handpay.me Open in urlscan Pro
2600:9000:2132:6400:1e:e98:8a40:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response handpay.me/	3 KB 2 KB	366ms 120ms	Document text/html	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bfd42250796bbed7e7add2c433ab957ddc2e1fa51b3225e32eeae7f833b89acf Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers :method GET :authority handpay.me :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-type text/html date Fri, 01 Jan 2021 00:08:45 GMT last-modified Sun, 28 Jul 2019 05:22:35 GMT etag W/"0310d72e8e2f208dfda5762c409cd274" server AmazonS3 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' referrer-policy same-origin strict-transport-security max-age=15768000; includeSubDomains; preload x-content-type-options nosniff x-frame-options DENY x-xss-protection 1; mode=block content-encoding gzip vary Accept-Encoding x-cache Hit from cloudfront via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-C1 x-amz-cf-id p8bU1UsWvLX8Jr6DRhxp0OzMlmtk1sqcyzIXEee0lFtGZ9U4R1uhSA== age 77201
GET H2	200	progress-bundle.js Show response handpay.me/scripts/	12 KB 5 KB	126ms 125ms	Script application/javascript	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handpay.me/scripts/progress-bundle.js Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5c17f5e13619a1eb6666f63ecf561c93f18f3573d417b688ac8ec2f31af7b414 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' content-encoding gzip vary Accept-Encoding age 2157 x-cache Hit from cloudfront date Fri, 01 Jan 2021 20:59:29 GMT x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sat, 21 Mar 2020 09:53:54 GMT server AmazonS3 x-frame-options DENY etag "31e0bfb64d9d5d9cfc3e199dd340f92f" strict-transport-security max-age=15768000; includeSubDomains; preload content-type application/javascript via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-C1 x-amz-cf-id VpY4H67XQcvcalQQc-yZARespevQkpbVvD1sG24z0eZNoxSlWCYGrg== x-content-type-options nosniff
GET H2	200	vendor-bundle.js Show response handpay.me/scripts/	492 KB 130 KB	158ms 158ms	Script application/javascript	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handpay.me/scripts/vendor-bundle.js Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79b4e61f053e0fdbb9c0b4ab98f4a8b83105c9cbd67d9d5840cee4f3840b1843 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' content-encoding gzip vary Accept-Encoding age 2157 x-cache Hit from cloudfront date Fri, 01 Jan 2021 20:59:29 GMT x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sat, 21 Mar 2020 09:53:54 GMT server AmazonS3 x-frame-options DENY etag W/"ef1f1212136e531ea4a6f1d531a98a55" strict-transport-security max-age=15768000; includeSubDomains; preload content-type application/javascript via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-C1 x-amz-cf-id K1YaXnwYLd-wsiK-PE2eoqkHQzSWEIdVOsFAKbXhvIxporYdGfvRSA== x-content-type-options nosniff
GET H2	200	dollars-black.png handpay.me/images/	7 KB 8 KB	281ms 281ms	Image image/png	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/dollars-black.png Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash fb03064e49a18ddffec5dddaf0bb58cdb39ddebe39c6d4e03c2f1d64bee695d2 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 00:08:46 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff age 77200 x-cache Hit from cloudfront content-length 7026 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Jul 2019 05:10:34 GMT server AmazonS3 x-frame-options DENY etag "c954eca1717826595d19d24fb21da73f" strict-transport-security max-age=15768000; includeSubDomains; preload content-type image/png cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 accept-ranges bytes x-amz-cf-id hAGMcZkD326k1OHtO08B7a9haoWzc-oNxZmMR9zDLHrmdbP8zvDkMQ==
GET H2	200	app-bundle.js Show response handpay.me/scripts/	96 KB 25 KB	129ms 129ms	Script application/javascript	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handpay.me/scripts/app-bundle.js Requested by Host: handpay.me URL: https://handpay.me/scripts/vendor-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8cd833ea3f21fc20c7cf3f49817ba3cb8121c8806ae92d43a390f99f9fdbfc70 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 20:59:30 GMT content-encoding gzip x-content-type-options nosniff age 2158 x-cache Hit from cloudfront strict-transport-security max-age=15768000; includeSubDomains; preload x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sat, 21 Mar 2020 09:53:54 GMT server AmazonS3 x-frame-options DENY etag W/"a3abc56a51956862d09cb18a74c1fc7e" vary Accept-Encoding content-type application/javascript via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 x-amz-cf-id HDmqo9A8b9tA0S4ipng-ftv9hfpBpXVoB1ULOmIHzfVCCc4p3BCHlQ==
GET H2	200	config.json Show response handpay.me/config/	307 KB 231 KB	133ms 133ms	XHR application/json	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handpay.me/config/config.json Requested by Host: handpay.me URL: https://handpay.me/scripts/vendor-bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 662e0bc9934d5f9beb704407ecea063edc4d8b86d83579c2ed2dca03f606a9dc Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' content-encoding gzip vary Accept-Encoding age 2157 x-cache Hit from cloudfront date Fri, 01 Jan 2021 20:59:31 GMT x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sat, 30 Nov 2019 23:50:13 GMT server AmazonS3 x-frame-options DENY etag W/"777c172192e1d23ddc306c015160376d" strict-transport-security max-age=15768000; includeSubDomains; preload content-type application/json via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-amz-cf-pop YTO50-C1 x-amz-cf-id 7ifeWOwb3ew9r5F9yRrizVsEu5kmra4z1X2-9RR1VwPG9B8nIJwerw== x-content-type-options nosniff
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 6293 date Fri, 01 Jan 2021 19:50:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Fri, 01 Jan 2021 21:50:34 GMT
GET H2	200	dollars-white.png handpay.me/images/	8 KB 9 KB	122ms 121ms	Image image/png	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/dollars-white.png Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ed268fd2055113385f3608105971e02e0d0c1865ff890c6718b19effaea4b579 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 00:08:47 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff age 77200 x-cache Hit from cloudfront content-length 7871 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Jul 2019 05:10:34 GMT server AmazonS3 x-frame-options DENY etag "032744be6fe91a4490d3b4bff23e759a" strict-transport-security max-age=15768000; includeSubDomains; preload content-type image/png cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 accept-ranges bytes x-amz-cf-id ABpP3qsYhW_lELr9SWgnHFvqVHqMp0WxPPOzfUetwJyX0ORUOdro0w==
POST		collect www.google-analytics.com/j/	0 0
GET H2	200	HandPayMe-title.png handpay.me/images/	23 KB 24 KB	124ms 124ms	Image image/png	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/HandPayMe-title.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e95befdcfb7a4a31c62cf3e185d1130b196ef508094df2e18c531e14159659b8 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 00:08:48 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff age 77200 x-cache Hit from cloudfront content-length 23237 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 03 Nov 2019 08:24:07 GMT server AmazonS3 x-frame-options DENY etag "b3d3a0fcf6a8ae00ea849b8cd0560665" strict-transport-security max-age=15768000; includeSubDomains; preload content-type image/png cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 accept-ranges bytes x-amz-cf-id qtYAYqjp1Yp0VXlzzaAF-mMsCox6wIY9H3BKQ222usxa8-g8TqUuuQ==
GET DATA	200 OK	truncated /	78 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash aa18292c7d2448443f5d792d161e853f5a1af4b4ae083da4ea5dbe3cba322ca9 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	40 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0e89bd9ada43a5d6eb7cc3662a25cd1b052b8d8c978ca866ff02253617bcd365 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	34 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f77cfe261ebb591d92e8972e977ea02e9bc79f59289c41c074fc0ecd1acf4207 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	41 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 54886a40c3f992d4e5a559527587c403ac8c1755e55d1a8c6387ba9a5391cef6 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	35 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 36c21780ceb743c8c79624fcbdc36ec3a6d5a993b4c120965925bd443ece09de Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/png
GET H2	200	x.svg handpay.me/images/	234 B 1 KB	121ms 120ms	Image image/svg+xml	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/x.svg Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c710e9512f5efdb94954654e1208aaf8c735c2ba5771acd36bbd8b60f40aa9d0 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 31 Dec 2020 05:28:17 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff age 144431 x-cache Hit from cloudfront content-length 234 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Fri, 05 Jul 2019 06:57:46 GMT server AmazonS3 x-frame-options DENY etag "1e71b4dc4a1d07a503d5093ff14faf21" strict-transport-security max-age=15768000; includeSubDomains; preload content-type image/svg+xml cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 accept-ranges bytes x-amz-cf-id 9txBJRVUz2fsX3XUkjYAohvSNNiCr7iHTXhPsApD0RXM1GS8zGQOwg==
GET H2	200	pointing-right.png handpay.me/images/	424 B 1 KB	123ms 123ms	Image image/png	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/pointing-right.png Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5d35e1967b77611cb7de079064c594c07036620faca809ad3c40884e077fd3f5 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 00:08:48 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff age 77200 x-cache Hit from cloudfront content-length 424 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Jul 2019 05:10:34 GMT server AmazonS3 x-frame-options DENY etag "0584999b2442fc2e71e7000c51f32a64" strict-transport-security max-age=15768000; includeSubDomains; preload content-type image/png cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 accept-ranges bytes x-amz-cf-id THbgkvqk1M1XCwGfWbu_3YxtX3GK1ncsYjeNib5UN4nWO-VfFcw2cw==
GET H2	200	pointing-left.png handpay.me/images/	418 B 1 KB	121ms 121ms	Image image/png	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/pointing-left.png Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 17c5120a6808ed6150d3978c7a0ee926f08399be2f21d644e33e6aaf499d42b5 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 00:08:48 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff age 77200 x-cache Hit from cloudfront content-length 418 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Jul 2019 05:10:34 GMT server AmazonS3 x-frame-options DENY etag "8f6b63bc5a80597aad620a8e33d4268d" strict-transport-security max-age=15768000; includeSubDomains; preload content-type image/png cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 accept-ranges bytes x-amz-cf-id kSc9jjsDCJuULVSmxLomBqCuUTPsxh5kw0J_-8mIDFWxYi-gLkD8lQ==
GET H2	200	Roboto-Regular-webfont.woff2 handpay.me/fonts/	63 KB 64 KB	668ms 668ms	Font binary/octet-stream	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://handpay.me/fonts/Roboto-Regular-webfont.woff2 Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash dd22dfffdda805545fee7ec5f161a59cd7580a85d66a54d60c703f81f1c3942e Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Origin https://handpay.me Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 21:35:28 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-cf-pop YTO50-C1 x-cache Miss from cloudfront content-length 64600 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Wed, 03 Jul 2019 22:04:05 GMT server AmazonS3 x-frame-options DENY etag "e6f644805f1eec19db2518af9d5092af" strict-transport-security max-age=15768000; includeSubDomains; preload content-type binary/octet-stream cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' accept-ranges bytes x-amz-cf-id 01LwrKjtlrD6TC6zLDf3QpM6OQIzILCoL7XVd1fzyGK5hI1O71mKyA==
GET H2	200	folded-corner.png handpay.me/images/	6 KB 7 KB	122ms 121ms	Image image/png	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/folded-corner.png Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9264b8eb4210ae9a6bc30201a8c21a2fd4ab407e97f89e7f7a5867ba5ee5a809 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 00:08:48 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff age 77200 x-cache Hit from cloudfront content-length 6328 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Jul 2019 05:10:34 GMT server AmazonS3 x-frame-options DENY etag "0aa42857f630ed28c81c9910f42ce48b" strict-transport-security max-age=15768000; includeSubDomains; preload content-type image/png cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 accept-ranges bytes x-amz-cf-id dhrCLvuhn_1zH01cTd7MDHXzoY3AAuzRpJ_xC0PcvMZ8zCmyJ7tykg==
GET H2	200	Nuxy-logo.svg handpay.me/images/	7 KB 4 KB	123ms 122ms	Image image/svg+xml	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/Nuxy-logo.svg Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f63d091e7151c439a86c14badd8fde1667bb0bf0a4e9bbe394982cf6c54af088 Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 31 Dec 2020 05:28:17 GMT content-encoding gzip x-content-type-options nosniff age 144431 x-cache Hit from cloudfront strict-transport-security max-age=15768000; includeSubDomains; preload x-xss-protection 1; mode=block referrer-policy same-origin last-modified Sun, 14 Jul 2019 07:25:29 GMT server AmazonS3 x-frame-options DENY etag W/"3d53d686ca7a31c1c55c7fe0d2494b29" vary Accept-Encoding content-type image/svg+xml via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 x-amz-cf-id JkD9ZzIjYAoXKIG-y-gajNG578YLhya3tGRSx-1d_g5s-Qd2NJic7A==
GET H2	200	money.png handpay.me/images/	306 KB 308 KB	126ms 125ms	Image image/png	2600:9000:2132:6400:1e:e98:8a40:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://handpay.me/images/money.png Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8c5ba06eb607af43deaba695d8d5cf662b61cecc5ef15e3f208ccda9c86df32f Security Headers Name Value Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' Strict-Transport-Security max-age=15768000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 1; mode=block Request headers Referer https://handpay.me/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 00:08:48 GMT via 1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront) x-content-type-options nosniff age 77200 x-cache Hit from cloudfront content-length 313712 x-xss-protection 1; mode=block referrer-policy same-origin last-modified Thu, 04 Jul 2019 05:10:34 GMT server AmazonS3 x-frame-options DENY etag "5b44209b71f588effd0740b5a0db46c7" strict-transport-security max-age=15768000; includeSubDomains; preload content-type image/png cache-control max-age=31557600 content-security-policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline' x-amz-cf-pop YTO50-C1 accept-ranges bytes x-amz-cf-id b_08ca-OcEqxVqVYpTiGQLmkY8OrlOB1MH2-aLs1uyJLX4Bificq3g==
GET H2	200	nbzi8t4h7ypz.js Show response js.driftt.com/include/1609537200000/	138 KB 45 KB	376ms 219ms	Script application/javascript	13.224.93.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/include/1609537200000/nbzi8t4h7ypz.js Requested by Host: handpay.me URL: https://handpay.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.93.76 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-93-76.zrh50.r.cloudfront.net Software nginx / Resource Hash 3c028e9666117b356459012caad6c5b5d20a8227b95b01a899e48ebe7f27b94d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 01 Jan 2021 21:35:28 GMT content-encoding gzip x-amz-cf-pop ZRH50-C1 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront strict-transport-security max-age=31536000; includeSubDomains access-control-allow-origin * last-modified Mon, 21 Dec 2020 20:19:33 GMT server nginx etag W/"4d7b506764645b403852bae487758a92" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=utf-8 via 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront) cache-control max-age=10 access-control-allow-credentials true access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type x-amz-cf-id QqJm_zPLtZ2z6EBC2UQpiDF5ILQEdQ4cuYFOIV8vuAQZqpTJnCjvLg==
GET H2	200	index.html js.driftt.com/deploy/assets/ Frame 6D07	0 0	82ms 82ms	Document text/html	13.224.93.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.driftt.com/deploy/assets/index.html Requested by Host: js.driftt.com URL: https://js.driftt.com/include/1609537200000/nbzi8t4h7ypz.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.224.93.76 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-224-93-76.zrh50.r.cloudfront.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers :method GET :authority js.driftt.com :scheme https :path /deploy/assets/index.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-type text/html; charset=utf-8 content-length 894 server nginx last-modified Mon, 21 Dec 2020 20:19:33 GMT x-amz-server-side-encryption AES256 accept-ranges bytes access-control-allow-origin * access-control-allow-credentials true access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type strict-transport-security max-age=31536000; includeSubDomains date Fri, 01 Jan 2021 21:35:29 GMT cache-control max-age=10 etag "e550e67e741cdc9d863ebf4ab2b74d31" x-cache Hit from cloudfront via 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront) x-amz-cf-pop ZRH50-C1 x-amz-cf-id Vgo5U3L_3eQyYMaB6ZMny3_xS9pqXeM6cxU5Je1E3xlY4-CUt7abFg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google-analytics.com

URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=0&a=181974505&t=pageview&_s=1&dl=https%3A%2F%2Fhandpay.me%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Products%20made%20for%20gamblers%2C%20by%20gamblers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=181319246&gjid=1053208701&cid=1462519944.1609536927&tid=UA-141378663-1&_gid=694661386.1609536927&_r=1&_slc=1&z=1118190081

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Pace number| timer function| requirejs function| require function| define function| _aureliaConfigureModuleLoader function| P string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| flipping function| drift function| driftt object| __core-js_shared__ object| platform boolean| __DRIFTT_WIDGET_INCLUDED__ string| __DRIFT_INSTANCE_ID__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

handpay.me
js.driftt.com
www.google-analytics.com
www.google-analytics.com
13.224.93.76
2600:9000:2132:6400:1e:e98:8a40:93a1
2a00:1450:4001:820::200e
0e89bd9ada43a5d6eb7cc3662a25cd1b052b8d8c978ca866ff02253617bcd365
17c5120a6808ed6150d3978c7a0ee926f08399be2f21d644e33e6aaf499d42b5
36c21780ceb743c8c79624fcbdc36ec3a6d5a993b4c120965925bd443ece09de
3c028e9666117b356459012caad6c5b5d20a8227b95b01a899e48ebe7f27b94d
54886a40c3f992d4e5a559527587c403ac8c1755e55d1a8c6387ba9a5391cef6
5c17f5e13619a1eb6666f63ecf561c93f18f3573d417b688ac8ec2f31af7b414
5d35e1967b77611cb7de079064c594c07036620faca809ad3c40884e077fd3f5
662e0bc9934d5f9beb704407ecea063edc4d8b86d83579c2ed2dca03f606a9dc
79b4e61f053e0fdbb9c0b4ab98f4a8b83105c9cbd67d9d5840cee4f3840b1843
8c5ba06eb607af43deaba695d8d5cf662b61cecc5ef15e3f208ccda9c86df32f
8cd833ea3f21fc20c7cf3f49817ba3cb8121c8806ae92d43a390f99f9fdbfc70
9264b8eb4210ae9a6bc30201a8c21a2fd4ab407e97f89e7f7a5867ba5ee5a809
aa18292c7d2448443f5d792d161e853f5a1af4b4ae083da4ea5dbe3cba322ca9
bfd42250796bbed7e7add2c433ab957ddc2e1fa51b3225e32eeae7f833b89acf
c710e9512f5efdb94954654e1208aaf8c735c2ba5771acd36bbd8b60f40aa9d0
dd22dfffdda805545fee7ec5f161a59cd7580a85d66a54d60c703f81f1c3942e
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e95befdcfb7a4a31c62cf3e185d1130b196ef508094df2e18c531e14159659b8
ed268fd2055113385f3608105971e02e0d0c1865ff890c6718b19effaea4b579
f63d091e7151c439a86c14badd8fde1667bb0bf0a4e9bbe394982cf6c54af088
f77cfe261ebb591d92e8972e977ea02e9bc79f59289c41c074fc0ecd1acf4207
fb03064e49a18ddffec5dddaf0bb58cdb39ddebe39c6d4e03c2f1d64bee695d2