URL: https://handpay.me/
Submission: On January 01 via automatic, source certstream-suspicious

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 19 HTTP transactions. The main IP is 2600:9000:2132:6400:1e:e98:8a40:93a1, located in United States and belongs to AMAZON-02, US. The main domain is handpay.me.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on May 17th 2020. Valid for: a year.
This is the only time handpay.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 2600:9000:213... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.224.93.76 16509 (AMAZON-02)
19 4
Apex Domain
Subdomains
Transfer
15 handpay.me
handpay.me
819 KB
2 driftt.com
js.driftt.com
45 KB
1 google-analytics.com
www.google-analytics.com
18 KB
19 3
Domain Requested by
15 handpay.me handpay.me
2 js.driftt.com handpay.me
js.driftt.com
1 www.google-analytics.com handpay.me
www.google-analytics.com
19 3

This site contains no links.

Subject Issuer Validity Valid
nuxy.co
Sectigo RSA Organization Validation Secure Server CA
2020-05-17 -
2021-05-17
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
drift.com
Amazon
2020-09-21 -
2021-10-23
a year crt.sh

This page contains 2 frames:

Primary Page: https://handpay.me/
Frame ID: A041AD40E932987DB42B56F63FE20A1A
Requests: 23 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 6D076E6F0EEE28DEF77B911C4F05CA7E
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
  • headers server /^AmazonS3$/i

Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i

Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

19
Requests

95 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

883 kB
Transfer

1740 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
handpay.me/
3 KB
2 KB
Document
General
Full URL
https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfd42250796bbed7e7add2c433ab957ddc2e1fa51b3225e32eeae7f833b89acf
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
handpay.me
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html
date
Fri, 01 Jan 2021 00:08:45 GMT
last-modified
Sun, 28 Jul 2019 05:22:35 GMT
etag
W/"0310d72e8e2f208dfda5762c409cd274"
server
AmazonS3
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
referrer-policy
same-origin
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C1
x-amz-cf-id
p8bU1UsWvLX8Jr6DRhxp0OzMlmtk1sqcyzIXEee0lFtGZ9U4R1uhSA==
age
77201
progress-bundle.js
handpay.me/scripts/
12 KB
5 KB
Script
General
Full URL
https://handpay.me/scripts/progress-bundle.js
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c17f5e13619a1eb6666f63ecf561c93f18f3573d417b688ac8ec2f31af7b414
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
content-encoding
gzip
vary
Accept-Encoding
age
2157
x-cache
Hit from cloudfront
date
Fri, 01 Jan 2021 20:59:29 GMT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 21 Mar 2020 09:53:54 GMT
server
AmazonS3
x-frame-options
DENY
etag
"31e0bfb64d9d5d9cfc3e199dd340f92f"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
application/javascript
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C1
x-amz-cf-id
VpY4H67XQcvcalQQc-yZARespevQkpbVvD1sG24z0eZNoxSlWCYGrg==
x-content-type-options
nosniff
vendor-bundle.js
handpay.me/scripts/
492 KB
130 KB
Script
General
Full URL
https://handpay.me/scripts/vendor-bundle.js
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
79b4e61f053e0fdbb9c0b4ab98f4a8b83105c9cbd67d9d5840cee4f3840b1843
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
content-encoding
gzip
vary
Accept-Encoding
age
2157
x-cache
Hit from cloudfront
date
Fri, 01 Jan 2021 20:59:29 GMT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 21 Mar 2020 09:53:54 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"ef1f1212136e531ea4a6f1d531a98a55"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
application/javascript
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C1
x-amz-cf-id
K1YaXnwYLd-wsiK-PE2eoqkHQzSWEIdVOsFAKbXhvIxporYdGfvRSA==
x-content-type-options
nosniff
dollars-black.png
handpay.me/images/
7 KB
8 KB
Image
General
Full URL
https://handpay.me/images/dollars-black.png
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb03064e49a18ddffec5dddaf0bb58cdb39ddebe39c6d4e03c2f1d64bee695d2
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 00:08:46 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
77200
x-cache
Hit from cloudfront
content-length
7026
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Jul 2019 05:10:34 GMT
server
AmazonS3
x-frame-options
DENY
etag
"c954eca1717826595d19d24fb21da73f"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
accept-ranges
bytes
x-amz-cf-id
hAGMcZkD326k1OHtO08B7a9haoWzc-oNxZmMR9zDLHrmdbP8zvDkMQ==
app-bundle.js
handpay.me/scripts/
96 KB
25 KB
Script
General
Full URL
https://handpay.me/scripts/app-bundle.js
Requested by
Host: handpay.me
URL: https://handpay.me/scripts/vendor-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8cd833ea3f21fc20c7cf3f49817ba3cb8121c8806ae92d43a390f99f9fdbfc70
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 20:59:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2158
x-cache
Hit from cloudfront
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 21 Mar 2020 09:53:54 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"a3abc56a51956862d09cb18a74c1fc7e"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
x-amz-cf-id
HDmqo9A8b9tA0S4ipng-ftv9hfpBpXVoB1ULOmIHzfVCCc4p3BCHlQ==
config.json
handpay.me/config/
307 KB
231 KB
XHR
General
Full URL
https://handpay.me/config/config.json
Requested by
Host: handpay.me
URL: https://handpay.me/scripts/vendor-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
662e0bc9934d5f9beb704407ecea063edc4d8b86d83579c2ed2dca03f606a9dc
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
content-encoding
gzip
vary
Accept-Encoding
age
2157
x-cache
Hit from cloudfront
date
Fri, 01 Jan 2021 20:59:31 GMT
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sat, 30 Nov 2019 23:50:13 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"777c172192e1d23ddc306c015160376d"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
application/json
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-amz-cf-pop
YTO50-C1
x-amz-cf-id
7ifeWOwb3ew9r5F9yRrizVsEu5kmra4z1X2-9RR1VwPG9B8nIJwerw==
x-content-type-options
nosniff
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6293
date
Fri, 01 Jan 2021 19:50:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Fri, 01 Jan 2021 21:50:34 GMT
dollars-white.png
handpay.me/images/
8 KB
9 KB
Image
General
Full URL
https://handpay.me/images/dollars-white.png
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed268fd2055113385f3608105971e02e0d0c1865ff890c6718b19effaea4b579
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 00:08:47 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
77200
x-cache
Hit from cloudfront
content-length
7871
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Jul 2019 05:10:34 GMT
server
AmazonS3
x-frame-options
DENY
etag
"032744be6fe91a4490d3b4bff23e759a"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
accept-ranges
bytes
x-amz-cf-id
ABpP3qsYhW_lELr9SWgnHFvqVHqMp0WxPPOzfUetwJyX0ORUOdro0w==
collect
www.google-analytics.com/j/
0
0

HandPayMe-title.png
handpay.me/images/
23 KB
24 KB
Image
General
Full URL
https://handpay.me/images/HandPayMe-title.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e95befdcfb7a4a31c62cf3e185d1130b196ef508094df2e18c531e14159659b8
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 00:08:48 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
77200
x-cache
Hit from cloudfront
content-length
23237
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 03 Nov 2019 08:24:07 GMT
server
AmazonS3
x-frame-options
DENY
etag
"b3d3a0fcf6a8ae00ea849b8cd0560665"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
accept-ranges
bytes
x-amz-cf-id
qtYAYqjp1Yp0VXlzzaAF-mMsCox6wIY9H3BKQ222usxa8-g8TqUuuQ==
truncated
/
78 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa18292c7d2448443f5d792d161e853f5a1af4b4ae083da4ea5dbe3cba322ca9

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
40 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e89bd9ada43a5d6eb7cc3662a25cd1b052b8d8c978ca866ff02253617bcd365

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
34 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f77cfe261ebb591d92e8972e977ea02e9bc79f59289c41c074fc0ecd1acf4207

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
41 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
54886a40c3f992d4e5a559527587c403ac8c1755e55d1a8c6387ba9a5391cef6

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
35 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36c21780ceb743c8c79624fcbdc36ec3a6d5a993b4c120965925bd443ece09de

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
x.svg
handpay.me/images/
234 B
1 KB
Image
General
Full URL
https://handpay.me/images/x.svg
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c710e9512f5efdb94954654e1208aaf8c735c2ba5771acd36bbd8b60f40aa9d0
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 05:28:17 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
144431
x-cache
Hit from cloudfront
content-length
234
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Fri, 05 Jul 2019 06:57:46 GMT
server
AmazonS3
x-frame-options
DENY
etag
"1e71b4dc4a1d07a503d5093ff14faf21"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
image/svg+xml
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
accept-ranges
bytes
x-amz-cf-id
9txBJRVUz2fsX3XUkjYAohvSNNiCr7iHTXhPsApD0RXM1GS8zGQOwg==
pointing-right.png
handpay.me/images/
424 B
1 KB
Image
General
Full URL
https://handpay.me/images/pointing-right.png
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d35e1967b77611cb7de079064c594c07036620faca809ad3c40884e077fd3f5
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 00:08:48 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
77200
x-cache
Hit from cloudfront
content-length
424
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Jul 2019 05:10:34 GMT
server
AmazonS3
x-frame-options
DENY
etag
"0584999b2442fc2e71e7000c51f32a64"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
accept-ranges
bytes
x-amz-cf-id
THbgkvqk1M1XCwGfWbu_3YxtX3GK1ncsYjeNib5UN4nWO-VfFcw2cw==
pointing-left.png
handpay.me/images/
418 B
1 KB
Image
General
Full URL
https://handpay.me/images/pointing-left.png
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17c5120a6808ed6150d3978c7a0ee926f08399be2f21d644e33e6aaf499d42b5
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 00:08:48 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
77200
x-cache
Hit from cloudfront
content-length
418
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Jul 2019 05:10:34 GMT
server
AmazonS3
x-frame-options
DENY
etag
"8f6b63bc5a80597aad620a8e33d4268d"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
accept-ranges
bytes
x-amz-cf-id
kSc9jjsDCJuULVSmxLomBqCuUTPsxh5kw0J_-8mIDFWxYi-gLkD8lQ==
Roboto-Regular-webfont.woff2
handpay.me/fonts/
63 KB
64 KB
Font
General
Full URL
https://handpay.me/fonts/Roboto-Regular-webfont.woff2
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd22dfffdda805545fee7ec5f161a59cd7580a85d66a54d60c703f81f1c3942e
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Origin
https://handpay.me
Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 21:35:28 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
YTO50-C1
x-cache
Miss from cloudfront
content-length
64600
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Wed, 03 Jul 2019 22:04:05 GMT
server
AmazonS3
x-frame-options
DENY
etag
"e6f644805f1eec19db2518af9d5092af"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
binary/octet-stream
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
accept-ranges
bytes
x-amz-cf-id
01LwrKjtlrD6TC6zLDf3QpM6OQIzILCoL7XVd1fzyGK5hI1O71mKyA==
folded-corner.png
handpay.me/images/
6 KB
7 KB
Image
General
Full URL
https://handpay.me/images/folded-corner.png
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9264b8eb4210ae9a6bc30201a8c21a2fd4ab407e97f89e7f7a5867ba5ee5a809
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 00:08:48 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
77200
x-cache
Hit from cloudfront
content-length
6328
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Jul 2019 05:10:34 GMT
server
AmazonS3
x-frame-options
DENY
etag
"0aa42857f630ed28c81c9910f42ce48b"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
accept-ranges
bytes
x-amz-cf-id
dhrCLvuhn_1zH01cTd7MDHXzoY3AAuzRpJ_xC0PcvMZ8zCmyJ7tykg==
Nuxy-logo.svg
handpay.me/images/
7 KB
4 KB
Image
General
Full URL
https://handpay.me/images/Nuxy-logo.svg
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f63d091e7151c439a86c14badd8fde1667bb0bf0a4e9bbe394982cf6c54af088
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 31 Dec 2020 05:28:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144431
x-cache
Hit from cloudfront
strict-transport-security
max-age=15768000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Sun, 14 Jul 2019 07:25:29 GMT
server
AmazonS3
x-frame-options
DENY
etag
W/"3d53d686ca7a31c1c55c7fe0d2494b29"
vary
Accept-Encoding
content-type
image/svg+xml
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
x-amz-cf-id
JkD9ZzIjYAoXKIG-y-gajNG578YLhya3tGRSx-1d_g5s-Qd2NJic7A==
money.png
handpay.me/images/
306 KB
308 KB
Image
General
Full URL
https://handpay.me/images/money.png
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2132:6400:1e:e98:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8c5ba06eb607af43deaba695d8d5cf662b61cecc5ef15e3f208ccda9c86df32f
Security Headers
Name Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://handpay.me/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 00:08:48 GMT
via
1.1 4c93e73408f10048e0ca42d0347c4a28.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
77200
x-cache
Hit from cloudfront
content-length
313712
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Thu, 04 Jul 2019 05:10:34 GMT
server
AmazonS3
x-frame-options
DENY
etag
"5b44209b71f588effd0740b5a0db46c7"
strict-transport-security
max-age=15768000; includeSubDomains; preload
content-type
image/png
cache-control
max-age=31557600
content-security-policy
base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
x-amz-cf-pop
YTO50-C1
accept-ranges
bytes
x-amz-cf-id
b_08ca-OcEqxVqVYpTiGQLmkY8OrlOB1MH2-aLs1uyJLX4Bificq3g==
nbzi8t4h7ypz.js
js.driftt.com/include/1609537200000/
138 KB
45 KB
Script
General
Full URL
https://js.driftt.com/include/1609537200000/nbzi8t4h7ypz.js
Requested by
Host: handpay.me
URL: https://handpay.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-76.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
3c028e9666117b356459012caad6c5b5d20a8227b95b01a899e48ebe7f27b94d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 01 Jan 2021 21:35:28 GMT
content-encoding
gzip
x-amz-cf-pop
ZRH50-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
last-modified
Mon, 21 Dec 2020 20:19:33 GMT
server
nginx
etag
W/"4d7b506764645b403852bae487758a92"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=utf-8
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
cache-control
max-age=10
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
QqJm_zPLtZ2z6EBC2UQpiDF5ILQEdQ4cuYFOIV8vuAQZqpTJnCjvLg==
index.html
js.driftt.com/deploy/assets/ Frame 6D07
0
0
Document
General
Full URL
https://js.driftt.com/deploy/assets/index.html
Requested by
Host: js.driftt.com
URL: https://js.driftt.com/include/1609537200000/nbzi8t4h7ypz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.93.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-93-76.zrh50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
js.driftt.com
:scheme
https
:path
/deploy/assets/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
content-length
894
server
nginx
last-modified
Mon, 21 Dec 2020 20:19:33 GMT
x-amz-server-side-encryption
AES256
accept-ranges
bytes
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 01 Jan 2021 21:35:29 GMT
cache-control
max-age=10
etag
"e550e67e741cdc9d863ebf4ab2b74d31"
x-cache
Hit from cloudfront
via
1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
x-amz-cf-id
Vgo5U3L_3eQyYMaB6ZMny3_xS9pqXeM6cxU5Je1E3xlY4-CUt7abFg==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google-analytics.com
URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=0&a=181974505&t=pageview&_s=1&dl=https%3A%2F%2Fhandpay.me%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Products%20made%20for%20gamblers%2C%20by%20gamblers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAAC~&jid=181319246&gjid=1053208701&cid=1462519944.1609536927&tid=UA-141378663-1&_gid=694661386.1609536927&_r=1&_slc=1&z=1118190081

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Pace number| timer function| requirejs function| require function| define function| _aureliaConfigureModuleLoader function| P string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| flipping function| drift function| driftt object| __core-js_shared__ object| platform boolean| __DRIFTT_WIDGET_INCLUDED__ string| __DRIFT_INSTANCE_ID__ boolean| __DRIFTT_SHOW_WIDGET_ON_BOOT__

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy base-uri 'self'; default-src 'self' js.driftt.com js.stripe.com www.youtube.com; font-src 'self'; form-action 'self'; frame-ancestors 'none'; img-src 'self' data: www.google-analytics.com; object-src 'none'; script-src 'self' js.driftt.com js.stripe.com www.google-analytics.com 'sha256-aAivjpMLUFEH2vBItBsSZhVOly4cSOoi5wi5cX+2u6E=' 'sha256-+iXS+px0PrTVpyivk10dQtsjgnToPxZ2Bh8umFGqTtM=' '; style-src 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

handpay.me
js.driftt.com
www.google-analytics.com
www.google-analytics.com
13.224.93.76
2600:9000:2132:6400:1e:e98:8a40:93a1
2a00:1450:4001:820::200e
0e89bd9ada43a5d6eb7cc3662a25cd1b052b8d8c978ca866ff02253617bcd365
17c5120a6808ed6150d3978c7a0ee926f08399be2f21d644e33e6aaf499d42b5
36c21780ceb743c8c79624fcbdc36ec3a6d5a993b4c120965925bd443ece09de
3c028e9666117b356459012caad6c5b5d20a8227b95b01a899e48ebe7f27b94d
54886a40c3f992d4e5a559527587c403ac8c1755e55d1a8c6387ba9a5391cef6
5c17f5e13619a1eb6666f63ecf561c93f18f3573d417b688ac8ec2f31af7b414
5d35e1967b77611cb7de079064c594c07036620faca809ad3c40884e077fd3f5
662e0bc9934d5f9beb704407ecea063edc4d8b86d83579c2ed2dca03f606a9dc
79b4e61f053e0fdbb9c0b4ab98f4a8b83105c9cbd67d9d5840cee4f3840b1843
8c5ba06eb607af43deaba695d8d5cf662b61cecc5ef15e3f208ccda9c86df32f
8cd833ea3f21fc20c7cf3f49817ba3cb8121c8806ae92d43a390f99f9fdbfc70
9264b8eb4210ae9a6bc30201a8c21a2fd4ab407e97f89e7f7a5867ba5ee5a809
aa18292c7d2448443f5d792d161e853f5a1af4b4ae083da4ea5dbe3cba322ca9
bfd42250796bbed7e7add2c433ab957ddc2e1fa51b3225e32eeae7f833b89acf
c710e9512f5efdb94954654e1208aaf8c735c2ba5771acd36bbd8b60f40aa9d0
dd22dfffdda805545fee7ec5f161a59cd7580a85d66a54d60c703f81f1c3942e
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e95befdcfb7a4a31c62cf3e185d1130b196ef508094df2e18c531e14159659b8
ed268fd2055113385f3608105971e02e0d0c1865ff890c6718b19effaea4b579
f63d091e7151c439a86c14badd8fde1667bb0bf0a4e9bbe394982cf6c54af088
f77cfe261ebb591d92e8972e977ea02e9bc79f59289c41c074fc0ecd1acf4207
fb03064e49a18ddffec5dddaf0bb58cdb39ddebe39c6d4e03c2f1d64bee695d2