urlscan.io logo urlscan.io
SecurityTrails logo

www.sandhills.com Open in urlscan Pro
104.17.58.108  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Submission: On July 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 104.17.58.108, located in and belongs to CLOUDFLARENET, US. The main domain is www.sandhills.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on December 8th 2023. Valid for: a year.
This is the only time www.sandhills.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.17.58.108 13335 (CLOUDFLAR...)
2 104.17.50.108 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 142.250.186.164 15169 (GOOGLE)
5 208.86.240.188 46926 (555-WEST-...)
1 2a00:1450:400... 15169 (GOOGLE)
24 6
9    104.17.58.108 (None, )

ASN13335 (CLOUDFLARENET, US)
www.sandhills.com
2    104.17.50.108 (None, )

ASN13335 (CLOUDFLARENET, US)
media.sandhills.com
4    2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
3    142.250.186.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f4.1e100.net
www.google.com
5    208.86.240.188 (United States)

ASN46926 (555-WEST-HASTINGS-STREET, US)
js.paygateway.com
1    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
11 sandhills.com
www.sandhills.com
media.sandhills.com — Cisco Umbrella Rank: 141448
547 KB
5 paygateway.com
js.paygateway.com — Cisco Umbrella Rank: 392548
286 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1169
p.typekit.net — Cisco Umbrella Rank: 1487
33 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 10
961 B
1 gstatic.com
www.gstatic.com
213 KB
24 5
Domain Requested by
9 www.sandhills.com www.sandhills.com
5 js.paygateway.com www.sandhills.com
js.paygateway.com
3 www.google.com www.sandhills.com
www.gstatic.com
3 use.typekit.net www.sandhills.com
use.typekit.net
2 media.sandhills.com www.sandhills.com
media.sandhills.com
1 www.gstatic.com www.google.com
1 p.typekit.net use.typekit.net
24 7

This site contains links to these domains. Also see Links.

Domain
www.cvvnumber.com
Subject Issuer Validity Valid
www.sandhills.com
Entrust Certification Authority - L1K		 2023-12-08 -
2025-01-08		 a year crt.sh
media.sandhills.com
Entrust Certification Authority - L1K		 2023-12-11 -
2025-01-05		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
*.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
js.paygateway.com
GeoTrust EV RSA CA G2		 2024-05-07 -
2025-06-07		 a year crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Frame ID: 1C02B3FAD2A48049665E508AC0D184BC
Requests: 18 HTTP requests in this frame

Frame: https://js.paygateway.com/secure_payment/v1/field.html
Frame ID: 847F22AC180A945A9E8EB06C29D0C689
Requests: 1 HTTP requests in this frame

Frame: https://js.paygateway.com/secure_payment/v1/field.html
Frame ID: 5CD8537106297B96F77ED4A0DC81FC1F
Requests: 1 HTTP requests in this frame

Frame: https://js.paygateway.com/secure_payment/v1/field.html
Frame ID: 424E8890B488D62E08607C60854F2062
Requests: 1 HTTP requests in this frame

Frame: https://js.paygateway.com/secure_payment/v1/field.html
Frame ID: 46B5F3FC6077C6EB579DE70ADEDE3ADE
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_nWMaAAAAAMrd__siHvVJSfGEXkMwsbgyXPs7&co=aHR0cHM6Ly93d3cuc2FuZGhpbGxzLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=8tn6b6rwu2pu
Frame ID: 41063716AA1F4EF8ED570D3E6CD13460
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lc_nWMaAAAAAMrd__siHvVJSfGEXkMwsbgyXPs7
Frame ID: F782CB3710350B7EDE6FE2D410B851C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UBS Payment Page

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

24
Requests

100 %
HTTPS

33 %
IPv6

5
Domains

7
Subdomains

6
IPs

3
Countries

1080 kB
Transfer

1914 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request payment
www.sandhills.com/payment/payment/ 		22 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
5432473272cc47a44cbb612c1f10ca4fe85c543f6e926091d8caf8c5ed87f030

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8a0baafe2f6a349d-WAW
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 09 Jul 2024 22:14:37 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
server
cloudflare
vary
Accept-Encoding
x-aspnet-version
4.0.30319
x-aspnetmvc-version
5.2
x-powered-by
ASP.NET
Site.css
www.sandhills.com/Payment/Content/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/Content/Site.css?v=1.0.1
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
57b8ff59e4bc247523dcce03fe52f14578e3668720e727f345f32f248774279f

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 13:02:38 GMT
server
cloudflare
etag
"06bafffea5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab047d3b349d-WAW
content-length
2260
expires
Wed, 09 Jul 2025 22:14:38 GMT
all.min.css
media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/css/ 		58 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/css/all.min.css
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.50.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7

Request headers

Referer
https://www.sandhills.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
836014
x-powered-by
ASP.NET
content-length
15569
last-modified
Thu, 15 Jun 2023 19:16:22 GMT
server
cloudflare
etag
"0c7d0debd9fd91:0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab0528f1bf88-WAW
access-control-allow-headers
content-type
expires
Wed, 09 Jul 2025 22:14:37 GMT
tjq2iwj.css
use.typekit.net/ 		3 KB
983 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tjq2iwj.css
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c6fccc33e5dff81e99ba642489acf090cccb20970b046dc325fb9a0aafccd0df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.sandhills.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 09 Jul 2024 22:14:38 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
760
jquery-ui.css
www.sandhills.com/Payment/Content/ 		36 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/Content/jquery-ui.css
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b4bc0d45ccd367ea5855060097c871265e23e929bac425bf4e2c0191eec12eeb

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 13:02:38 GMT
server
cloudflare
etag
"06bafffea5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab047d3d349d-WAW
content-length
11041
expires
Wed, 09 Jul 2025 22:14:38 GMT
jquery-3.3.1.min.js
www.sandhills.com/Payment/Scripts/ 		85 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/Scripts/jquery-3.3.1.min.js
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 13:02:40 GMT
server
cloudflare
etag
"0983b0ffa5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab047d3f349d-WAW
content-length
38892
expires
Wed, 09 Jul 2025 22:14:38 GMT
jquery-ui.js
www.sandhills.com/Payment/Scripts/ 		509 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/Scripts/jquery-ui.js
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 13:02:40 GMT
server
cloudflare
etag
"0983b0ffa5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8a0bab047d43349d-WAW
expires
Wed, 09 Jul 2025 22:14:38 GMT
api.js
www.google.com/recaptcha/ 		1 KB
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sandhills.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Tue, 09 Jul 2024 22:14:37 GMT
crane-logo.png
www.sandhills.com/Payment/Content/Siteart/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sandhills.com/Payment/Content/Siteart/crane-logo.png
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dc46f67813f0909ad479fa269da4ee155ee5b11d1271953c3de118a050881d92

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 13:02:38 GMT
server
cloudflare
etag
"06bafffea5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab047d45349d-WAW
content-length
10172
expires
Wed, 09 Jul 2025 22:14:38 GMT
spinner.gif
www.sandhills.com/Payment/Content/siteart/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sandhills.com/Payment/Content/siteart/spinner.gif
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
8c5fc51c121091d68c533700bb1dc334b60597d6236ad83da47158b48942a22b

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
cf-cache-status
MISS
last-modified
Tue, 14 May 2024 13:02:38 GMT
server
cloudflare
etag
"06bafffea5da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab047d47349d-WAW
content-length
208227
expires
Wed, 09 Jul 2025 22:14:38 GMT
globalpayments.js
js.paygateway.com/secure_payment/v1/ 		285 KB
286 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/globalpayments.js
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash
d02351d761c3cdca083de6c14776e3ed227ee339e5c785663b7a0b794431ed4b
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.sandhills.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 09 Jul 2024 22:14:38 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
Last-Modified
Tue, 10 Oct 2023 20:52:21 GMT
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Connection
close
Accept-Ranges
bytes
Content-Length
292111
Expires
Wed, 10 Jul 2024 22:14:38 GMT
p.css
p.typekit.net/ 		5 B
173 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tjq2iwj&ht=tk&f=12729.12731.24354.43311&a=16510810&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tjq2iwj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
last-modified
Sun, 19 May 2024 12:57:48 GMT
server
nginx
etag
"6649f74c-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
recaptcha__de.js
www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/ 		536 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sandhills.com/
Origin
https://www.sandhills.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 21:49:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1503
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
217833
x-xss-protection
0
last-modified
Sun, 23 Jun 2024 08:01:07 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Jul 2025 21:49:35 GMT
l
use.typekit.net/af/987a60/00000000000000007735a543/30/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/987a60/00000000000000007735a543/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tjq2iwj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
fcf9ad39a58bd521789931e384b831a9ce7bbe3b5f9a05bf02c352e1e60c7ebb

Request headers

Referer
https://use.typekit.net/tjq2iwj.css
Origin
https://www.sandhills.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
server
nginx
etag
"5e75b786eedb2c68e3ea4f8e9407f415881535c8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18064
l
use.typekit.net/af/be28cc/00000000000000007735a54a/30/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/be28cc/00000000000000007735a54a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tjq2iwj.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
0d1fcd33d270a8e9a9a3442b0f1182caea7cd4300a0094a4d4d99a812c0320cf

Request headers

Referer
https://use.typekit.net/tjq2iwj.css
Origin
https://www.sandhills.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:38 GMT
server
nginx
etag
"fe068450069fac8d4a7027a68334d63a0dea2f78"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13768
fa-solid-900.woff2
media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/webfonts/fa-solid-900.woff2
Requested by
Host: media.sandhills.com
URL: https://media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/css/all.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.50.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658

Request headers

Referer
https://media.sandhills.com/CDN/CSS/Font-Awesome/5.14.0/css/all.min.css
Origin
https://www.sandhills.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:39 GMT
cf-cache-status
MISS
last-modified
Thu, 06 Jun 2024 13:35:12 GMT
server
cloudflare
etag
"068375b16b8da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8a0bab0d4cf1bf47-WAW
access-control-allow-headers
content-type
content-length
80148
expires
Wed, 09 Jul 2025 22:14:39 GMT
field.html
js.paygateway.com/secure_payment/v1/ Frame 847F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/field.html
Requested by
Host: js.paygateway.com
URL: https://js.paygateway.com/secure_payment/v1/globalpayments.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400 public
Connection
close
Content-Length
1067
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jul 2024 22:14:39 GMT
Expires
Wed, 10 Jul 2024 22:14:39 GMT
Last-Modified
Tue, 10 Oct 2023 20:52:25 GMT
Strict-Transport-Security
max-age=15724800; includeSubDomains
field.html
js.paygateway.com/secure_payment/v1/ Frame 5CD8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/field.html
Requested by
Host: js.paygateway.com
URL: https://js.paygateway.com/secure_payment/v1/globalpayments.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400 public
Content-Length
1067
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jul 2024 22:14:39 GMT
Expires
Wed, 10 Jul 2024 22:14:39 GMT
Last-Modified
Tue, 10 Oct 2023 20:52:25 GMT
field.html
js.paygateway.com/secure_payment/v1/ Frame 424E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/field.html
Requested by
Host: js.paygateway.com
URL: https://js.paygateway.com/secure_payment/v1/globalpayments.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400 public
Content-Length
1067
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jul 2024 22:14:39 GMT
Expires
Wed, 10 Jul 2024 22:14:39 GMT
Last-Modified
Tue, 10 Oct 2023 20:52:25 GMT
field.html
js.paygateway.com/secure_payment/v1/ Frame 46B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.paygateway.com/secure_payment/v1/field.html
Requested by
Host: js.paygateway.com
URL: https://js.paygateway.com/secure_payment/v1/globalpayments.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
208.86.240.188 , United States, ASN46926 (555-WEST-HASTINGS-STREET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400 public
Content-Length
1067
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Jul 2024 22:14:39 GMT
Expires
Wed, 10 Jul 2024 22:14:39 GMT
Last-Modified
Tue, 10 Oct 2023 20:52:25 GMT
anchor
www.google.com/recaptcha/api2/ Frame 4106 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_nWMaAAAAAMrd__siHvVJSfGEXkMwsbgyXPs7&co=aHR0cHM6Ly93d3cuc2FuZGhpbGxzLmNvbTo0NDM.&hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&size=invisible&cb=8tn6b6rwu2pu
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UFPnY7M8HSA0a7d08X1nKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-UFPnY7M8HSA0a7d08X1nKw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jul 2024 22:14:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
countrySelectList
www.sandhills.com/Payment/payment/ 		18 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/Payment/payment/countrySelectList?twoCharISOCode=false&autofillCountry=
Requested by
Host: www.sandhills.com
URL: https://www.sandhills.com/Payment/Scripts/jquery-3.3.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
dba9b88316f6c057da3869852d093a84de68784e6c7086b6d5188e2f58124f2b

Request headers

Accept
*/*
Referer
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:39 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
cf-cache-status
DYNAMIC
server
cloudflare
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT\"
content-type
application/json; charset=utf-8
cache-control
private
cf-ray
8a0bab0fee43349d-WAW
content-length
2978
bframe
www.google.com/recaptcha/api2/ Frame F782 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=de&v=rKbTvxTxwcw5VqzrtN-ICwWt&k=6Lc_nWMaAAAAAMrd__siHvVJSfGEXkMwsbgyXPs7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f4.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z5MqMAHYzLFHvltGifX_Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sandhills.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Z5MqMAHYzLFHvltGifX_Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Jul 2024 22:14:39 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
favicon.ico
www.sandhills.com/ 		31 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.sandhills.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.58.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d

Request headers

Referer
https://www.sandhills.com/payment/payment/payment?id=i_11911155&crmid=29205138
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 09 Jul 2024 22:14:41 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 04 Jun 2024 18:41:18 GMT
server
cloudflare
age
0
etag
W/"01b61c9aeb6da1:0"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
image/x-icon
cache-control
public, max-age=31536000
cf-ray
8a0bab1b9ef2349d-WAW
expires
Wed, 09 Jul 2025 22:14:41 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| $ function| jQuery object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| GlobalPayments function| LoadStateCountryList function| ValidateForm object| cardForm function| SubmitPayment object| closure_lm_553042

6 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AB84SruVIgZKbOO9-lxXucnn0jZxO0hosxZqwSO3ce4WtaxTw-5HySG1q7MZzBuFxSCGG2ndMMz9wGk690PNhq4
www.sandhills.com/ Name: ASP.NET_SessionId
Value: pwwrtceqczzsku2dcqq40sgf
www.sandhills.com/ Name: USERID
Value: 133272819
www.sandhills.com/ Name: TRACKING
Value: SessionStarted=1&GUID=9f3d6f60cae14c7b9b9eba125804920b&UserReferrer=
www.sandhills.com/ Name: OriginalID
Value: 133272819
www.sandhills.com/ Name: BIGipServerwww.sandhills.com_http_pool
Value: 4185958592.20480.0000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

js.paygateway.com
media.sandhills.com
p.typekit.net
use.typekit.net
www.google.com
www.gstatic.com
www.sandhills.com
104.17.50.108
104.17.58.108
142.250.186.164
208.86.240.188
2a00:1450:4001:831::2003
2a02:26f0:3500:16::215:1495
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
0d1fcd33d270a8e9a9a3442b0f1182caea7cd4300a0094a4d4d99a812c0320cf
14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
5432473272cc47a44cbb612c1f10ca4fe85c543f6e926091d8caf8c5ed87f030
57b8ff59e4bc247523dcce03fe52f14578e3668720e727f345f32f248774279f
8c5fc51c121091d68c533700bb1dc334b60597d6236ad83da47158b48942a22b
a94f8a8553caea8430dd4ca3cc01d4e318d19828f74cb65453ffb7f5d9e2f44d
b4bc0d45ccd367ea5855060097c871265e23e929bac425bf4e2c0191eec12eeb
c6fccc33e5dff81e99ba642489acf090cccb20970b046dc325fb9a0aafccd0df
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
d02351d761c3cdca083de6c14776e3ed227ee339e5c785663b7a0b794431ed4b
dba9b88316f6c057da3869852d093a84de68784e6c7086b6d5188e2f58124f2b
dc46f67813f0909ad479fa269da4ee155ee5b11d1271953c3de118a050881d92
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
fcf9ad39a58bd521789931e384b831a9ce7bbe3b5f9a05bf02c352e1e60c7ebb