payment-holding-vms.dev.palladio.net.pl Open in urlscan Pro
146.59.11.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://payment-holding-vms.dev.palladio.net.pl/
Effective URL:
https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Submission: On July 03 via api (July 3rd 2024, 11:40:36 am UTC) from US — Scanned from PL

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 146.59.11.2, located in France and belongs to OVH, FR. The main domain is payment-holding-vms.dev.palladio.net.pl.
TLS certificate: Issued by R10 on July 3rd 2024. Valid for: 3 months.

This is the only time payment-holding-vms.dev.palladio.net.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 17	146.59.11.2 146.59.11.2		16276 (OVH) (OVH)
16	2

17 146.59.11.2 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip2.ip-146-59-11.eu

payment-holding-vms.dev.palladio.net.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	palladio.net.pl 1 redirects payment-holding-vms.dev.palladio.net.pl	4 MB
16	1

	Domain	Requested by
17	payment-holding-vms.dev.palladio.net.pl	1 redirects payment-holding-vms.dev.palladio.net.pl
16	1

This site contains no links.

Subject Issuer	Validity	Valid
payment-holding-vms.dev.palladio.net.pl R10	`2024-07-03` - `2024-10-01`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Frame ID: DD63B71A91B902D3F696C9AE785956E9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Strapi Admin

Page URL History Show full URLs

https://payment-holding-vms.dev.palladio.net.pl/ HTTP 302
https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

4237 kB
Transfer

4226 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://payment-holding-vms.dev.palladio.net.pl/ HTTP 302
https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request content-manager Show response
payment-holding-vms.dev.palladio.net.pl/admin/
Redirect Chain

https://payment-holding-vms.dev.palladio.net.pl/
https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager

1 KB
2 KB

48ms
47ms

Document
text/html

146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

80039067bdcdaae6a7da8040660c498ede631d8ac42acc512560d79c14dac9dd

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jul 2024 11:40:30 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Origin
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>

Redirect headers

Connection: keep-alive
Content-Length: 75
Content-Type: text/html; charset=utf-8
Date: Wed, 03 Jul 2024 11:40:30 GMT
Location: /admin/content-manager
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK runtime~main.06793e5e.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 7 KB
8 KB 52ms
51ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

c3430baaddc727d3f9dd6fab6660dcc3ca04ec7457930c2125811f2b68c97535

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:30 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6695
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK main.4e1055ba.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 4 MB
4 MB 103ms
48ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/main.4e1055ba.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

8e18b495533a848734a2b11fb02a1618b4b714274513f789ae8af17e17be0659

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:30 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 4202957
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK project-type Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 48 B
1 KB 53ms
53ms XHR
application/json 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/project-type

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/main.4e1055ba.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

081a695fca7c0f19c417a992416cb280290699e39c13c84aa3a7d8b224ccab79

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:31 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 48
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 8657.08e79a7c.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 70 KB
71 KB 44ms
44ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/8657.08e79a7c.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

bbe51b66ae4aaf9ea1af2e60a9786e9dad4e18129348e606d92f687a0624b495

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:31 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 71632
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 500
Internal Server Error favicon.ico
payment-holding-vms.dev.palladio.net.pl/ 99 B
1 KB 49ms
48ms Other
application/json 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4d9a9e3b3ea8ba0dd4a089de75b97c3468aa6e6fd7e0c0257462e38b1272a292

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:31 GMT
Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 99
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 7542.b463ccde.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 14 KB
15 KB 74ms
72ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/7542.b463ccde.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

47a134a248a8358e60008fdffd9b728a9c92dbced92eb7783e5e01af53fa9b9a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:31 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 14648
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 2172.0e84088d.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 2 KB
3 KB 74ms
71ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/2172.0e84088d.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

f06ec996cf843b2473106db681851ecf6c132d07765fedeb2edfa066d619e5ec

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:31 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1618
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 1047.95407e1a.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 8 KB
9 KB 135ms
48ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/1047.95407e1a.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

4931c4dc559deabfe1bf05892bb010edf930c0162b5459fd57cdcf1160557cbb

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:31 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 7710
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 9509.96a596dc.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 6 KB
7 KB 128ms
43ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/9509.96a596dc.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

0bb28ec9421feb6e8652b40f65daafa51314d58685b59b00fa124133fe51ce3c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:31 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 5943
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 5064.4465451f.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 809 B
2 KB 150ms
53ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/5064.4465451f.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

0adfb006f1321b7b75216c05c7f5241c2508f381e80b7e4368eb2e9affa266e5

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:32 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 809
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 2594.fb9d05fb.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 3 KB
4 KB 143ms
54ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/2594.fb9d05fb.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

b2ec9f6505a169ff8660ca5804cf962c2714bd2b1383a6ab0772213bc2706bf5

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:32 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2778
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 4495.83ce72fc.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 5 KB
6 KB 73ms
54ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/4495.83ce72fc.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

597e1c40e87b26dd7d82987a9869a81ec364b1d808f29e80af74c9871ea0927b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:32 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 5185
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK 9828.891312cb.chunk.js Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 303 B
1 KB 75ms
55ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/9828.891312cb.chunk.js

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/runtime~main.06793e5e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

0ebd9b79e293a3bb94d18a706370b000c0d22922e006b556d06c2003258ef1e4

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:32 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 303
Referrer-Policy: no-referrer
Last-Modified: Wed, 03 Jul 2024 11:07:37 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b944151a87b54b99fe96e5bee54466bd322696f6daadedbf47a8b6b8b6b8fa53

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK init Show response
payment-holding-vms.dev.palladio.net.pl/admin/ 104 B
1 KB 52ms
51ms XHR
application/json 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/admin/init

Requested by

Host: payment-holding-vms.dev.palladio.net.pl
URL: https://payment-holding-vms.dev.palladio.net.pl/admin/main.4e1055ba.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

8817c81928c95f54af39eb581abce9336ed7bb844941f7b7b6ab7d845cb6b83a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
Authorization: Bearer null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/content-manager
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:32 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 104
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true

GET
DATA 200
OK truncated
/ 811 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3479bdf79601f64b126ebb2abbd917562fd0fa0e15521bd7344416ab3ffc1daf

Request headers

Accept-Language: pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 500
Internal Server Error favicon.ico
payment-holding-vms.dev.palladio.net.pl/ 99 B
1 KB 45ms
45ms Other
application/json 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-vms.dev.palladio.net.pl/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4d9a9e3b3ea8ba0dd4a089de75b97c3468aa6e6fd7e0c0257462e38b1272a292

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://payment-holding-vms.dev.palladio.net.pl/admin/auth/login?redirectTo=%2Fcontent-manager
Accept-Language: pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 03 Jul 2024 11:40:32 GMT
Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 99
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin
Access-Control-Allow-Credentials: true

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://payment-holding-vms.dev.palladio.net.pl/favicon.ico Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://payment-holding-vms.dev.palladio.net.pl/favicon.ico Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
recommendation	verbose	URL: https://payment-holding-vms.dev.palladio.net.pl/admin/auth/login?redirectTo=%2Fcontent-manager Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

payment-holding-vms.dev.palladio.net.pl
146.59.11.2
081a695fca7c0f19c417a992416cb280290699e39c13c84aa3a7d8b224ccab79
0adfb006f1321b7b75216c05c7f5241c2508f381e80b7e4368eb2e9affa266e5
0bb28ec9421feb6e8652b40f65daafa51314d58685b59b00fa124133fe51ce3c
0ebd9b79e293a3bb94d18a706370b000c0d22922e006b556d06c2003258ef1e4
3479bdf79601f64b126ebb2abbd917562fd0fa0e15521bd7344416ab3ffc1daf
47a134a248a8358e60008fdffd9b728a9c92dbced92eb7783e5e01af53fa9b9a
4931c4dc559deabfe1bf05892bb010edf930c0162b5459fd57cdcf1160557cbb
4d9a9e3b3ea8ba0dd4a089de75b97c3468aa6e6fd7e0c0257462e38b1272a292
597e1c40e87b26dd7d82987a9869a81ec364b1d808f29e80af74c9871ea0927b
80039067bdcdaae6a7da8040660c498ede631d8ac42acc512560d79c14dac9dd
8817c81928c95f54af39eb581abce9336ed7bb844941f7b7b6ab7d845cb6b83a
8e18b495533a848734a2b11fb02a1618b4b714274513f789ae8af17e17be0659
b2ec9f6505a169ff8660ca5804cf962c2714bd2b1383a6ab0772213bc2706bf5
b944151a87b54b99fe96e5bee54466bd322696f6daadedbf47a8b6b8b6b8fa53
bbe51b66ae4aaf9ea1af2e60a9786e9dad4e18129348e606d92f687a0624b495
c3430baaddc727d3f9dd6fab6660dcc3ca04ec7457930c2125811f2b68c97535
f06ec996cf843b2473106db681851ecf6c132d07765fedeb2edfa066d619e5ec

payment-holding-vms.dev.palladio.net.pl Open in urlscan Pro 146.59.11.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

4237 kBTransfer

4226 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

payment-holding-vms.dev.palladio.net.pl Open in urlscan Pro
146.59.11.2 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

4237 kB
Transfer

4226 kB
Size

0
Cookies

16 HTTP transactions
2 data transactions