paymembership.hitori-x.online Open in urlscan Pro
172.67.158.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paymembership.hitori-x.online/
Submission: On June 20 via api (June 20th 2024, 8:13:40 pm UTC) from US — Scanned from DE

Summary HTTP 14 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 14 HTTP transactions. The main IP is 172.67.158.200, located in United States and belongs to CLOUDFLARENET, US. The main domain is paymembership.hitori-x.online.
TLS certificate: Issued by E1 on May 1st 2024. Valid for: 3 months.

This is the only time paymembership.hitori-x.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
9	172.67.158.200 172.67.158.200		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.69.29 172.67.69.29		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a		15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003		15169 (GOOGLE) (GOOGLE)
14	4

9 172.67.158.200 (United States)

ASN13335 (CLOUDFLARENET, US)

paymembership.hitori-x.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.69.29 (United States)

ASN13335 (CLOUDFLARENET, US)

code.ionicframework.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	hitori-x.online paymembership.hitori-x.online	250 KB
3	gstatic.com fonts.gstatic.com	44 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
1	ionicframework.com code.ionicframework.com — Cisco Umbrella Rank: 21112	9 KB
14	4

	Domain	Requested by
9	paymembership.hitori-x.online	paymembership.hitori-x.online
3	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	paymembership.hitori-x.online
1	code.ionicframework.com	paymembership.hitori-x.online
14	4

This site contains no links.

Subject Issuer	Validity	Valid
hitori-x.online E1	`2024-05-01` - `2024-07-30`	3 months	crt.sh
ionicframework.com E1	`2024-04-29` - `2024-07-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paymembership.hitori-x.online/
Frame ID: ABB4BD86BF4E45438025BCF1E63F67D2
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

14
Requests

100 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

304 kB
Transfer

1116 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
paymembership.hitori-x.online/ 3 KB
2 KB 1229ms
1153ms Document
text/html 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1758053bd96d38ab791a9abf0129de05d70822d6dca325f48d72959daf26cc72

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 896e6b69df5a9b49-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Thu, 20 Jun 2024 20:13:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gF53zSAUXUYyQZ1aFNlw4trnVFzbiLFvEn%2FRi%2BMHn3EaLtdiETVaHOjwqGjQ%2F8NhlZYblGIVb3yJt06T%2FAYtzr6QJUlgfryM9zQEe7BqieTZmqWLcBqcihbbUfLwBSRc7%2BIhnjdzpSeWaCMOPET7VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 all.min.css
paymembership.hitori-x.online/plugins/fontawesome-free/css/ 57 KB
14 KB 1495ms
1492ms Stylesheet
text/css 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/plugins/fontawesome-free/css/all.min.css
Requested by: Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 20:13:30 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 23:45:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66736d93-e4d2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9umiKL8qS%2FhKAvx16KkLqVADS%2FJA6lDjTD05VNcL9f5QFnm62Ba53zYnY%2BMgETPB%2BQmRG%2BC1OoCdIvWqne4B8lAMKT5E6jPooNCIw41N9s4vZjPUu8bWMfnVdWnjH3j%2F6ZHwvty6Q3Aj3%2FLwL14r4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 896e6b7178669b49-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ionicons.min.css
code.ionicframework.com/ionicons/2.0.1/css/ 50 KB
9 KB 138ms
55ms Stylesheet
text/css 172.67.69.29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
Requested by: Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.69.29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fastly-request-id: 58d82121f2d0473fa827ea82dac3349c489216e5
date: Thu, 20 Jun 2024 20:13:29 GMT
content-encoding: gzip
via: 1.1 varnish
expires: Wed, 29 May 2024 05:44:18 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7127
x-cache: HIT
x-proxy-cache: MISS
alt-svc: h3=":443"; ma=86400
content-length: 8313
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Thu, 13 Apr 2023 16:20:19 GMT
server: cloudflare
x-github-request-id: 6AD9:31254E:3759A3A:3912736:6656BE5A
x-timer: S1718907282.324292,VS0,VE0
etag: W/"64382bc3-c854"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wt6q587reNpihYgH6AXwh89FJ9i%2B9qUPRKuuQX6rIXWsmOB1hlvSNgd4ZoGslt31%2BPST1hSXwnzz5eoAdG29KJ5p6g4Xi%2FLHEOZ4NXP20GgFBtRyMvV8jSTx%2FJP4XFpJxQB0KDLXykzV"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 896e6b71f9d2194d-FRA
x-cache-hits: 2

GET
H3 200 icheck-bootstrap.min.css
paymembership.hitori-x.online/plugins/icheck-bootstrap/ 12 KB
2 KB 1112ms
1109ms Stylesheet
text/css 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/plugins/icheck-bootstrap/icheck-bootstrap.min.css
Requested by: Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f1c6f368fef383f3c0107eb1a1f3c0fbe308187b1e3b93dfac6b76d69827a52

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 20:13:30 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 23:45:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66736d9c-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lh%2B0d4Z603w0qHK3mbrSrLXmhVByd3pSJZCK8%2BKV8R1LvN8M376%2FZ5dhxn5MFpxogr8vq6Bs9uYMmQVHuZ4V6MSRPwljfTet9fPM19XhS4PHu5NAxLeZ8SX6CDpWa2npYpVmm2Kg48YyEstigzin%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 896e6b71786a9b49-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 adminlte.min.css
paymembership.hitori-x.online/dist/css/ 674 KB
87 KB 6679ms
6676ms Stylesheet
text/css 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/dist/css/adminlte.min.css
Requested by: Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84c213974de42584cc8f32e80311e85b304838417ca362ca0dc3dda93c84474f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 20:13:35 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 23:44:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66736d61-a860a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gOI0LjQr6%2FY4YY1a0CvPtZYltCaBPoIRxQitWM4DdF5wBg9CCqjvXEuZzptfro9bO5%2B1qP55eKpSSExewSwcTT%2FDm6wLdefcYDvWgb%2BueCnRk3GnxV3zKFpfgYpf4fGTuiaS%2BBv3I5%2FdhQuUwMcBYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 896e6b71786b9b49-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 133ms
40ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

Requested by

Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69a9c4e5382e726953388c127e20fb512082e22535e8c23a743642b4f8ffbdc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Jun 2024 20:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Jun 2024 20:03:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Jun 2024 20:13:29 GMT

GET
H3 200 jquery.min.js Show response
paymembership.hitori-x.online/plugins/jquery/ 86 KB
34 KB 1523ms
1521ms Script
application/javascript 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/plugins/jquery/jquery.min.js
Requested by: Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 20:13:30 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 23:45:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66736d9e-15851"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwPdJMsWzMlVus6NmwsrzJKH%2BATLbaTpxtkCBtQt396Yf2B9nD5PP0DNlo2P0dS7K2WbLJruskUUQElkHup8K7c8g7Xja04eTRWWXfwTxEDTc0UTiQKZbA8MmceQuokoe0hdtbyp0kPRMQ5j0b7TvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 896e6b7188719b49-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap.bundle.min.js Show response
paymembership.hitori-x.online/plugins/bootstrap/js/ 79 KB
25 KB 1524ms
1522ms Script
application/javascript 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/plugins/bootstrap/js/bootstrap.bundle.min.js
Requested by: Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 20:13:30 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 23:44:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66736d75-13b3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8KEQoOt0a8S9VmXUGAepFEA6p%2FzrlB9SXat%2Fo4eeKjCNEWlSrjtTpxIOKFMjuhRTW07uwRF%2Fb%2B3OH58Lo37MVB28O9yTbPvMYSZKy4oTfkTLs0l70utAc2rTJj9zzNS5AD9s7ZughAO8%2FHyA9LQLhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 896e6b7188729b49-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 adminlte.min.js Show response
paymembership.hitori-x.online/dist/js/ 25 KB
7 KB 1181ms
1179ms Script
application/javascript 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/dist/js/adminlte.min.js
Requested by: Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa012f41958faaa0f5279b82a0f02c399ee4ccf99c1694b5007214ee6a307001

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 20:13:30 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 23:44:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66736d6c-6269"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTVdF%2FaBSb8ZhTJWNDtKS3aS16kW6k8p5aoT5bXMjRYK5MgXuG%2BzpWhHthQZ%2BkUOgVaVROrBaz0UFF6qUkhuMG0AS91XT5ujv89S0vL4Xo8nQByqc3c%2BlOuYdzIOeQrgPhOH2fk%2FPkfhD2PcEhqgEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 896e6b7188749b49-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 116ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://paymembership.hitori-x.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:47:38 GMT
x-content-type-options: nosniff
age: 192358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:47:38 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 139ms
62ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://paymembership.hitori-x.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:59:12 GMT
x-content-type-options: nosniff
age: 191664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14780
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:59:12 GMT

GET
H3 200 fa-solid-900.woff2
paymembership.hitori-x.online/plugins/fontawesome-free/webfonts/ 78 KB
78 KB 1805ms
1804ms Font
font/woff2 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/plugins/fontawesome-free/webfonts/fa-solid-900.woff2
Requested by: Host: paymembership.hitori-x.online
URL: https://paymembership.hitori-x.online/plugins/fontawesome-free/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/plugins/fontawesome-free/css/all.min.css
Origin: https://paymembership.hitori-x.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 20:13:37 GMT
cf-cache-status: MISS
last-modified: Wed, 19 Jun 2024 23:45:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66736d9c-13654"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BiVPdUjK1NQNzRzP5d6n96eVkfDubCImlqi3DMs1QPI7gk2SUp%2BltXOfwKRWVBXKlrJKX1HI8Z6Rwj6bO9CAzwrMoIEUj9I7lC1%2BDSyrFvf1Z7g9tb%2FRXKpLs%2FVKEIXDi%2BuEMSiOz1vKxjFyVXaILQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 896e6b9becc39b49-FRA
alt-svc: h3=":443"; ma=86400
content-length: 79444

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 106ms
30ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,400i,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: https://paymembership.hitori-x.online
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 14:53:44 GMT
x-content-type-options: nosniff
age: 191992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Jun 2025 14:53:44 GMT

GET
H3 404 favicon.ico
paymembership.hitori-x.online/ 808 B
936 B 1199ms
1199ms Other
text/html 172.67.158.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paymembership.hitori-x.online/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.158.200 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://paymembership.hitori-x.online/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 20 Jun 2024 20:13:39 GMT
content-encoding: zstd
cf-cache-status: MISS
last-modified: Fri, 29 Sep 2023 14:37:33 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRCEUALYWwtASwlOjL9chxG7tMcoYBztQSUKlfw8WEaPWRLHZ604acvalnu9OMJDc3vrUbuGQZqEz%2FHwGiV9R9uyY%2FgHQQWKZ3gE3abnEDZmMvawBQkOiaoJf5C7a2WCAfDZ0M8tbb84wMsViHK%2FJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 896e6ba79a2a9b49-FRA
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery object| bootstrap object| adminlte

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			paymembership.hitori-x.online/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5fr04npovf5bum860pplhkmk1n

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://paymembership.hitori-x.online/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://paymembership.hitori-x.online/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.ionicframework.com
fonts.googleapis.com
fonts.gstatic.com
paymembership.hitori-x.online
172.67.158.200
172.67.69.29
2a00:1450:4001:812::200a
2a00:1450:4001:829::2003
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
1758053bd96d38ab791a9abf0129de05d70822d6dca325f48d72959daf26cc72
394156ee114ed3faf968419340ecfd17f69740eb7e4f0a88d59e1f6d5bf0c34e
69a9c4e5382e726953388c127e20fb512082e22535e8c23a743642b4f8ffbdc1
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7f1c6f368fef383f3c0107eb1a1f3c0fbe308187b1e3b93dfac6b76d69827a52
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
84c213974de42584cc8f32e80311e85b304838417ca362ca0dc3dda93c84474f
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286
aa012f41958faaa0f5279b82a0f02c399ee4ccf99c1694b5007214ee6a307001
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8