payment-holding-cms.dev.palladio.net.pl Open in urlscan Pro
146.59.11.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://payment-holding-cms.dev.palladio.net.pl/
Effective URL:
https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
Submission: On July 27 via automatic, source certstream-suspicious (July 27th 2024, 8:06:02 pm UTC) — Scanned from PL

Summary HTTP 16 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 16 HTTP transactions. The main IP is 146.59.11.2, located in France and belongs to OVH, FR. The main domain is payment-holding-cms.dev.palladio.net.pl.
TLS certificate: Issued by R11 on July 27th 2024. Valid for: 3 months.

This is the only time payment-holding-cms.dev.palladio.net.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
1 17	146.59.11.2 146.59.11.2		16276 (OVH) (OVH)
16	2

17 146.59.11.2 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip2.ip-146-59-11.eu

payment-holding-cms.dev.palladio.net.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	palladio.net.pl 1 redirects payment-holding-cms.dev.palladio.net.pl	4 MB
16	1

	Domain	Requested by
17	payment-holding-cms.dev.palladio.net.pl	1 redirects payment-holding-cms.dev.palladio.net.pl
16	1

This site contains no links.

Subject Issuer	Validity	Valid
payment-holding-cms.dev.palladio.net.pl R11	`2024-07-27` - `2024-10-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
Frame ID: 7285F988943CA810536E743038C201E6
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Strapi Admin

Page URL History Show full URLs

https://payment-holding-cms.dev.palladio.net.pl/ HTTP 302
https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager Page URL

Page Statistics

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

4241 kB
Transfer

4226 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://payment-holding-cms.dev.palladio.net.pl/ HTTP 302
https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request content-manager Show response
payment-holding-cms.dev.palladio.net.pl/admin/
Redirect Chain

https://payment-holding-cms.dev.palladio.net.pl/
https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager

1 KB
2 KB

52ms
52ms

Document
text/html

146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

a51c343917cb6d25bb2e33c010797764d77d32867a6d7d2b7f4517cd94ce9fe8

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Content-Type: text/html; charset=utf-8
Date: Sat, 27 Jul 2024 20:05:57 GMT
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000; includeSubDomains
Transfer-Encoding: chunked
Vary: Origin
X-Content-Type-Options: nosniff
X-DNS-Prefetch-Control: off
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>

Redirect headers

Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: keep-alive
Content-Length: 75
Content-Type: text/html; charset=utf-8
Date: Sat, 27 Jul 2024 20:05:57 GMT
Location: /admin/content-manager
Server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK runtime~main.9cda2e17.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 7 KB
8 KB 56ms
56ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

fc591c7aedeb49a1a6ab4c1cbf76bff34874c011682bb4e36213b4281f4418fa

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:57 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 6707
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK main.9331ce2e.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 4 MB
4 MB 107ms
49ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/main.9331ce2e.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

36fef0b82ee4f34df74c4bf3b416a2ce7ee767357e6ad56269454d7a023acf10

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:57 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 4202965
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK project-type Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 48 B
1 KB 47ms
47ms XHR
application/json 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/project-type

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/main.9331ce2e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

081a695fca7c0f19c417a992416cb280290699e39c13c84aa3a7d8b224ccab79

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
Authorization: Bearer null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 48
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 8657.1c770d01.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 70 KB
71 KB 62ms
62ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/8657.1c770d01.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

84415edc5827466f72257abdedb2f74eb4b1c84b3464571c130002dfede5d454

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 71640
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 500
Internal Server Error favicon.ico
payment-holding-cms.dev.palladio.net.pl/ 99 B
1 KB 53ms
52ms Other
application/json 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4d9a9e3b3ea8ba0dd4a089de75b97c3468aa6e6fd7e0c0257462e38b1272a292

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 99
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 7542.fd6388fa.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 14 KB
16 KB 52ms
51ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/7542.fd6388fa.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

caabecef171f0818812ce7d8d47ab4503bb4c26be7a441b64fed2e77a33833e3

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 14656
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 2172.c894725b.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 2 KB
3 KB 47ms
47ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/2172.c894725b.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

5320066c3e595bd3521275e1a5b8927b5d1caeab7bf51ca60c6f6d3bd462d270

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 1626
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 1047.1ba92b01.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 8 KB
9 KB 91ms
43ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/1047.1ba92b01.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

8fd5206d2feea7a346463c292ee12894dc358f0dfe766a55b1f6d71346a6b95e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 7718
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 9509.2d04ffc5.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 6 KB
7 KB 99ms
46ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/9509.2d04ffc5.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

1a9133d651188b87629c9f8f3de54e8cc7a854cb65a38f5ac97dbc43d6b964d9

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 5951
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 5064.b9cd9131.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 817 B
2 KB 115ms
40ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/5064.b9cd9131.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

ceaa3fe708ab99acb2e5ab01616ab21b21f486e81e6b31700084798c5251263b

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 817
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 2594.c7ac8cfe.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 3 KB
4 KB 124ms
43ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/2594.c7ac8cfe.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

9bac9db3b2624f6e637e0e2f476c07f5dcb390023652d3a0e3045070d69a4251

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 2786
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 4495.2842c3ac.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 5 KB
6 KB 87ms
43ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/4495.2842c3ac.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

d5512281fbcd7514064a44774129a5bd80ba8c43d2710d0bb7aadfab8a697f24

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 5193
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H/1.1 200
OK 9828.898ad004.chunk.js Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 311 B
2 KB 88ms
48ms Script
application/javascript 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/9828.898ad004.chunk.js

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/runtime~main.9cda2e17.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

669ecb7c2d2979b4943f9b770f03b8c9d40579405f93456b8dd037f4a3958e7c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 311
Referrer-Policy: no-referrer
Last-Modified: Mon, 10 Jun 2024 07:38:38 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
cache-control: public, max-age=31536000, immutable
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b944151a87b54b99fe96e5bee54466bd322696f6daadedbf47a8b6b8b6b8fa53

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK init Show response
payment-holding-cms.dev.palladio.net.pl/admin/ 104 B
1 KB 50ms
50ms XHR
application/json 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/admin/init

Requested by

Host: payment-holding-cms.dev.palladio.net.pl
URL: https://payment-holding-cms.dev.palladio.net.pl/admin/main.9331ce2e.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) / Strapi <strapi.io>

Resource Hash

8817c81928c95f54af39eb581abce9336ed7bb844941f7b7b6ab7d845cb6b83a

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json
Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/content-manager
Authorization: Bearer null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-Powered-By: Strapi <strapi.io>
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 104
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
DATA 200
OK truncated
/ 811 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3479bdf79601f64b126ebb2abbd917562fd0fa0e15521bd7344416ab3ffc1daf

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 500
Internal Server Error favicon.ico
payment-holding-cms.dev.palladio.net.pl/ 99 B
1 KB 54ms
53ms Other
application/json 146.59.11.2
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://payment-holding-cms.dev.palladio.net.pl/favicon.ico

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

146.59.11.2 , France, ASN16276 (OVH, FR),

Reverse DNS

ip2.ip-146-59-11.eu

Software

nginx/1.18.0 (Ubuntu) /

Resource Hash

4d9a9e3b3ea8ba0dd4a089de75b97c3468aa6e6fd7e0c0257462e38b1272a292

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://payment-holding-cms.dev.palladio.net.pl/admin/auth/login?redirectTo=%2Fcontent-manager
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Sat, 27 Jul 2024 20:05:58 GMT
Content-Security-Policy: connect-src 'self' https:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Permitted-Cross-Domain-Policies: none
X-DNS-Prefetch-Control: off
Connection: keep-alive
Content-Length: 99
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Expose-Headers: Content-Length,Content-Range
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkpayment_holding object| __REACT_INTL_CONTEXT__ function| _ object| strapi

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://payment-holding-cms.dev.palladio.net.pl/favicon.ico Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://payment-holding-cms.dev.palladio.net.pl/favicon.ico Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
recommendation	verbose	URL: https://payment-holding-cms.dev.palladio.net.pl/admin/auth/login?redirectTo=%2Fcontent-manager Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	connect-src 'self' https: ws:;img-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;media-src 'self' data: blob: dl.airtable.com cms-payment-holding.s3.eu-west-1.amazonaws.com;script-src 'self' 'unsafe-inline';default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';object-src 'none';script-src-attr 'none';style-src 'self' https: 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

payment-holding-cms.dev.palladio.net.pl
146.59.11.2
081a695fca7c0f19c417a992416cb280290699e39c13c84aa3a7d8b224ccab79
1a9133d651188b87629c9f8f3de54e8cc7a854cb65a38f5ac97dbc43d6b964d9
3479bdf79601f64b126ebb2abbd917562fd0fa0e15521bd7344416ab3ffc1daf
36fef0b82ee4f34df74c4bf3b416a2ce7ee767357e6ad56269454d7a023acf10
4d9a9e3b3ea8ba0dd4a089de75b97c3468aa6e6fd7e0c0257462e38b1272a292
5320066c3e595bd3521275e1a5b8927b5d1caeab7bf51ca60c6f6d3bd462d270
669ecb7c2d2979b4943f9b770f03b8c9d40579405f93456b8dd037f4a3958e7c
84415edc5827466f72257abdedb2f74eb4b1c84b3464571c130002dfede5d454
8817c81928c95f54af39eb581abce9336ed7bb844941f7b7b6ab7d845cb6b83a
8fd5206d2feea7a346463c292ee12894dc358f0dfe766a55b1f6d71346a6b95e
9bac9db3b2624f6e637e0e2f476c07f5dcb390023652d3a0e3045070d69a4251
a51c343917cb6d25bb2e33c010797764d77d32867a6d7d2b7f4517cd94ce9fe8
b944151a87b54b99fe96e5bee54466bd322696f6daadedbf47a8b6b8b6b8fa53
caabecef171f0818812ce7d8d47ab4503bb4c26be7a441b64fed2e77a33833e3
ceaa3fe708ab99acb2e5ab01616ab21b21f486e81e6b31700084798c5251263b
d5512281fbcd7514064a44774129a5bd80ba8c43d2710d0bb7aadfab8a697f24
fc591c7aedeb49a1a6ab4c1cbf76bff34874c011682bb4e36213b4281f4418fa

payment-holding-cms.dev.palladio.net.pl Open in urlscan Pro 146.59.11.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

16 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

4241 kBTransfer

4226 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

3 Console Messages

Security Headers

Indicators

payment-holding-cms.dev.palladio.net.pl Open in urlscan Pro
146.59.11.2 Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

4241 kB
Transfer

4226 kB
Size

0
Cookies

16 HTTP transactions
2 data transactions