urlscan.io logo urlscan.io
SecurityTrails logo

www.sandhills.com Open in urlscan Pro
104.17.57.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Submission: On July 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 104.17.57.108, located in and belongs to CLOUDFLARENET, US. The main domain is www.sandhills.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 8th 2023. Valid for: a year.
This is the only time www.sandhills.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.17.57.108 13335 (CLOUDFLAR...)
2 104.17.51.108 13335 (CLOUDFLAR...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 142.250.185.228 15169 (GOOGLE)
5 208.86.240.188 46926 (555-WEST-...)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
24 7
9    104.17.57.108 (None, )

ASN13335 (CLOUDFLARENET, US)
www.sandhills.com
2    104.17.51.108 (None, )

ASN13335 (CLOUDFLARENET, US)
media.sandhills.com
3    2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
5    208.86.240.188 (United States)

ASN46926 (555-WEST-HASTINGS-STREET, US)
js.paygateway.com
1    2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
11 sandhills.com
www.sandhills.com
media.sandhills.com — Cisco Umbrella Rank: 141448
542 KB
5 paygateway.com
js.paygateway.com — Cisco Umbrella Rank: 392548
286 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1169
p.typekit.net — Cisco Umbrella Rank: 1487
33 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
961 B
1 gstatic.com
www.gstatic.com
213 KB
24 5
Domain Requested by
9 www.sandhills.com www.sandhills.com
5 js.paygateway.com www.sandhills.com
js.paygateway.com
3 www.google.com www.sandhills.com
www.gstatic.com
3 use.typekit.net www.sandhills.com
use.typekit.net
2 media.sandhills.com www.sandhills.com
media.sandhills.com
1 www.gstatic.com www.google.com
1 p.typekit.net use.typekit.net
24 7

This site contains links to these domains. Also see Links.

Domain
www.cvvnumber.com
Subject Issuer Validity Valid
www.sandhills.com
Entrust Certification Authority - L1K		 2023-12-08 -
2025-01-08		 a year crt.sh
media.sandhills.com
Entrust Certification Authority - L1K		 2023-12-11 -
2025-01-05		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
js.paygateway.com
GeoTrust EV RSA CA G2		 2024-05-07 -
2025-06-07		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Frame ID: 00504A973F9D4FB4ABD22A1C3625575A
Requests: 18 HTTP requests in this frame

Frame: https://js.paygateway.com/secure_payment/v1/field.html
Frame ID: 9B53B8E246AAD342FF1981F2812EFA84
Requests: 1 HTTP requests in this frame

Frame: https://js.paygateway.com/secure_payment/v1/field.html
Frame ID: 1EECB5AABE262B8E1C4CB5B96116B485
Requests: 1 HTTP requests in this frame

Frame: https://js.paygateway.com/secure_payment/v1/field.html
Frame ID: 19F38B4AAD981D792810A92D66E6C2C2
Requests: 1 HTTP requests in this frame

Frame: https://js.paygateway.com/secure_payment/v1/field.html
Frame ID: 363B5325DD1076D1F9DFC33F3E245403
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_nWMaAAAAAMrd__siHvVJSfGEXkMwsbgyXPs7&co=aHR0cHM6Ly93d3cuc2FuZGhpbGxzLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=b4mo9ayxf8n7
Frame ID: 0670AB02E51B7A7C6992C3ED70D925B1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lc_nWMaAAAAAMrd__siHvVJSfGEXkMwsbgyXPs7
Frame ID: D0024892626E75B9CFD67AC22F296674
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UBS Payment Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

7
IPs

3
Countries

1075 kB
Transfer

1908 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request payment
www.sandhills.com/payment/payment/ 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c89bdc13e5dbb8bd71c6efb1ab7fd01d51617c0447ad7395a68adc638f9a553d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8a0baaffdc98c017-WAW
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 22:14:37 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
Site.css
www.sandhills.com/Payment/Content/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/Content/Site.css?v=1.0.1
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
57b8ff59e4bc247523dcce03fe52f14578e3668720e727f345f32f248774279f

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 13:02:38 GMT
server
cloudflare
age
0
etag
"06bafffea5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab04d844c017-WAW
content-length
2260
expires
Wed, 09 Jul 2025 22:14:38 GMT
all.min.css
media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/css/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/css/all.min.css
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.51.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Referer
https://www.sandhills.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
836014
x-powered-by
ASP.NET
content-length
15569
last-modified
Thu, 15 Jun 2023 19:16:22 GMT
server
cloudflare
etag
"0c7d0debd9fd91:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab058d4c3578-WAW
access-control-allow-headers
content-type
expires
Wed, 09 Jul 2025 22:14:37 GMT
tjq2iwj.css
use.typekit.net/ 		3 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tjq2iwj.css
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c6fccc33e5dff81e99ba642489acf090cccb20970b046dc325fb9a0aafccd0df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.sandhills.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 09 Jul 2024 22:14:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
760
jquery-ui.css
www.sandhills.com/Payment/Content/ 		36 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/Content/jquery-ui.css
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b4bc0d45ccd367ea5855060097c871265e23e929bac425bf4e2c0191eec12eeb

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 13:02:38 GMT
server
cloudflare
age
0
etag
"06bafffea5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab04d845c017-WAW
content-length
11041
expires
Wed, 09 Jul 2025 22:14:38 GMT
jquery-3.3.1.min.js
www.sandhills.com/Payment/Scripts/ 		85 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/Scripts/jquery-3.3.1.min.js
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 13:02:40 GMT
server
cloudflare
age
0
etag
"0983b0ffa5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab04d846c017-WAW
content-length
38892
expires
Wed, 09 Jul 2025 22:14:38 GMT
jquery-ui.js
www.sandhills.com/Payment/Scripts/ 		509 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/Scripts/jquery-ui.js
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 13:02:40 GMT
server
cloudflare
age
0
etag
"0983b0ffa5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8a0bab04e847c017-WAW
expires
Wed, 09 Jul 2025 22:14:38 GMT
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sandhills.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 09 Jul 2024 22:14:37 GMT
crane-logo.png
www.sandhills.com/Payment/Content/Siteart/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sandhills.com/Payment/Content/Siteart/crane-logo.png
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
0b1b6ab7b42752a1d6f4b6f049156b830a22c43522d50ad6933655e7fc1e9e41

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
cf-cache-status
HIT
age
0
cf-polished
origFmt=png, origSize=10172
x-powered-by
ASP.NET
content-disposition
inline; filename="crane-logo.webp"
content-length
4556
cf-bgj
imgq:85,h2pri
last-modified
Tue, 14 May 2024 13:02:38 GMT
server
cloudflare
etag
"06bafffea5da1:0"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab04e848c017-WAW
expires
Wed, 09 Jul 2025 22:14:38 GMT
spinner.gif
www.sandhills.com/Payment/Content/siteart/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sandhills.com/Payment/Content/siteart/spinner.gif
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8c5fc51c121091d68c533700bb1dc334b60597d6236ad83da47158b48942a22b

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
cf-cache-status
HIT
last-modified
Tue, 14 May 2024 13:02:38 GMT
server
cloudflare
age
0
etag
"06bafffea5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab04e849c017-WAW
content-length
208227
expires
Wed, 09 Jul 2025 22:14:38 GMT
globalpayments.js
js.paygateway.com/secure_payment/v1/ 		285 KB
286 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/globalpayments.js
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash
d02351d761c3cdca083de6c14776e3ed227ee339e5c785663b7a0b794431ed4b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.sandhills.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:14:38 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
Last-Modified
Tue, 10 Oct 2023 20:52:21 GMT
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Connection
close
Accept-Ranges
bytes
Content-Length
292111
Expires
Wed, 10 Jul 2024 22:14:38 GMT
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tjq2iwj&ht=tk&f=12729.12731.24354.43311&a=16510810&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tjq2iwj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sandhills.com/
Origin
https://www.sandhills.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 21:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217833
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 21:49:35 GMT
l
use.typekit.net/af/987a60/00000000000000007735a543/30/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/987a60/00000000000000007735a543/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tjq2iwj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fcf9ad39a58bd521789931e384b831a9ce7bbe3b5f9a05bf02c352e1e60c7ebb

Request headers

Referer
https://use.typekit.net/tjq2iwj.css
Origin
https://www.sandhills.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
server
nginx
etag
"5e75b786eedb2c68e3ea4f8e9407f415881535c8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18064
l
use.typekit.net/af/be28cc/00000000000000007735a54a/30/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/be28cc/00000000000000007735a54a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tjq2iwj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0d1fcd33d270a8e9a9a3442b0f1182caea7cd4300a0094a4d4d99a812c0320cf

Request headers

Referer
https://use.typekit.net/tjq2iwj.css
Origin
https://www.sandhills.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
server
nginx
etag
"fe068450069fac8d4a7027a68334d63a0dea2f78"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13768
fa-solid-900.woff2
media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by
Host: media.sandhills.com
URL: https://media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.51.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer
https://media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/css/all.min.css
Origin
https://www.sandhills.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:39 GMT
cf-cache-status
HIT
age
0
x-powered-by
ASP.NET
content-length
80148
last-modified
Thu, 06 Jun 2024 13:35:12 GMT
server
cloudflare
etag
"068375b16b8da1:0"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab0d5b663576-WAW
access-control-allow-headers
content-type
expires
Wed, 09 Jul 2025 22:14:39 GMT
field.html
js.paygateway.com/secure_payment/v1/ Frame 9B53 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/field.html
Requested by
Host: js.paygateway.com
URL: https://js.paygateway.com/secure_payment/v1/globalpayments.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400 public
Connection
close
Content-Length
1067
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jul 2024 22:14:39 GMT
Expires
Wed, 10 Jul 2024 22:14:39 GMT
Last-Modified
Tue, 10 Oct 2023 20:52:25 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
field.html
js.paygateway.com/secure_payment/v1/ Frame 1EEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/field.html
Requested by
Host: js.paygateway.com
URL: https://js.paygateway.com/secure_payment/v1/globalpayments.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400 public
Content-Length
1067
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jul 2024 22:14:39 GMT
Expires
Wed, 10 Jul 2024 22:14:39 GMT
Last-Modified
Tue, 10 Oct 2023 20:52:25 GMT
field.html
js.paygateway.com/secure_payment/v1/ Frame 19F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/field.html
Requested by
Host: js.paygateway.com
URL: https://js.paygateway.com/secure_payment/v1/globalpayments.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400 public
Content-Length
1067
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jul 2024 22:14:39 GMT
Expires
Wed, 10 Jul 2024 22:14:39 GMT
Last-Modified
Tue, 10 Oct 2023 20:52:25 GMT
field.html
js.paygateway.com/secure_payment/v1/ Frame 363B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/field.html
Requested by
Host: js.paygateway.com
URL: https://js.paygateway.com/secure_payment/v1/globalpayments.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400 public
Content-Length
1067
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jul 2024 22:14:39 GMT
Expires
Wed, 10 Jul 2024 22:14:39 GMT
Last-Modified
Tue, 10 Oct 2023 20:52:25 GMT
anchor
www.google.com/recaptcha/api2/ Frame 0670 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_nWMaAAAAAMrd__siHvVJSfGEXkMwsbgyXPs7&co=aHR0cHM6Ly93d3cuc2FuZGhpbGxzLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=b4mo9ayxf8n7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BmYmRbI6t38_Ql8CJJ5kXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-BmYmRbI6t38_Ql8CJJ5kXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jul 2024 22:14:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
countrySelectList
www.sandhills.com/Payment/payment/ 		18 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/payment/countrySelectList?twoCharISOCode=false&autofillCountry=
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/Payment/Scripts/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dba9b88316f6c057da3869852d093a84de68784e6c7086b6d5188e2f58124f2b

Request headers

Accept
*/*
Referer
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:39 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
8a0bab109eedc017-WAW
content-length
2978
bframe
www.google.com/recaptcha/api2/ Frame D002 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lc_nWMaAAAAAMrd__siHvVJSfGEXkMwsbgyXPs7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-XY0Ovt7dMAltDQrvx9imsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-XY0Ovt7dMAltDQrvx9imsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jul 2024 22:14:40 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
www.sandhills.com/ 		31 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.57.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=s_22727525&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 04 Jun 2024 18:41:18 GMT
server
cloudflare
age
0
etag
W/"01b61c9aeb6da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=31536000
cf-ray
8a0bab1c2e92c017-WAW
expires
Wed, 09 Jul 2025 22:14:41 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| GlobalPayments function| LoadStateCountryList function| ValidateForm object| cardForm function| SubmitPayment object| closure_lm_162672

6 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AB84SrsHVJ-pqyjqYD2HszLKcyGNpFl_vfJROFWAJINsOO0vVUF3a3PJP1K5vFivV2d9mFRfizqr0iiTCc7_Mug
www.sandhills.com/ Name: ASP.NET_SessionId
Value: naipp4dgjkfuvhddxq4yxmhq
www.sandhills.com/ Name: USERID
Value: 133272821
www.sandhills.com/ Name: TRACKING
Value: SessionStarted=1&GUID=f4f01bfb88c34b96973a266099c8eec3&UserReferrer=
www.sandhills.com/ Name: OriginalID
Value: 133272821
www.sandhills.com/ Name: BIGipServerwww.sandhills.com_http_pool
Value: 25274560.20480.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.paygateway.com
media.sandhills.com
p.typekit.net
use.typekit.net
www.google.com
www.gstatic.com
www.sandhills.com
104.17.51.108
104.17.57.108
142.250.185.228
208.86.240.188
2a00:1450:4001:829::2003
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
0b1b6ab7b42752a1d6f4b6f049156b830a22c43522d50ad6933655e7fc1e9e41
0d1fcd33d270a8e9a9a3442b0f1182caea7cd4300a0094a4d4d99a812c0320cf
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
57b8ff59e4bc247523dcce03fe52f14578e3668720e727f345f32f248774279f
8c5fc51c121091d68c533700bb1dc334b60597d6236ad83da47158b48942a22b
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
b4bc0d45ccd367ea5855060097c871265e23e929bac425bf4e2c0191eec12eeb
c6fccc33e5dff81e99ba642489acf090cccb20970b046dc325fb9a0aafccd0df
c89bdc13e5dbb8bd71c6efb1ab7fd01d51617c0447ad7395a68adc638f9a553d
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d02351d761c3cdca083de6c14776e3ed227ee339e5c785663b7a0b794431ed4b
dba9b88316f6c057da3869852d093a84de68784e6c7086b6d5188e2f58124f2b
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
fcf9ad39a58bd521789931e384b831a9ce7bbe3b5f9a05bf02c352e1e60c7ebb