.153 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

0 %
IPv6

11
Domains

16
Subdomains

15
IPs

3
Countries

1452 kB
Transfer

4147 kB
Size

19
Cookies

70 HTTP transactions
0 data transactions