dashboard.hit-pay.com Open in urlscan Pro
2606:4700:10::6816:45d9 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dashboard.hit-pay.com/
Effective URL:
https://dashboard.hit-pay.com/login
Submission: On June 11 via api (June 11th 2024, 11:44:32 pm UTC) from US — Scanned from DE

Summary HTTP 45 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 11 domains to perform 45 HTTP transactions. The main IP is 2606:4700:10::6816:45d9, located in United States and belongs to CLOUDFLARENET, US. The main domain is dashboard.hit-pay.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 13th 2023. Valid for: a year.

This is the only time dashboard.hit-pay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 14	2606:4700:10:... 2606:4700:10::6816:45d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.70.236 172.67.70.236	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:20b... 2600:9000:20b4:ca00:11:9cfd:9400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:d600:1e:14d2:6dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.120.248.16 34.120.248.16	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:2251:fc00:1e:14d2:6dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	54.229.134.57 54.229.134.57	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225e:da00:0:1a32:efc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:10:... 2606:4700:10::ac43:2bb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.227.225.220 35.227.225.220	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2606:4700:20:... 2606:4700:20::681a:a92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.132 142.250.186.132	() ()
45	16

14 2606:4700:10::6816:45d9 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dashboard.hit-pay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.70.236 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.nolt.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20b4:ca00:11:9cfd:9400:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:d600:1e:14d2:6dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.248.16 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 16.248.120.34.bc.googleusercontent.com

sdk.birdeatsbug.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:fc00:1e:14d2:6dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.134.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-134-57.eu-west-1.compute.amazonaws.com

api.refiner.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:da00:0:1a32:efc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

canny.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:2bb9 (United States)

ASN13335 (CLOUDFLARENET, US)

dashboard.staging.hit-pay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.225.220 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 220.225.227.35.bc.googleusercontent.com

track.customer.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:a92 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

code.gist.build	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.132 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	hit-pay.com 2 redirects dashboard.hit-pay.com dashboard.staging.hit-pay.com	674 KB
4	refiner.io js.refiner.io — Cisco Umbrella Rank: 73096 api.refiner.io — Cisco Umbrella Rank: 38269	21 KB
3	customer.io assets.customer.io — Cisco Umbrella Rank: 18532 track.customer.io — Cisco Umbrella Rank: 14098	5 KB
2	gist.build 1 redirects code.gist.build — Cisco Umbrella Rank: 20075	15 KB
2	birdeatsbug.com sdk.birdeatsbug.com — Cisco Umbrella Rank: 160579	16 KB
1	google.com www.google.com	974 B
1	canny.io canny.io — Cisco Umbrella Rank: 28236	24 KB
1	gstatic.com fonts.gstatic.com www.gstatic.com Failed	46 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	1 KB
1	nolt.io cdn.nolt.io — Cisco Umbrella Rank: 202873	7 KB
45	11

	Domain	Requested by
14	dashboard.hit-pay.com	2 redirects dashboard.hit-pay.com
2	code.gist.build	1 redirects
2	api.refiner.io	js.refiner.io
2	sdk.birdeatsbug.com	dashboard.hit-pay.com
2	js.refiner.io	dashboard.hit-pay.com js.refiner.io
2	assets.customer.io	dashboard.hit-pay.com assets.customer.io
1	www.google.com	dashboard.hit-pay.com
1	track.customer.io
1	dashboard.staging.hit-pay.com
1	canny.io	dashboard.hit-pay.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	dashboard.hit-pay.com
1	fonts.googleapis.com	dashboard.hit-pay.com
1	cdn.nolt.io	dashboard.hit-pay.com
0	www.gstatic.com Failed	www.google.com
45	15

This site contains no links.

Subject Issuer	Validity	Valid
hit-pay.com Go Daddy Secure Certificate Authority - G2	`2023-11-13` - `2024-12-14`	a year	crt.sh
nolt.io WE1	`2024-06-09` - `2024-09-07`	3 months	crt.sh
*.customer.io Amazon RSA 2048 M03	`2023-10-19` - `2024-11-15`	a year	crt.sh
js.refiner.io Amazon RSA 2048 M02	`2023-09-27` - `2024-10-24`	a year	crt.sh
sdk.birdeatsbug.com GTS CA 1D4	`2024-06-08` - `2024-09-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
api.refiner.io Amazon RSA 2048 M03	`2024-04-21` - `2025-05-20`	a year	crt.sh
canny.io Amazon RSA 2048 M01	`2023-08-26` - `2024-09-24`	a year	crt.sh
dashboard.staging.hit-pay.com E1	`2024-05-22` - `2024-08-20`	3 months	crt.sh
api.customer.io WR3	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://dashboard.hit-pay.com/login
Frame ID: D4EB0B550EE1B5BFA357660ABCCF7CCD
Requests: 43 HTTP requests in this frame

Frame: https://js.refiner.io/v001/render/index.html
Frame ID: A14F43A52EB10E424A48EE44AB2B12F0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HitPay

Page URL History Show full URLs

http://dashboard.hit-pay.com/ HTTP 307
https://dashboard.hit-pay.com/ HTTP 302
https://dashboard.hit-pay.com/auth HTTP 302
https://dashboard.hit-pay.com/login Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

45
Requests

62 %
HTTPS

67 %
IPv6

11
Domains

15
Subdomains

16
IPs

3
Countries

810 kB
Transfer

2615 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dashboard.hit-pay.com/ HTTP 307
https://dashboard.hit-pay.com/ HTTP 302
https://dashboard.hit-pay.com/auth HTTP 302
https://dashboard.hit-pay.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://code.gist.build/web/latest/gist.min.js HTTP 302
https://code.gist.build/web/3.10.2/gist.min.js

45 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request login Show response
dashboard.hit-pay.com/
Redirect Chain

http://dashboard.hit-pay.com/
https://dashboard.hit-pay.com/
https://dashboard.hit-pay.com/auth
https://dashboard.hit-pay.com/login

73 KB
13 KB

724ms
724ms

Document
text/html

2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.hit-pay.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

158ef1e9a140ba9f6ae6210bf93fd76001d66e41fdfc2e3824ff38c6a4f36f56

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 892578011facbb7d-FRA
content-encoding: br
content-security-policy: frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 23:44:23 GMT
server: cloudflare
vary: X-Inertia, Origin
x-request-id: 2024-06-12/01j04v0fdb2q3vhd8q2wfp4h8b

Redirect headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 892577fe7d9abb7d-FRA
content-security-policy: frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Tue, 11 Jun 2024 23:44:23 GMT
location: https://dashboard.hit-pay.com/login
server: cloudflare
vary: Origin
x-request-id: 2024-06-12/01j04v0f0d7grkag2h8ysz48ym

GET
H2 200 snippets.js Show response
dashboard.hit-pay.com/scripts/ 1 KB
666 B 1029ms
1025ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/scripts/snippets.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69f265025a7de353d89b84c705b624f1fe2665cc3bbe6ad8462cf627cbaf92b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 06 Nov 2023 16:37:18 GMT
server: cloudflare
etag: W/"6549163e-532"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 89257805ab21bb7d-FRA

GET
H3 200 widgets.js Show response
cdn.nolt.io/ 17 KB
7 KB 120ms
54ms Script
application/javascript 172.67.70.236
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.nolt.io/widgets.js

Requested by

Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.70.236 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd55eb3b0b1739e87f6406a77a67767493a67094721f3b77d38e10f222e8d819

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
age: 6851
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1717493895&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=TJHBmxjXdo2l%2FES9yzdSbi21H6iZCzCNF8J2rqrdHH4%3D
cf-bgj: minify
last-modified: Tue, 04 Jun 2024 05:33:11 GMT
server: cloudflare
etag: W/"43f8-18fe1bcb1d8"
vary: Accept-Encoding
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1717493895&sid=67ff5de4-ad2b-4112-9289-cf96be89efed&s=TJHBmxjXdo2l%2FES9yzdSbi21H6iZCzCNF8J2rqrdHH4%3D"}]}
content-type: application/javascript; charset=UTF-8
x-frame-options: deny
cache-control: public, max-age=600
cf-ray: 892578060cb7a064-FRA

GET
H2 200 app-fba11e29.css
dashboard.hit-pay.com/dashboard/assets/ 143 KB
26 KB 1781ms
1778ms Stylesheet
text/css 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/app-fba11e29.css
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fba11e290376d473fb4ff93af7664523c769bc7f4f186b4269bf382ecb3da717

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:25 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 15:25:06 GMT
server: cloudflare
etag: W/"6654a5d2-23d18"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
cf-ray: 89257805ab1dbb7d-FRA

GET
H2 200 app-0b2a1bb7.js Show response
dashboard.hit-pay.com/dashboard/assets/ 2 MB
597 KB 2305ms
2302ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e8dafd04b520c2a1da47a8fbacde641190bc50660d7b1f4fe4c2c763c33be6c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/login
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:26 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Jun 2024 15:38:42 GMT
server: cloudflare
etag: W/"66608682-1e4126"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 89257805ab22bb7d-FRA

GET
H2 200 track.js Show response
assets.customer.io/assets/ 7 KB
3 KB 151ms
39ms Script
application/javascript 2600:9000:20b4:ca00:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/track.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/scripts/snippets.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:ca00:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fcfdae5440da627328eae9b05b0a54eb0e545892167f7e3c88636037a5c4c79

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: odzkoRMkQKzm9Qvmhal1oizSy3Yx3GJd
content-encoding: br
via: 1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 04:31:30 GMT
last-modified: Mon, 15 Apr 2024 20:40:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 69178
x-amz-server-side-encryption: AES256
etag: W/"32a8226512dd2cca5956cdb283e5bdfe"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cross-origin-resource-policy: cross-origin
x-amz-cf-id: MCkCvKJwyxwXFlZnHZm8r-OFJAbWhbbOHemO_u3Lx_AIiqQtgAV9FQ==

GET
H2 200 client.js Show response
js.refiner.io/v001/ 54 KB
19 KB 149ms
44ms Script
application/javascript 2600:9000:2251:d600:1e:14d2:6dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.refiner.io/v001/client.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:d600:1e:14d2:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b9a1331e32e0097e3588428b24d82160906d035ae135bfa27f33a09db85b8e58

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: kFCv7HAA_SotGqKWLVFY18GC3IESZmLx
content-encoding: gzip
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 22:01:20 GMT
last-modified: Thu, 06 Jun 2024 13:09:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 6191
etag: "fb3b31f80f168cd5bbe69177322003f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 19053
x-amz-cf-id: q4IoEnzyMdrDmA9rn7C340VEROhTlCbCHLiJ8v6Yx0P_pDLYxF9qOw==

GET
H2 200 core.js Show response
sdk.birdeatsbug.com/v2/ 40 KB
11 KB 130ms
40ms Script
application/javascript 34.120.248.16
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.birdeatsbug.com/v2/core.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.248.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 16.248.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 71af7056f34b2a003dbdea1210b0d9452274af024ec7cfefb566f916279d8d84

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:22:34 GMT
content-encoding: gzip
age: 1311
x-guploader-uploadid: ABPtcPpCmeCFDAb_Z0-JDTM90JDh4sMA2Ru2naS0D1OsIx9xFqHaJ5HB8AW8Qvd-3fzVZQcgSz4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 10688
last-modified: Wed, 05 Jun 2024 11:11:51 GMT
server: UploadServer
etag: "2d146db2c4c8778ae0c18021f871477f"
vary: Accept-Encoding
x-goog-generation: 1717585911223305
x-goog-hash: crc32c=7LJJQw==, md5=LRRtssTId4rgwYAh+HFHfw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: max-age=3600, stale-while-revalidate=3600
x-goog-stored-content-length: 10688
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 12 Jun 2024 00:22:34 GMT

GET
H2 200 style.css
sdk.birdeatsbug.com/v2/ 20 KB
5 KB 129ms
39ms Stylesheet
text/css 34.120.248.16
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.birdeatsbug.com/v2/style.css
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.248.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 16.248.120.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3d2b5598c75092ca6af588d5f3c01f5d3b0e1b268d6c23b9d6d284a457a5041f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:37:06 GMT
content-encoding: gzip
age: 439
x-guploader-uploadid: ABPtcPr27AJ0rOsRRGrcsfqU7PmpZNrlS-xxqqNGOIyP_E6T0PL_M7w_QWcMFGf0G7m9UM3-B72moDxK9A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 4418
last-modified: Wed, 05 Jun 2024 11:11:51 GMT
server: UploadServer
etag: "92792f451b874bf37afc37e5e2a8e4c1"
vary: Accept-Encoding
x-goog-generation: 1717585911216402
x-goog-hash: crc32c=bzzFqQ==, md5=knkvRRuHS/N6/Dfl4qjkwQ==
access-control-allow-origin: *
content-type: text/css
cache-control: max-age=3600, stale-while-revalidate=3600
x-goog-stored-content-length: 4418
accept-ranges: bytes
expires: Wed, 12 Jun 2024 00:37:06 GMT

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 140ms
48ms Stylesheet
text/css 2a00:1450:4001:81d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Requested by

Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-fba11e29.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Jun 2024 23:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 23:14:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Jun 2024 23:44:25 GMT

GET
H2 200 flag-icons.min.css
cdn.jsdelivr.net/gh/lipis/flag-icons@latest/css/ 27 KB
2 KB 165ms
58ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/lipis/flag-icons@latest/css/flag-icons.min.css

Requested by

Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-fba11e29.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9a4bf82c214c04e00460ebac02596a2a0d2703fe7a50927c5f6bf134f9f7474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 23:44:25 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5300
x-jsd-version: 7.2.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1801
x-served-by: cache-fra-etou8220144-FRA, cache-mxp6961-MXP
x-jsd-version-type: version
etag: W/"6d00-M9WrYs753gvNoxlQp5BWS/1svxc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 LoginPage-5495f5cd.js Show response
dashboard.hit-pay.com/dashboard/assets/ 4 KB
2 KB 1037ms
1035ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/LoginPage-5495f5cd.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0650a3823fdf7038b918079740c45461f1e9f6e27d91b469364502deddd12e88

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Jun 2024 15:38:42 GMT
server: cloudflare
etag: W/"66608682-1077"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 892578182a83bb7d-FRA

GET
H2 200 validators-13bdb5f8.js Show response
dashboard.hit-pay.com/dashboard/assets/ 2 KB
900 B 1067ms
1066ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/validators-13bdb5f8.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1bd9ca88a19a09121675788da791f5f1ea1bf3ca5f584d6f804f5c67f60a587

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Jun 2024 15:38:42 GMT
server: cloudflare
etag: W/"66608682-757"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 892578182a85bb7d-FRA

GET
H2 200 isValidPhoneNumber-1ddd2912.js Show response
dashboard.hit-pay.com/dashboard/assets/ 2 KB
638 B 1065ms
1064ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/isValidPhoneNumber-1ddd2912.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a820466138f08f419ef06991898c36f2621653111d8612203267f06897cb895

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 15:25:06 GMT
server: cloudflare
etag: W/"6654a5d2-714"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 892578182a86bb7d-FRA

GET
H2 200 normalizeArguments-f3d4dfd7.js Show response
dashboard.hit-pay.com/dashboard/assets/ 114 KB
30 KB 4879ms
4878ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/normalizeArguments-f3d4dfd7.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8faaf70b1e58da4d793318fe807eae4f44eff93beb959505b1a0d0c258b9293f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:28 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 27 May 2024 15:25:06 GMT
server: cloudflare
etag: W/"6654a5d2-1c73d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 892578182a87bb7d-FRA

GET
H2 200 HitPayLogo-65328a5b.js Show response
dashboard.hit-pay.com/dashboard/assets/ 438 B
352 B 1048ms
1047ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/HitPayLogo-65328a5b.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a21f9740cbe8c1ac8a23d898d104ada21d2f5e975817127166d423dc358fed8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 05 Jun 2024 15:38:42 GMT
server: cloudflare
etag: W/"66608682-1b6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 892578182a88bb7d-FRA

GET
H2 200 _plugin-vue_export-helper-c27b6911.js Show response
dashboard.hit-pay.com/dashboard/assets/ 91 B
174 B 1035ms
1034ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/_plugin-vue_export-helper-c27b6911.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 12 Dec 2023 16:32:49 GMT
server: cloudflare
etag: W/"65788b31-5b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 892578182a89bb7d-FRA

GET
H2 200 useRecaptcha-1d3721d1.js Show response
dashboard.hit-pay.com/dashboard/assets/ 386 B
312 B 1066ms
1065ms Script
application/javascript 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/useRecaptcha-1d3721d1.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02eb735d3a0c490378fa805db13998d399e64464fed1e04b870ff6889a82471d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Feb 2024 16:09:21 GMT
server: cloudflare
etag: W/"65df5ab1-182"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 892578182a8bbb7d-FRA

GET
H2 200 LoginPage-f046254f.css
dashboard.hit-pay.com/dashboard/assets/ 37 B
159 B 1027ms
1026ms Stylesheet
text/css 2606:4700:10::6816:45d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.hit-pay.com/dashboard/assets/LoginPage-f046254f.css
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/app-0b2a1bb7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:45d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f046254fe30264c2e137ae9fd1b0bb8fb1029194d56badfc8f8c90958ac877b4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/login
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:27 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Feb 2024 16:09:21 GMT
server: cloudflare
etag: "65df5ab1-25"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 892578182a82bb7d-FRA
content-length: 37

GET
H2 200 index.html
js.refiner.io/v001/render/ Frame A14F 0
0 116ms
39ms Document
text/html 2600:9000:2251:fc00:1e:14d2:6dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.refiner.io/v001/render/index.html
Requested by: Host: js.refiner.io
URL: https://js.refiner.io/v001/client.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:fc00:1e:14d2:6dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dashboard.hit-pay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 6197
content-encoding: gzip
content-length: 304
content-type: text/html; charset=utf-8
date: Tue, 11 Jun 2024 22:01:10 GMT
etag: "ebdf0957d663d465bffb658f91bbfad1"
last-modified: Thu, 06 Jun 2024 13:09:25 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 7fd88bab22735486702d23ba4e028d86.cloudfront.net (CloudFront)
x-amz-cf-id: zXH79tY_PznPVfUqeOuCQJ3NJRF1DNRwORCXfrkChgzh95ulXnRbnw==
x-amz-cf-pop: FRA60-P3
x-amz-version-id: uuqFqlpKmZX9XexQU_w6DdCmGjA2K1Hr
x-cache: Hit from cloudfront

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 132ms
40ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://dashboard.hit-pay.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 21:40:09 GMT
x-content-type-options: nosniff
age: 7458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 21:40:09 GMT

POST
H2 201 ping Show response
api.refiner.io/js-client/v1/20ae40e0-bebc-11ec-9221-89ec91b2c80c/ 209 B
2 KB 107ms
107ms XHR
application/json 54.229.134.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.refiner.io/js-client/v1/20ae40e0-bebc-11ec-9221-89ec91b2c80c/ping

Requested by

Host: js.refiner.io
URL: https://js.refiner.io/v001/client.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.134.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-134-57.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

c32eba273b63b6c7e9b096f5be4d95d93054f2a9477b4a8680222f300733c391

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://dashboard.hit-pay.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:27 GMT
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-permitted-cross-domain-policies: none
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
content-length: 202
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.52 (Ubuntu)
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=2147483648
vary: Accept-Encoding
x-ratelimit-remaining: 119
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-download-options: noopen
cache-control: no-cache, private, max-age=86400, public
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
x-ratelimit-limit: 120
access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
x-frame-options: sameorigin
expires: Wed, 12 Jun 2024 23:44:27 GMT

OPTIONS
H2 200 ping
api.refiner.io/js-client/v1/20ae40e0-bebc-11ec-9221-89ec91b2c80c/ Frame 0
0 180ms
60ms Preflight
application/json 54.229.134.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.refiner.io/js-client/v1/20ae40e0-bebc-11ec-9221-89ec91b2c80c/ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.229.134.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-229-134-57.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.52 (Ubuntu) /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dashboard.hit-pay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, X-Auth-Token, Origin, Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
cache-control: no-cache, private max-age=86400, public
content-length: 0
content-security-policy: script-src 'unsafe-inline' 'unsafe-eval' data: https: http: https://ajax.googleapis.com https://www.googletagmanager.com https://www.google-analytics.com https://sockjs-us2.pusher.com https://www.googleadservices.com/ https://googleads.g.doubleclick.net https://js.hs-scripts.com/ https://js.chargebee.com/; block-all-mixed-content; upgrade-insecure-requests
content-type: application/json
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 11 Jun 2024 23:44:27 GMT
expect-ct: max-age=2147483648
expires: Wed, 12 Jun 2024 23:44:27 GMT
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=*, encrypted-media=(self), execution-while-not-rendered=*, execution-while-out-of-viewport=*, fullscreen=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=*, publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=*, usb=(self), web-share=(self), xr-spatial-tracking=(self)
referrer-policy: no-referrer-when-downgrade
server: Apache/2.4.52 (Ubuntu)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: sameorigin
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block

GET
H2 200 sdk.js Show response
canny.io/ 70 KB
24 KB 139ms
48ms Script
text/javascript 2600:9000:225e:da00:0:1a32:efc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://canny.io/sdk.js
Requested by: Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:da00:0:1a32:efc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b125c88918b97d812009b7546058b77c6ee22befe5928859029bc24e049d9774

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: kzYtJ30T3zeqeyLKa4EuGXaI0sS0XSaA
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 23:31:13 GMT
x-amz-cf-pop: FRA60-P4
age: 796
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 11 Jun 2024 13:20:13 GMT
server: AmazonS3
etag: W/"59a414d780c1fca95191ff5c691165d4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
x-amz-cf-id: nTzGHNleYkihiRnDua6QEVtMiZXDrngVTQypoCvWYaXJgwxrNkv43A==

GET
H2 200 in-app.js Show response
assets.customer.io/assets/ 3 KB
1 KB 39ms
39ms Script
application/javascript 2600:9000:20b4:ca00:11:9cfd:9400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.customer.io/assets/in-app.js
Requested by: Host: assets.customer.io
URL: https://assets.customer.io/assets/track.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:ca00:11:9cfd:9400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cb8289d5afe2b48cd35494562ea25ab868a517da5a05e7f272e4a59bca56c6eb

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: z8zBcp.TxQ1avpTeVvTRh3ayyF7CTfY3
content-encoding: br
via: 1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
date: Tue, 11 Jun 2024 04:32:24 GMT
last-modified: Mon, 15 Apr 2024 20:40:43 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 69134
x-amz-server-side-encryption: AES256
etag: W/"2419fbd26ba76588bf89bc14c5a941d0"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 55KaQQnD9Pnu4zKPVj0LbO4y1RhZV48WfHbq_1rnRZ5SCtdedOLkUw==

GET
H2 200 logo_hp_35.png
dashboard.staging.hit-pay.com/images/ 3 KB
3 KB 3852ms
3711ms Other
image/png 2606:4700:10::ac43:2bb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.staging.hit-pay.com/images/logo_hp_35.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2bb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb2e60d0b97ccf5d0f97c3d7d19b40d388c54deed936a5941e727ec5aa04c7f5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:29 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 11 Jun 2024 17:18:58 GMT
server: cloudflare
etag: "66688702-b0f"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8925781f79b3bbf7-FRA
content-length: 2831

GET
H2 200 page.gif
track.customer.io/events/ 35 B
265 B 288ms
151ms Image
image/gif 35.227.225.220
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.customer.io/events/page.gif?name=https%3A%2F%2Fdashboard.hit-pay.com%2Flogin&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&c=&s=f4a1cfd6-e43e-7f2d-0146-6757eafca9be&site_id=64d0639af1143ab09739&timestamp=1718149467928
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.225.220 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 220.225.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:28 GMT
via: 1.1 google
content-type: image/gif
access-control-allow-origin: *
status: 200 OK
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding: binary
cross-origin-resource-policy: cross-origin
content-disposition: attachment
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35

GET
H2

200

gist.min.js Show response
code.gist.build/web/3.10.2/
Redirect Chain

https://code.gist.build/web/latest/gist.min.js
https://code.gist.build/web/3.10.2/gist.min.js

42 KB
14 KB

48ms
48ms

Script
application/javascript

2606:4700:20::681a:a92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://code.gist.build/web/3.10.2/gist.min.js

Protocol

Server

2606:4700:20::681a:a92 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9339332eb85f421ff0b2166e4935ebbcfe0da932aff4685ee85735dddc192cb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://dashboard.hit-pay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Tue, 11 Jun 2024 23:44:28 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: tx000004099933fc2bf57b6-00663b56c4-445f9411-ams3b
age: 1266
x-envoy-upstream-healthchecked-cluster
last-modified: Wed, 08 May 2024 10:38:06 GMT
server: cloudflare
etag: W/"ff7b540040c15a491538b382d0df7309"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6EddQTwq%2FIgX6SIfTVdG491AZwwwuk1j916DpyoQg%2Bgy9Krk1pifl0%2FqplGHqa%2FXv9Bkw2YiBh7Se0b9KryXuBBiLh7NB6mUc92AghZMtK7N15s%2BrYi6njAos5o1hApAFJ09UNM5vhAe8qumHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-do-cdn-uuid: 03b5fb56-b915-4b88-b380-33c921f54627
x-rgw-object-type: Normal
cache-control: max-age=14400
cf-ray: 8925781fb8c335e2-FRA

Redirect headers

date: Tue, 11 Jun 2024 23:44:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c%2Btn%2F%2Fa22IPJ0NtTgLUbr6ZkCJED7Lkic9cGJjliJM6btJ4eYaHiuT5L%2FfGEe9LyWAlHm01b1yM2gGm5GHnvqgmh%2BNYBBp0S3ICBa%2B9kNajU0yYCHw0V0rP0On2cwjJSXm8i53MZ3ggD7yYcnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://code.gist.build/web/3.10.2/gist.min.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8925781f688735e2-FRA
content-length: 143
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
974 B 192ms
51ms Script
text/javascript 142.250.186.132

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LfIku0gAAAAAC1nv2T-P7CSYAHXbNOXbASbvgK-

Requested by

Host: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/dashboard/assets/useRecaptcha-1d3721d1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.132 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

ce61557735c3b957081c2e7d3b0eedcad8d254132fb01df533bd2efd88f9bbe7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dashboard.hit-pay.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 23:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Tue, 11 Jun 2024 23:44:31 GMT

GET filled-check.svg
dashboard.hit-pay.com/icons/orchidui/ 0
0

GET logo.svg
dashboard.hit-pay.com/icons/orchidui/hitpay/ 0
0

GET hitpay.svg
dashboard.hit-pay.com/icons/orchidui/hitpay/ 0
0

GET eye-open.svg
dashboard.hit-pay.com/icons/orchidui/ 0
0

GET google-colored.svg
dashboard.hit-pay.com/icons/orchidui/ 0
0

GET logo.svg
dashboard.hit-pay.com/icons/orchidui/hitpay/ 0
0

GET hitpay.svg
dashboard.hit-pay.com/icons/orchidui/hitpay/ 0
0

GET question.svg
dashboard.hit-pay.com/icons/orchidui/ 0
0

GET sparkle-2.svg
dashboard.hit-pay.com/icons/orchidui/ 0
0

GET chat-2.svg
dashboard.hit-pay.com/icons/orchidui/ 0
0

GET list-check.svg
dashboard.hit-pay.com/icons/orchidui/ 0
0

GET blur.png
dashboard.hit-pay.com/icons/orchidui/background/ 0
0

GET rating.svg
dashboard.hit-pay.com/icons/orchidui/company-logos/ 0
0

GET trustpilot.svg
dashboard.hit-pay.com/icons/orchidui/company-logos/ 0
0

GET yc.svg
dashboard.hit-pay.com/icons/orchidui/company-logos/ 0
0

GET recaptcha__de.js
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/filled-check.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/hitpay/logo.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/hitpay/hitpay.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/eye-open.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/google-colored.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/hitpay/logo.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/hitpay/hitpay.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/question.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/sparkle-2.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/chat-2.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/list-check.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/background/blur.png

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/company-logos/rating.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/company-logos/trustpilot.svg

Domain: dashboard.hit-pay.com
URL: https://dashboard.hit-pay.com/icons/orchidui/company-logos/yc.svg

Domain: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.hit-pay.com/	1970-01-20 21:15:56	Name: hitpay_session Value: eyJpdiI6Im9lbVI4cmpiRFhRN2p6NjJJVWhXOXc9PSIsInZhbHVlIjoiZVQ3bi84T0lnT0Z0NFZvVDFuaVRLNmsxU0Q1Z1VlTlpYMGpDeVArRjRJZnF2VHRscUVwemRWVzZSYStSRnkwZUN4UzlJZjUrZWNHMGF3K0hsTWh2QTBJRWMzMDV4RjhIR3dGdnhkTGlpdWJPd05vcXVFTDk5UGV5WjdnM204c08iLCJtYWMiOiI0MGE1Mjg3MWYwNjJhZDI2YTRkYjBmNTk3NjQyNWVkZmQ5MGJiYTlmNWI1ZWEzZGRkOTI5NmJkZDNhOGZkYTZiIiwidGFnIjoiIn0%3D
			.hit-pay.com/	1970-01-21 06:01:25	Name: _cioanonid Value: f4a1cfd6-e43e-7f2d-0146-6757eafca9be

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	info	URL: https://dashboard.hit-pay.com/login Message: Autofocus processing was blocked because a document already has a focused element.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' ecwid.com *.ecwid.com;upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.refiner.io
assets.customer.io
canny.io
cdn.jsdelivr.net
cdn.nolt.io
code.gist.build
dashboard.hit-pay.com
dashboard.staging.hit-pay.com
fonts.googleapis.com
fonts.gstatic.com
js.refiner.io
sdk.birdeatsbug.com
track.customer.io
www.google.com
www.gstatic.com
dashboard.hit-pay.com
www.gstatic.com
142.250.186.132
172.67.70.236
2600:9000:20b4:ca00:11:9cfd:9400:93a1
2600:9000:2251:d600:1e:14d2:6dc0:93a1
2600:9000:2251:fc00:1e:14d2:6dc0:93a1
2600:9000:225e:da00:0:1a32:efc0:93a1
2606:4700:10::6816:45d9
2606:4700:10::ac43:2bb9
2606:4700:20::681a:a92
2a00:1450:4001:80b::2003
2a00:1450:4001:81d::200a
2a04:4e42::485
34.120.248.16
35.227.225.220
54.229.134.57
02eb735d3a0c490378fa805db13998d399e64464fed1e04b870ff6889a82471d
0650a3823fdf7038b918079740c45461f1e9f6e27d91b469364502deddd12e88
158ef1e9a140ba9f6ae6210bf93fd76001d66e41fdfc2e3824ff38c6a4f36f56
2fcfdae5440da627328eae9b05b0a54eb0e545892167f7e3c88636037a5c4c79
3a21f9740cbe8c1ac8a23d898d104ada21d2f5e975817127166d423dc358fed8
3d2b5598c75092ca6af588d5f3c01f5d3b0e1b268d6c23b9d6d284a457a5041f
3e8dafd04b520c2a1da47a8fbacde641190bc50660d7b1f4fe4c2c763c33be6c
4a820466138f08f419ef06991898c36f2621653111d8612203267f06897cb895
69f265025a7de353d89b84c705b624f1fe2665cc3bbe6ad8462cf627cbaf92b7
71af7056f34b2a003dbdea1210b0d9452274af024ec7cfefb566f916279d8d84
77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8faaf70b1e58da4d793318fe807eae4f44eff93beb959505b1a0d0c258b9293f
9339332eb85f421ff0b2166e4935ebbcfe0da932aff4685ee85735dddc192cb6
b125c88918b97d812009b7546058b77c6ee22befe5928859029bc24e049d9774
b1bd9ca88a19a09121675788da791f5f1ea1bf3ca5f584d6f804f5c67f60a587
b9a1331e32e0097e3588428b24d82160906d035ae135bfa27f33a09db85b8e58
c32eba273b63b6c7e9b096f5be4d95d93054f2a9477b4a8680222f300733c391
cb8289d5afe2b48cd35494562ea25ab868a517da5a05e7f272e4a59bca56c6eb
cb85b0f263dbe24e857338301c0627076592e9f1f1a5662929f86d2c126444aa
cd55eb3b0b1739e87f6406a77a67767493a67094721f3b77d38e10f222e8d819
ce61557735c3b957081c2e7d3b0eedcad8d254132fb01df533bd2efd88f9bbe7
e9a4bf82c214c04e00460ebac02596a2a0d2703fe7a50927c5f6bf134f9f7474
f046254fe30264c2e137ae9fd1b0bb8fb1029194d56badfc8f8c90958ac877b4
fb2e60d0b97ccf5d0f97c3d7d19b40d388c54deed936a5941e727ec5aa04c7f5
fba11e290376d473fb4ff93af7664523c769bc7f4f186b4269bf382ecb3da717

dashboard.hit-pay.com Open in urlscan Pro 2606:4700:10::6816:45d9 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

45 Requests

62 %HTTPS

67 %IPv6

11 Domains

15 Subdomains

16 IPs

3 Countries

810 kBTransfer

2615 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

45 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

dashboard.hit-pay.com Open in urlscan Pro
2606:4700:10::6816:45d9 Public Scan

Screenshot
Live screenshot

Full Image

45
Requests

62 %
HTTPS

67 %
IPv6

11
Domains

15
Subdomains

16
IPs

3
Countries

810 kB
Transfer

2615 kB
Size

2
Cookies

45 HTTP transactions
0 data transactions