urlscan.io logo urlscan.io
SecurityTrails logo

paytolet.com Open in urlscan Pro
2606:4700:3036::ac43:8b54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://paytolet.net/
Effective URL: https://paytolet.com/public/
Submission: On June 30 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 111 IPs in 11 countries across 79 domains to perform 800 HTTP transactions. The main IP is 2606:4700:3036::ac43:8b54, located in United States and belongs to CLOUDFLARENET, US. The main domain is paytolet.com.
TLS certificate: Issued by GTS CA 1P5 on June 1st 2023. Valid for: 3 months.
This is the only time paytolet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 173.236.179.108 26347 (DREAMHOST-AS)
2 162 2606:4700:303... 13335 (CLOUDFLAR...)
41 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
2 52.186.64.46 8075 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 18.173.187.42 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.21.34.178 13335 (CLOUDFLAR...)
1 16 2606:4700::68... 13335 (CLOUDFLAR...)
14 2a00:1450:400... 15169 (GOOGLE)
4 2.23.197.188 16625 (AKAMAI-AS)
19 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 172.64.151.83 13335 (CLOUDFLAR...)
1 146.75.116.193 54113 (FASTLY)
9 172.217.16.195 15169 (GOOGLE)
1 162.159.153.247 13335 (CLOUDFLAR...)
6 39 2a02:6b8::1:119 208722 (GLOBAL_DC)
2 34.117.30.33 396982 (GOOGLE-CL...)
1 18.173.187.81 16509 (AMAZON-02)
4 2620:1ec:46::60 8075 (MICROSOFT...)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
1 18.66.192.18 16509 (AMAZON-02)
1 54.228.22.180 16509 (AMAZON-02)
2 167.71.57.196 14061 (DIGITALOC...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
6 2a00:1450:400... 15169 (GOOGLE)
5 20 2a00:1450:400... 15169 (GOOGLE)
4 12 2a00:1450:400... 15169 (GOOGLE)
1 3 142.250.185.130 15169 (GOOGLE)
4 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 52.202.107.26 14618 (AMAZON-AES)
2 91.228.74.200 16509 (AMAZON-02)
1 5 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 104.17.107.199 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
7 67.202.105.32 32748 (STEADFAST)
1 2a04:4e42:600... 54113 (FASTLY)
1 104.22.53.86 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 108.138.36.23 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 178.250.7.2 44788 (ASN-CRITE...)
3 18.173.154.84 16509 (AMAZON-02)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 18.173.154.96 16509 (AMAZON-02)
3 4 13.107.42.14 8068 (MICROSOFT...)
33 2a00:1450:400... 15169 (GOOGLE)
1 157.230.100.179 14061 (DIGITALOC...)
4 167.71.54.9 14061 (DIGITALOC...)
4 103.200.108.61 45530 (AGODA-TH-...)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 23.208.149.253 16625 (AKAMAI-AS)
2 142.250.185.138 15169 (GOOGLE)
1 18.66.97.30 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
8 20.114.190.119 8075 (MICROSOFT...)
2 52.31.229.177 16509 (AMAZON-02)
2 35.190.39.111 15169 (GOOGLE)
1 63.34.4.15 16509 (AMAZON-02)
3 162.19.138.82 16276 (OVH)
4 178.250.1.11 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.192.83.3 16509 (AMAZON-02)
2 104.19.154.83 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
9 3.66.11.96 16509 (AMAZON-02)
1 185.255.84.150 200271 (IGUANE-)
1 52.48.50.177 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a03:2880:f17... 32934 (FACEBOOK)
2 2606:4700:303... 13335 (CLOUDFLAR...)
55 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
12 2600:9000:225... 16509 (AMAZON-02)
3 104.21.85.249 13335 (CLOUDFLAR...)
1 88 2a00:1450:400... 15169 (GOOGLE)
3 142.250.184.194 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.64.154.204 13335 (CLOUDFLAR...)
4 2a01:4f9:6a:1... 24940 (HETZNER-AS)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 162.19.138.118 16276 (OVH)
27 2a00:1450:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.142 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 37.157.4.23 198622 (ADFORM)
6 172.217.16.194 15169 (GOOGLE)
1 1 108.138.36.108 16509 (AMAZON-02)
1 1 51.89.9.254 16276 (OVH)
1 1 108.128.58.243 16509 (AMAZON-02)
2 2 13.248.245.213 16509 (AMAZON-02)
1 185.86.138.152 201081 (SMARTADSE...)
15 2a00:1450:400... 15169 (GOOGLE)
2 85.14.248.72 24961 (MYLOC-AS ...)
800 111
2    173.236.179.108 (United States)

ASN26347 (DREAMHOST-AS, US)
PTR: apache2-igloo.flying.dreamhost.com
paytolet.net
www.paytolet.net
162    2606:4700:3036::ac43:8b54 (United States)

ASN13335 (CLOUDFLARENET, US)
paytolet.com
41    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:e0::ac40:6013 (United States)

ASN13335 (CLOUDFLARENET, US)
go.ezodn.com
g.ezodn.com
7    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
20    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    52.186.64.46 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
shown.io
1    2606:4700::6812:863b (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-scripts.com
1    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googleoptimize.com
5    18.173.187.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-42.muc50.r.cloudfront.net
widget.trustpilot.com
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cse.google.com
2    104.21.34.178 (None, )

ASN13335 (CLOUDFLARENET, US)
run.louassist.com
cdn.louassist.com
16    2606:4700::6811:3b8 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
14    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
4    2.23.197.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-188.deploy.static.akamaitechnologies.com
cdn0.agoda.net
cdn6.agoda.net
19    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
3    172.64.151.83 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
1    146.75.116.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.imgur.com
9    172.217.16.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f3.1e100.net
fonts.gstatic.com
1    162.159.153.247 (None, )

ASN13335 (CLOUDFLARENET, US)
a.quora.com
39    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
2    34.117.30.33 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 33.30.117.34.bc.googleusercontent.com
pageimprove.io
1    18.173.187.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-81.muc50.r.cloudfront.net
static.hotjar.com
4    2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
2    2606:4700:e0::ac40:6113 (United States)

ASN13335 (CLOUDFLARENET, US)
bshr.ezodn.com
1    18.66.192.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-18.muc50.r.cloudfront.net
invitejs.trustpilot.com
1    54.228.22.180 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-22-180.eu-west-1.compute.amazonaws.com
prod.api.adline.com
2    167.71.57.196 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn.webpushr.com
2    2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
6    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
20    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
12    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
www.googleadservices.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
11    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    52.202.107.26 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-107-26.compute-1.amazonaws.com
q.quora.com
2    91.228.74.200 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
1    2606:4700::6811:63ac (United States)

ASN13335 (CLOUDFLARENET, US)
js.usemessages.com
2    104.17.107.199 (None, )

ASN13335 (CLOUDFLARENET, US)
js.hscollectedforms.net
forms.hscollectedforms.net
1    2606:4700::6812:18c4 (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-banner.com
1    2606:4700::6810:8bce (United States)

ASN13335 (CLOUDFLARENET, US)
js.hs-analytics.net
1    2606:4700::6810:78be (United States)

ASN13335 (CLOUDFLARENET, US)
js.hsadspixel.net
7    67.202.105.32 (Palos Park, United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
de.tynt.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    104.22.53.86 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    108.138.36.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-23.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:225b:3a00:a:e047:753:be1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    18.173.154.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-84.muc50.r.cloudfront.net
script.hotjar.com
5    2606:4700:3031::6815:22b2 (United States)

ASN13335 (CLOUDFLARENET, US)
api.louassist.com
1    18.173.154.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-154-96.muc50.r.cloudfront.net
cdn.linkedin.oribi.io
4    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
33    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    157.230.100.179 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
bot.webpushr.com
4    167.71.54.9 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
analytics.webpushr.com
4    103.200.108.61 (Netherlands)

ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH)
sherpa.agoda.com
5    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    23.208.149.253 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-149-253.deploy.static.akamaitechnologies.com
chimpstatic.com
2    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
imasdk.googleapis.com
1    18.66.97.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-30.fra56.r.cloudfront.net
rules.quantcount.com
2    2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubspot.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
clients1.google.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
8    20.114.190.119 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
x.clarity.ms
2    52.31.229.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-229-177.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
id.crwdcntrl.net
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    63.34.4.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-4-15.eu-west-1.compute.amazonaws.com
in.hotjar.com
3    162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
4    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2606:4700::6811:c8cc (United States)

ASN13335 (CLOUDFLARENET, US)
api.hubapi.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    18.192.83.3 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-83-3.eu-central-1.compute.amazonaws.com
videosvc.ezoic.com
2    104.19.154.83 (None, )

ASN13335 (CLOUDFLARENET, US)
track.hubspot.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
9    3.66.11.96 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    185.255.84.150 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    52.48.50.177 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-50-177.eu-west-1.compute.amazonaws.com
content.hotjar.io
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
3    2606:4700::6811:d2f3 (United States)

ASN13335 (CLOUDFLARENET, US)
forms.hsforms.com
5    2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700:3032::6815:55f9 (United States)

ASN13335 (CLOUDFLARENET, US)
video-meta.humix.com
55    2606:4700:3031::ac43:d4fd (United States)

ASN13335 (CLOUDFLARENET, US)
streaming.humix.com
1    2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    2600:9000:225e:8200:6:25cd:c280:93a1 (United States)

ASN16509 (AMAZON-02, US)
viewer.louassist.com
3    104.21.85.249 (None, )

ASN13335 (CLOUDFLARENET, US)
streaming.humix.com
88    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
www.googletagservices.com
3    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    172.64.154.204 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
4    2a01:4f9:6a:18ae::2 (Germany)

ASN24940 (HETZNER-AS, DE)
t.adline.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    162.19.138.118 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533569.ip-162-19-138.eu
lb.eu-1-id5-sync.com
27    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    2404:6800:4003:c03::78 (Singapore)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
5    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
1    142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net
encrypted-tbn0.gstatic.com
1    2a02:fa8:8806:20::2040 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
6    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
cm.g.doubleclick.net
1    108.138.36.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-108.muc50.r.cloudfront.net
s.ad.smaato.net
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    108.128.58.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-58-243.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
15    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    85.14.248.72 (Mülheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
Apex Domain
Subdomains		 Transfer
162 paytolet.com
paytolet.com
2 MB
112 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
856 KB
88 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 216
googleads.g.doubleclick.net — Cisco Umbrella Rank: 57
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
pubads.g.doubleclick.net — Cisco Umbrella Rank: 417
cm.g.doubleclick.net — Cisco Umbrella Rank: 254
429 KB
74 google.com
cse.google.com — Cisco Umbrella Rank: 3820
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1670
www.google.com — Cisco Umbrella Rank: 10
region1.analytics.google.com — Cisco Umbrella Rank: 2556
adservice.google.com — Cisco Umbrella Rank: 113
clients1.google.com — Cisco Umbrella Rank: 661
241 KB
60 humix.com
video-meta.humix.com — Cisco Umbrella Rank: 37624
streaming.humix.com — Cisco Umbrella Rank: 27218
2 MB
36 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9422
5 KB
22 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn0.gstatic.com
370 KB
20 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
714 KB
19 louassist.com
run.louassist.com — Cisco Umbrella Rank: 322345
api.louassist.com — Cisco Umbrella Rank: 212850
cdn.louassist.com — Cisco Umbrella Rank: 351404
viewer.louassist.com — Cisco Umbrella Rank: 205793
561 KB
16 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 5263
490 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 391
327 KB
14 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1040
x.clarity.ms — Cisco Umbrella Rank: 8804
c.clarity.ms — Cisco Umbrella Rank: 1589
32 KB
11 google.de
www.google.de — Cisco Umbrella Rank: 4752
963 B
10 tynt.com
cdn.tynt.com — Cisco Umbrella Rank: 14304
sc.tynt.com — Cisco Umbrella Rank: 20386
ic.tynt.com — Cisco Umbrella Rank: 6199
de.tynt.com — Cisco Umbrella Rank: 1868
35 KB
9 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1344
1 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
imasdk.googleapis.com — Cisco Umbrella Rank: 500
352 KB
7 webpushr.com
cdn.webpushr.com — Cisco Umbrella Rank: 30705
bot.webpushr.com — Cisco Umbrella Rank: 48146
analytics.webpushr.com — Cisco Umbrella Rank: 37289
25 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
42 KB
6 trustpilot.com
widget.trustpilot.com — Cisco Umbrella Rank: 4738
invitejs.trustpilot.com — Cisco Umbrella Rank: 13507
38 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
393 B
5 bing.com
bat.bing.com — Cisco Umbrella Rank: 390
c.bing.com — Cisco Umbrella Rank: 258
15 KB
5 adline.com
prod.api.adline.com — Cisco Umbrella Rank: 446023
t.adline.com — Cisco Umbrella Rank: 477673
15 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 753
script.hotjar.com — Cisco Umbrella Rank: 1081
in.hotjar.com — Cisco Umbrella Rank: 5711
112 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 205
225 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 405
7 KB
4 hubspot.com
api.hubspot.com — Cisco Umbrella Rank: 5014
track.hubspot.com — Cisco Umbrella Rank: 2542
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
332 KB
4 agoda.com
sherpa.agoda.com — Cisco Umbrella Rank: 176674
219 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 414
www.linkedin.com — Cisco Umbrella Rank: 544
4 KB
4 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 808
id5-sync.com — Cisco Umbrella Rank: 423
26 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 169
partner.googleadservices.com — Cisco Umbrella Rank: 1129
4 KB
4 agoda.net
cdn0.agoda.net — Cisco Umbrella Rank: 43153
cdn6.agoda.net — Cisco Umbrella Rank: 38305
85 KB
4 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 10646
g.ezodn.com — Cisco Umbrella Rank: 12609
bshr.ezodn.com — Cisco Umbrella Rank: 11204
195 KB
3 hsforms.com
forms.hsforms.com — Cisco Umbrella Rank: 4527
3 KB
3 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1385
google-bidout-d.openx.net — Cisco Umbrella Rank: 1388
674 B
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1002
bcp.crwdcntrl.net — Cisco Umbrella Rank: 959
id.crwdcntrl.net — Cisco Umbrella Rank: 3180
12 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3245
75 KB
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11731
120 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 422
949 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 633
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1574
24 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1531
315 B
2 hscollectedforms.net
js.hscollectedforms.net — Cisco Umbrella Rank: 5002
forms.hscollectedforms.net — Cisco Umbrella Rank: 5136
26 KB
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1250
pixel.quantserve.com — Cisco Umbrella Rank: 1003
10 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 914
6 KB
2 pageimprove.io
pageimprove.io — Cisco Umbrella Rank: 62834
5 KB
2 quora.com
a.quora.com — Cisco Umbrella Rank: 9462
q.quora.com — Cisco Umbrella Rank: 4238
15 KB
2 shown.io
shown.io
4 KB
2 paytolet.net
paytolet.net
www.paytolet.net
198 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 922
75 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 688
606 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 857
338 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 822
444 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3235
104 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1098
399 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2437
305 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2470
550 B
1 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1576
311 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 325
17 KB
1 hotjar.io
content.hotjar.io — Cisco Umbrella Rank: 6111
161 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3835
701 B
1 ezoic.com
videosvc.ezoic.com — Cisco Umbrella Rank: 28322
616 B
1 hubapi.com
api.hubapi.com — Cisco Umbrella Rank: 3795
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1172
633 B
1 chimpstatic.com
chimpstatic.com — Cisco Umbrella Rank: 5209
1 KB
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1031
376 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 568
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1568
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1516
2 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1401
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 368
877 B
1 hsadspixel.net
js.hsadspixel.net — Cisco Umbrella Rank: 3599
3 KB
1 hs-analytics.net
js.hs-analytics.net — Cisco Umbrella Rank: 2425
21 KB
1 hs-banner.com
js.hs-banner.com — Cisco Umbrella Rank: 2438
64 KB
1 usemessages.com
js.usemessages.com — Cisco Umbrella Rank: 5222
22 KB
1 imgur.com
i.imgur.com — Cisco Umbrella Rank: 6697
2 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1174
7 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1191
49 KB
1 hs-scripts.com
js.hs-scripts.com — Cisco Umbrella Rank: 2680
1 KB
800 79
Domain Requested by
162 paytolet.com 2 redirects paytolet.com
static.cloudflareinsights.com
88 tpc.googlesyndication.com 1 redirects paytolet.com
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
cdn.ampproject.org
58 streaming.humix.com paytolet.com
41 securepubads.g.doubleclick.net paytolet.com
securepubads.g.doubleclick.net
36 mc.yandex.com 4 redirects paytolet.com
mc.yandex.ru
33 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
27 pubads.g.doubleclick.net imasdk.googleapis.com
20 www.google.com 5 redirects cse.google.com
paytolet.com
www.google.com
tpc.googlesyndication.com
20 www.googletagmanager.com paytolet.com
www.googleoptimize.com
prod.api.adline.com
sherpa.agoda.com
www.googletagmanager.com
19 pagead2.googlesyndication.com paytolet.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
securepubads.g.doubleclick.net
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
www.googletagservices.com
16 challenges.cloudflare.com 1 redirects paytolet.com
challenges.cloudflare.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
14 fundingchoicesmessages.google.com paytolet.com
12 viewer.louassist.com cdn.louassist.com
viewer.louassist.com
12 googleads.g.doubleclick.net 4 redirects www.googletagmanager.com
pagead2.googlesyndication.com
paytolet.com
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
11 www.google.de paytolet.com
9 btlr.sharethrough.com go.ezodn.com
9 fonts.gstatic.com fonts.googleapis.com
8 x.clarity.ms www.clarity.ms
7 fonts.googleapis.com paytolet.com
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
viewer.louassist.com
securepubads.g.doubleclick.net
6 cm.g.doubleclick.net 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
paytolet.com
5 encrypted-tbn3.gstatic.com 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
5 www.facebook.com paytolet.com
5 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
paytolet.com
5 api.louassist.com run.louassist.com
cdn.louassist.com
viewer.louassist.com
5 ic.tynt.com paytolet.com
5 widget.trustpilot.com paytolet.com
widget.trustpilot.com
4 t.adline.com prod.api.adline.com
4 www.googletagservices.com paytolet.com
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
4 gum.criteo.com static.criteo.net
gum.criteo.com
go.ezodn.com
4 connect.facebook.net paytolet.com
connect.facebook.net
4 sherpa.agoda.com cdn0.agoda.net
sherpa.agoda.com
4 analytics.webpushr.com cdn.webpushr.com
4 bat.bing.com www.googletagmanager.com
bat.bing.com
paytolet.com
4 region1.analytics.google.com www.googletagmanager.com
4 www.clarity.ms paytolet.com
www.clarity.ms
bat.bing.com
3 www.gstatic.com 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
3 forms.hsforms.com paytolet.com
js.hscollectedforms.net
3 id5-sync.com cdn.id5-sync.com
go.ezodn.com
3 px.ads.linkedin.com 2 redirects paytolet.com
3 script.hotjar.com static.hotjar.com
script.hotjar.com
paytolet.com
3 www.googleadservices.com 1 redirects www.googletagmanager.com
3 mc.yandex.ru 2 redirects paytolet.com
3 cdn0.agoda.net paytolet.com
sherpa.agoda.com
2 m.exactag.com paytolet.com
2 eb2.3lift.com 2 redirects
2 c1.adform.net 2 redirects
2 encrypted-tbn1.gstatic.com 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
2 csi.gstatic.com imasdk.googleapis.com
2 c.clarity.ms 1 redirects
2 video-meta.humix.com paytolet.com
2 script.4dex.io go.ezodn.com
script.4dex.io
2 track.hubspot.com paytolet.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 oajs.openx.net 1 redirects paytolet.com
2 api.hubspot.com js.usemessages.com
2 imasdk.googleapis.com paytolet.com
imasdk.googleapis.com
2 de.tynt.com cdn.tynt.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 snap.licdn.com paytolet.com
snap.licdn.com
2 cdn.webpushr.com paytolet.com
2 bshr.ezodn.com paytolet.com
2 pageimprove.io paytolet.com
pageimprove.io
2 cdn.tynt.com paytolet.com
2 cse.google.com paytolet.com
www.google.com
2 shown.io paytolet.com
1 ssbsync.smartadserver.com 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
1 ads.yieldmo.com 1 redirects
1 onetag-sys.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 dclk-match.dotomi.com 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
1 encrypted-tbn0.gstatic.com 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
1 lb.eu-1-id5-sync.com go.ezodn.com
1 id.crwdcntrl.net go.ezodn.com
1 id.hadron.ad.gt go.ezodn.com
1 id.a-mx.com go.ezodn.com
1 c.bing.com 1 redirects
1 capi.connatix.com paytolet.com
1 s0.2mdn.net imasdk.googleapis.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 content.hotjar.io script.hotjar.com
1 forms.hscollectedforms.net js.hscollectedforms.net
1 hb-api.omnitagjs.com go.ezodn.com
1 videosvc.ezoic.com paytolet.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pixel.quantserve.com paytolet.com
1 api.hubapi.com js.hsadspixel.net
1 in.hotjar.com script.hotjar.com
1 cdn.louassist.com run.louassist.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 clients1.google.com paytolet.com
1 rules.quantcount.com secure.quantserve.com
1 cdn6.agoda.net sherpa.agoda.com
1 chimpstatic.com paytolet.com
1 bot.webpushr.com cdn.webpushr.com
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.jsdelivr.net securepubads.g.doubleclick.net
1 js.hsadspixel.net js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hscollectedforms.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 secure.quantserve.com paytolet.com
1 sc.tynt.com cdn.tynt.com
1 q.quora.com paytolet.com
1 prod.api.adline.com paytolet.com
1 invitejs.trustpilot.com paytolet.com
1 static.hotjar.com paytolet.com
1 a.quora.com paytolet.com
1 i.imgur.com paytolet.com
1 static.cloudflareinsights.com paytolet.com
1 g.ezodn.com paytolet.com
1 run.louassist.com paytolet.com
1 www.googleoptimize.com paytolet.com
1 js.hs-scripts.com paytolet.com
1 go.ezodn.com paytolet.com
1 www.paytolet.net 1 redirects
1 paytolet.net 1 redirects
800 126
Subject Issuer Validity Valid
paytolet.com
GTS CA 1P5		 2023-06-01 -
2023-08-30		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
ezodn.com
E1		 2023-05-04 -
2023-08-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
blog.shown.io
R3		 2023-05-29 -
2023-08-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-03 -
2024-05-02		 a year crt.sh
*.trustpilot.com
Amazon RSA 2048 M02		 2023-02-02 -
2024-03-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
louassist.com
E1		 2023-05-06 -
2023-08-04		 3 months crt.sh
*.agoda.net
GeoTrust RSA CA 2018		 2022-11-22 -
2023-11-24		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-13 -
2024-03-12		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
quora.com
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2023-03-17 -
2023-08-27		 5 months crt.sh
pageimprove.io
GTS CA 1D4		 2023-05-12 -
2023-08-10		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
adline.com
Amazon RSA 2048 M02		 2023-05-03 -
2024-05-31		 a year crt.sh
*.webpushr.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-11 -
2024-05-17		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.quora.com
R3		 2023-06-21 -
2023-09-19		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
agoda.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-09-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-08 -
2023-07-07		 3 months crt.sh
wildcardsan.us15.list-manage.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-15 -
2023-11-15		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
quantserve.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3		 2023-02-05 -
2024-02-05		 a year crt.sh
challenges.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-18 -
2023-09-17		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-12 -
2023-08-10		 3 months crt.sh
hubapi.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.ezoic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-04-14 -
2024-05-14		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M02		 2023-03-02 -
2024-03-30		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
video-meta.humix.com
E1		 2023-05-10 -
2023-08-08		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.louassist.com
Amazon RSA 2048 M02		 2023-04-09 -
2024-05-08		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
t.adline.com
R3		 2023-06-20 -
2023-09-18		 3 months crt.sh
a-mx.com
E1		 2023-06-29 -
2023-09-27		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-19 -
2023-09-15		 a year crt.sh

This page contains 29 frames:

Primary Page: https://paytolet.com/public/
Frame ID: 4F49F628AB8E851D7C8B8F8B98CABE23
Requests: 545 HTTP requests in this frame

Frame: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F1B19DDC310005D2E560CE1C4EC4CBA0
Requests: 1 HTTP requests in this frame

Frame: https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
Frame ID: 078E0FFA6B1F52CF470E2E6EC863B866
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Frame ID: 13484A23BCEDD8CF51DFF623D5F97F98
Requests: 1 HTTP requests in this frame

Frame: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6A6534BCDE2AA674BBA32E24CB46EAAC
Requests: 1 HTTP requests in this frame

Frame: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=636bea1d08d05ff86ad01723
Frame ID: A82E9418E9043A0407B134461FC1C89B
Requests: 4 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/_X4xQN1n_XCohKJ/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
Frame ID: F2898A940AB8A8F4C4E75134BF2837E3
Requests: 20 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paytolet.com&us_privacy=1---
Frame ID: 4D83DFBED0030E83F699D5958DD7811C
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 2593DB7AEA61B7CD53421BFD1A82823C
Requests: 1 HTTP requests in this frame

Frame: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 39DF93DBE2B26065FDEAAC0124F91294
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Frame ID: CCEFDD3651DD70C162CB7ECAA8E67D1D
Requests: 30 HTTP requests in this frame

Frame: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Frame ID: A0CBBD987DCA1C1DE3565246923AF95B
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Frame ID: 8381E0489D712E65BECDC1AC27D64555
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js
Frame ID: 0E3B75AE6AB197064163172EC5683162
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1354569B721590543B294066C2F2164D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 715BFE3D82F667CAF8BA06BC02DC013D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3EDA37252263E835BFF2A1FA7BA1DC5F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAB77A4F60AAC391DAF641B8A73FB2CE
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 99D026F7024D8651A87F56F3CDC1F82F
Requests: 1 HTTP requests in this frame

Frame: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 42F9575284A59D46CE6A6DEDA15FABBC
Requests: 8 HTTP requests in this frame

Frame: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5B466DB606E0132669E6B7B6B7879176
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Frame ID: 26C779D61F14DBFE16891BF638045189
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Frame ID: A8D97F74E4B0AA3508CBD85C034C9451
Requests: 23 HTTP requests in this frame

Frame: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1DF8B653B775F0861F2A13787C3FC08A
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0902CB10A53E9750B6B0EF770A7D9A9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Frame ID: 33C530E6B1CE46C405CAD2DA6FC2A846
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Frame ID: D6FDB8CE968AC2977BBB47EF8338F7E2
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Frame ID: F05FD606ECD00133666A1EA9B0968DD5
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Frame ID: 8D8BE57A1173FD822AB7D92B055000E9
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PaytoLet - Search Engine For Real EstateSoftware Developer, Applicationssearch

Page URL History Show full URLs

  1. https://paytolet.net/ HTTP 301
    https://www.paytolet.net/ HTTP 302
    https://paytolet.com/ HTTP 301
    https://paytolet.com/public HTTP 301
    https://paytolet.com/public/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.louassist\.com*
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • js\.hs-analytics\.net/analytics
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • chimpstatic\.com/mcjs-connected
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

800
Requests

96 %
HTTPS

48 %
IPv6

79
Domains

126
Subdomains

111
IPs

11
Countries

10385 kB
Transfer

22535 kB
Size

94
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://paytolet.net/ HTTP 301
    https://www.paytolet.net/ HTTP 302
    https://paytolet.com/ HTTP 301
    https://paytolet.com/public HTTP 301
    https://paytolet.com/public/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://challenges.cloudflare.com/turnstile/v0/api.js HTTP 302
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
Request Chain 135
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/?random=22240904&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=c8WeZM7QEZSSygXi1aWgCA&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzJrVTVXcURZNGpGb21mWEpnUW5vRUhUSHZpQnlXYTYxbGVBWUdsTlhwSEZWWTl6VDB5OUNxRSITCI7W6cL66v8CFRSJsgod4moJhA HTTP 302
  • https://www.google.com/pagead/1p-conversion/10850344926/?random=22240904&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzJrVTVXcURZNGpGb21mWEpnUW5vRUhUSHZpQnlXYTYxbGVBWUdsTlhwSEZWWTl6VDB5OUNxRSITCI7W6cL66v8CFRSJsgod4moJhA&is_vtc=1&ocp_id=c8WeZM7QEZSSygXi1aWgCA&cid=CAQSKQBygQiDmC6IErsXqfzTdECRPBhsIAZIhbIukH3l_Cius-Ow48WMQqFz&random=1036975859 HTTP 302
  • https://www.google.de/pagead/1p-conversion/10850344926/?random=22240904&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzJrVTVXcURZNGpGb21mWEpnUW5vRUhUSHZpQnlXYTYxbGVBWUdsTlhwSEZWWTl6VDB5OUNxRSITCI7W6cL66v8CFRSJsgod4moJhA&is_vtc=1&ocp_id=c8WeZM7QEZSSygXi1aWgCA&cid=CAQSKQBygQiDmC6IErsXqfzTdECRPBhsIAZIhbIukH3l_Cius-Ow48WMQqFz&random=1036975859&ipr=y
Request Chain 136
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/?random=2101720508&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=c8WeZPvEEcmSygXSiLrgAg&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzNFTFNiYV9ILU9EYTFCbXd1WHFFWTRUbUVjNEhIbVVfUmYzZEd1T0FCNnZWdG4zSUxNaUVJVSITCLvK6cL66v8CFUmJsgodUoQOLA HTTP 302
  • https://www.google.com/pagead/1p-conversion/10850344926/?random=2101720508&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzNFTFNiYV9ILU9EYTFCbXd1WHFFWTRUbUVjNEhIbVVfUmYzZEd1T0FCNnZWdG4zSUxNaUVJVSITCLvK6cL66v8CFUmJsgodUoQOLA&is_vtc=1&ocp_id=c8WeZPvEEcmSygXSiLrgAg&cid=CAQSKQBygQiDUuokqzL9CVq-xHX-qi7crSVYXNS6zfFEsDTSBcCMxt_PKxWF&random=1426697551 HTTP 302
  • https://www.google.de/pagead/1p-conversion/10850344926/?random=2101720508&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzNFTFNiYV9ILU9EYTFCbXd1WHFFWTRUbUVjNEhIbVVfUmYzZEd1T0FCNnZWdG4zSUxNaUVJVSITCLvK6cL66v8CFUmJsgodUoQOLA&is_vtc=1&ocp_id=c8WeZPvEEcmSygXSiLrgAg&cid=CAQSKQBygQiDUuokqzL9CVq-xHX-qi7crSVYXNS6zfFEsDTSBcCMxt_PKxWF&random=1426697551&ipr=y
Request Chain 137
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10050.oWe9YOIJv_HpK5ZVPeCMHRTUC_panTVpn8TuJRsQnbPATOoYCL4B6YmXfSVvUDBq.-YzEvFIA_D8prxetRBoB16zd-z8%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10050.4ANhYQyLRt7_iQHUetQjQ7ZENW5IulavFgvU8Jr0JNVfOhEl9N__wd-pgjLKnkK3QDGdf1oeg1rPyNYt1DohcDoHUc6Xh53dLhTJzumZLW4%2C.JakZ4jr61-kykVRMehlnnQFvhtY%2C
Request Chain 141
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4624961&time=1688126835533&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4624961&time=1688126835533&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4624961%26time%3D1688126835533%26url%3Dhttps%253A%252F%252Fpaytolet.com%252Fpublic%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4624961&time=1688126835533&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&cookiesTest=true&liSync=true
Request Chain 203
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rid=esp&cc=1
Request Chain 270
  • https://mc.yandex.com/watch/89229263?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A0%3Als%3A1395123191021%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120715%3Aet%3A1688126835%3Ac%3A1%3Arn%3A190740643%3Arqn%3A1%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C501%2C14%2C1559%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688126832447%3Arqnl%3A1%3Ast%3A1688126837%3At%3APaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&t=gdpr(14%2C14)clc(0-0-0)rqnt(1)aw(1)ecs(0)ti(1) HTTP 302
  • https://mc.yandex.com/watch/89229263/1?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A0%3Als%3A1395123191021%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120715%3Aet%3A1688126835%3Ac%3A1%3Arn%3A190740643%3Arqn%3A1%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C501%2C14%2C1559%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688126832447%3Arqnl%3A1%3Ast%3A1688126837%3At%3APaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29
Request Chain 271
  • https://mc.yandex.com/watch/90663950?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1629049244660%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120715%3Aet%3A1688126835%3Ac%3A1%3Arn%3A64679154%3Arqn%3A1%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C501%2C14%2C1559%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688126832447%3Arqnl%3A1%3Ast%3A1688126837%3At%3APaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ecs(0)ti(1) HTTP 302
  • https://mc.yandex.com/watch/90663950/1?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1629049244660%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120715%3Aet%3A1688126835%3Ac%3A1%3Arn%3A64679154%3Arqn%3A1%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C501%2C14%2C1559%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688126832447%3Arqnl%3A1%3Ast%3A1688126837%3At%3APaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29
Request Chain 291
  • https://www.googleadservices.com/pagead/conversion/171-127-6666/?guid=ON&random=1688127512718&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&ig=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/171-127-6666/?guid=ON&random=1153242463&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=dcWeZJ3RJ8mbywW5q6qIDg&sscte=1&crd=&pscrd=IhMI3d_5w_rq_wIVyc2yCh25lQrh HTTP 302
  • https://www.google.com/pagead/1p-conversion/171-127-6666/?guid=ON&random=1153242463&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI3d_5w_rq_wIVyc2yCh25lQrh&is_vtc=1&ocp_id=dcWeZJ3RJ8mbywW5q6qIDg&cid=CAQSKQBygQiDbqbNGGjHl8Fb1phVc3O-2-GrE1EGGAw__PMnswCf_M-Dg4tH&random=1715598816 HTTP 302
  • https://www.google.de/pagead/1p-conversion/171-127-6666/?guid=ON&random=1153242463&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI3d_5w_rq_wIVyc2yCh25lQrh&is_vtc=1&ocp_id=dcWeZJ3RJ8mbywW5q6qIDg&cid=CAQSKQBygQiDbqbNGGjHl8Fb1phVc3O-2-GrE1EGGAw__PMnswCf_M-Dg4tH&random=1715598816&ipr=y
Request Chain 292
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/171-127-6666/?guid=ON&random=1688127512718&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&ig=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/171-127-6666/?guid=ON&random=1688127512718&fst=1688126400000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&is_vtc=1&random=270818670 HTTP 302
  • https://www.google.de/pagead/1p-user-list/171-127-6666/?guid=ON&random=1688127512718&fst=1688126400000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&is_vtc=1&random=270818670&ipr=y
Request Chain 322
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10050.X6QVogJiiuHdqgL3FYqfcQSl6A-yqS1fhZFMb8NG26-nSVe1fsyHTNS1Nt-HJtRB.gMxk6EDNx-c9jmdZopiNuZToN6U%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10050.V_zW4Kgm_ipQKgrct-WGX290Kkz2WAlkdThftMansdB573fx-X-R-Ai_zPZNejPyG5o_6dilwSgjjqAuV4pN28JQ4VUFkUr07ZL4yXMJet0%2C.hqIbyQ_5jZAjwBMSg6QGIqZcb1Y%2C
Request Chain 387
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 424
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A999AE30A2064AD3A5569C2901E2E9DE&RedC=c.clarity.ms&MXFR=1CD170DAB627607E01C2639AB2276EF9 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A999AE30A2064AD3A5569C2901E2E9DE&MUID=1C29AC446E666A481DE4BF046F666B96
Request Chain 579
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_ooumEBCEBxiEBzIIP3Yfw9-gWnI HTTP 301
  • https://tpc.googlesyndication.com/simgad/7277659859941093506
Request Chain 581
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENiEztaUYPK-WaFuybbPWVc&google_cver=1&google_push=AaAOQGFWiXQ3HjUw0XjVlt5ZrBBFdn5d1fPgPQ4OrEv3eNezyBa322wmzZc3jpPr_NAlbaAy6YrqXNcTNSNOcxnP5jR7QnYZWj5SLw HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENiEztaUYPK-WaFuybbPWVc&google_cver=1&google_push=AaAOQGFWiXQ3HjUw0XjVlt5ZrBBFdn5d1fPgPQ4OrEv3eNezyBa322wmzZc3jpPr_NAlbaAy6YrqXNcTNSNOcxnP5jR7QnYZWj5SLw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUyMDQxMTg2NzI2OTcwMDAxNQ&google_push=AaAOQGFWiXQ3HjUw0XjVlt5ZrBBFdn5d1fPgPQ4OrEv3eNezyBa322wmzZc3jpPr_NAlbaAy6YrqXNcTNSNOcxnP5jR7QnYZWj5SLw
Request Chain 582
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF4aRJc1mPtUiriaPkVGIqI&google_cver=1&google_push=AaAOQGEoCeuXRWO7rl_sRJumgzHKlt2RVSZvjlE3RrTeCMyPM2froTgjaJlSIVQ2NfEMFMoMSUP4UqOH-APM4ld6A5z9eEUO2D4hjw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEoCeuXRWO7rl_sRJumgzHKlt2RVSZvjlE3RrTeCMyPM2froTgjaJlSIVQ2NfEMFMoMSUP4UqOH-APM4ld6A5z9eEUO2D4hjw
Request Chain 583
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC0kDEToVEGFQ7ZeC-OGhc4&google_cver=1&google_push=AaAOQGERIapCMqFlJu8GVaqyRDdiktbZFfmc9V4l09IiE0mEnjEcsNmvjlVcMNYCKvoeiqOoCxK5Rka5ZNrkhSTSnTY6B7AiXE_9wQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGERIapCMqFlJu8GVaqyRDdiktbZFfmc9V4l09IiE0mEnjEcsNmvjlVcMNYCKvoeiqOoCxK5Rka5ZNrkhSTSnTY6B7AiXE_9wQ
Request Chain 584
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEFymyGqiHEpLNr4zNAH1kvg&google_cver=1&google_push=AaAOQGGqD_9uCeOf-etuuSGwarfqXhqN49okmLFddDNmAOL7-WXWsM1urx_uptgrwAHIJtMKU2qVg3xoRG_bNJZKmhS3ARFgNDVNtA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGGqD_9uCeOf-etuuSGwarfqXhqN49okmLFddDNmAOL7-WXWsM1urx_uptgrwAHIJtMKU2qVg3xoRG_bNJZKmhS3ARFgNDVNtA&google_hm=ZzdmZTAxOTkyMWU1NTEzNTljZGM=
Request Chain 585
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGXn7E0UDhvxEYEihZFmJS0&google_cver=1&google_push=AaAOQGHMXmy3EnqKc2WROCvjFuGCBr1G3uz923uD2tcRtGPZo8kAedDw0ZCiv11VOuhbECVMWmVKvmXEi2YbeeBjieOauPzfAd3XRg HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGHMXmy3EnqKc2WROCvjFuGCBr1G3uz923uD2tcRtGPZo8kAedDw0ZCiv11VOuhbECVMWmVKvmXEi2YbeeBjieOauPzfAd3XRg&google_gid=CAESEGXn7E0UDhvxEYEihZFmJS0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODk4Njc3MjQ2MTY4MjIzMDkwODA0&google_push=AaAOQGHMXmy3EnqKc2WROCvjFuGCBr1G3uz923uD2tcRtGPZo8kAedDw0ZCiv11VOuhbECVMWmVKvmXEi2YbeeBjieOauPzfAd3XRg

800 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
paytolet.com/public/
Redirect Chain
  • https://paytolet.net/
  • https://www.paytolet.net/
  • https://paytolet.com/
  • https://paytolet.com/public
  • https://paytolet.com/public/
151 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0451f74381336c61c20fd584fa5882aba2797c5cb890a751ddcf77000dc8eab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

activated-license
No
alt-svc
h3=":443"; ma=86400
authorization-at
2023-06-26 15:43:41
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7df649a88fbd6969-FRA
cms-version
5.22
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 30 Jun 2023 12:07:14 GMT
display
pub_site_sol
expires
Thu, 29 Jun 2023 12:07:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dbCaRsxCfaWpIC7d5JVVdsgo23ydWh9aDDzcrB%2FBiBv9U3B31cFjAvDPpMq75EQ3ztFr02ED6gzm%2BKv86r%2Fxc0dv2lF5qelQCJDcqYwtKN6H2RHdLMYKlRWDgnAYN1QCwoEGt%2FCmRXsVEo%3D"}],"group":"cf-nel","max_age":604800}
response
200
server
cloudflare
vary
Accept-Encoding,User-Agent
x-ez-proxy-out
true 2.4
x-middleton-display
pub_site_sol
x-middleton-response
200
x-sol
pub_site

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status
DYNAMIC
cf-ray
7df649a7ed833683-FRA
content-type
text/html
date
Fri, 30 Jun 2023 12:07:13 GMT
display
staticcontent_sol
expires
Thu, 29 Jun 2023 12:07:13 GMT
location
https://paytolet.com/public/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed
off
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zarx1VF6z1iERPEVD9HSsuiU%2BlWkwg1ARI5D5jzxXd457FEPmNveG55jtjOAX0lKgUrYr6uyp4VajzatoCraJHO9w8y%2FzsZsj3cCcOjVyOkSD7x%2FLIa7Hg3OmPb4DwHTxELpvVP4VC%2BfNOI%3D"}],"group":"cf-nel","max_age":604800}
response
301
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
x-ez-proxy-out
true 2.4
x-middleton-display
staticcontent_sol
x-middleton-response
301
x-sol
pub_site
YKotlbUugk7jYuEHrqaUA9nyfKE.js
paytolet.com/cdn-cgi/apps/head/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/cdn-cgi/apps/head/YKotlbUugk7jYuEHrqaUA9nyfKE.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b87719151eca45300607bfb5ce4cb83936e03fbddcde5804a5dc82466caaa41f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
x-amz-version-id
zFYCRKgZLYIhFyz1Ng4Aw__bTVTBqik8
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
A263ATCWNSBC0FF5
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Jr9RACPCTfhSLxLY1XxF1TvqKpOIKNAx43JzsmLEU6rG/JsppdE9cgy3utTM6nVVaqQUNTtvxSY=
last-modified
Thu, 01 Dec 2022 16:36:53 GMT
server
cloudflare
etag
W/"d3f928733e7ea9cc1a84cb72059ef650"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzIUGYeISq3j3SD%2FoyAFSQ%2FqPaF4hfZAX0O3IXCbZVOg4DtPIp6vTLZ1X5byNxZuxJckvKmWL%2Fkmj8w%2BEJyyGUBiO0LxvY9wSpxygznv2xFptnGqzV6YmdS%2FPstS4WCZ35UEy%2FX2jydcCGM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7df649abbb486969-FRA
priority
u=1,i=?0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f9db612fd3adedd4f27a60dfdaa3b2b4a13bcd84017e37e77d5f5de6a6e206b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26200
x-xss-protection
0
server
cafe
etag
776 / 19538 / m202306270101 / config-hash: 327100832698525116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:07:14 GMT
dall.js
go.ezodn.com/hb/ 		633 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezodn.com/hb/dall.js?cb=195-3-57
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6013 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0730ea662702384bb01abf66275bab7f70f4b8edad0eee15c9a8948a5d5f5cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Jun 2023 19:15:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
147126
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bdf6cHfGm8zBT2d2iiCldId67xrqq1%2Bg1QJ36LEXEnZ%2FJqc1%2BXf2gxz0DqOCbj7ssSVUxi7wD9qlSghnUazac2GN12FQolgrBZNssmDLMzAyxQQBU6rwy788mAiCwyfGF2xdVyeuZzo1YHc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7df649abfb4c92b1-FRA
alt-svc
h3=":443"; ma=86400
fads.js
paytolet.com/porpoiseant/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/fads.js?gcb=195-3&cb=13
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176471cf6c6210cc282a628c344d44cdf27d2075e4e2d5ef0d091af79173f8e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 30 Jun 2023 12:07:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BBD1leA66yZPLEGyAVnZV%2Fm0rwdLnjlFJK1yfIn%2B1J3B8JnEgkjQyA5zVAi9wI7TiPCWh2cAU7D%2FyiGoareEH%2BN1wbpN1%2BkCq%2FxTJzEGKSUcY0%2FlzuQCe1xCm74cMjdzDU%2BeF6YKSSy%2BRI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649abbb4b6969-FRA
priority
u=1,i=?0
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,600,700,800
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
10aaf73f31ab25828a27beb5bf50301863420db57554a90bc4a81af9b8cfaf6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 12:07:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jun 2023 12:07:14 GMT
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-218196865-1
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
08c90b7cd3f93c373d46273217219fab21ca81b5fc8da98db354390507d1e5b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48171
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:14 GMT
language-public.css
paytolet.com/vendor/core/plugins/language/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/vendor/core/plugins/language/css/language-public.css?v=1.0.0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b345162c62821f7a2dcc09537ac03c899f788dce86248535f17d446085ec3af3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
453693
cf-polished
origSize=1975
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Fri, 28 Jan 2022 01:33:55 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SfpPaIU5pRlj1EMpV%2FCi5yFSWM7Pd0Mb2A7CE1l%2BjKJQjqhRQ0gkEgsbrFU6FLbXQWQrljWgDHPX3q5B1G%2FdyaUZGjNcPCWVpc6uywwvbbrOlVYNLqQDJ61c7%2BbGDDU3X7AnekgIMQMsR4w%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7df649abbb4f6969-FRA
priority
u=0,i=?0
expires
Sun, 02 Jul 2023 06:05:41 GMT
bootstrap.min.v4.css
paytolet.com/themes/flex-home/libraries/bootstrap/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/bootstrap/bootstrap.min.v4.css
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f52f329c18914acde937ef708d127632bfcbbd8f4d5b02ab9d074699e00afa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
47219
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Bp4TleWs5J%2BXZBTPwypOYRxik4h6AFnUrP%2FqsD5gWFxpD86ysTc%2FYE00eqKEYVxT4S%2FvxUXILRiKAoTMPLkUFAeMzkH0nfLprp7FSvXe9XfxfILbBQyjnNOkc9wMkY%2FHKRevpuy7%2FjJQEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7df649abcb516969-FRA
priority
u=0,i=?0
expires
Thu, 06 Jul 2023 23:00:15 GMT
fontawesome.min.css
paytolet.com/themes/flex-home/libraries/fontawesome/css/ 		78 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/fontawesome/css/fontawesome.min.css
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d467c8d3fa1890005a06648b9037ac40f02e78906e329fb88a5f8c82cf87aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
47219
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tiyVPcSfRUonjt0IkW1nQ6al31ED6EyNulb6kwCWdrVcaXe7NwJBUOm0TCMJ8OWkunE39MXUEYwe6VTg7Hs%2BgyFxEz8LIoctlOBZnqop5%2BTGS3rmuPwpxo2PjKaEutTL9TrkmoRbyQBRAMQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7df649abcb526969-FRA
priority
u=0,i=?0
expires
Thu, 06 Jul 2023 23:00:15 GMT
owl.carousel.min.css
paytolet.com/themes/flex-home/libraries/owl-carousel/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/owl-carousel/owl.carousel.min.css
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
47219
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sI9z4nEUqe%2BtDwbK3LLuTgTRt6NiiHb4nezVqpcByivcaN64Iwi46Rzei0nAqobQ14yp3G1eQO3kYrseUwUq2Cc%2BV%2F3%2BK9Wv7wi4vf2lQc9DFzK%2FVcK752xZ5w53kmdPgRmK0O4Z1kXUldE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7df649abcb536969-FRA
priority
u=0,i=?0
expires
Thu, 06 Jul 2023 23:00:15 GMT
owl.theme.default.css
paytolet.com/themes/flex-home/libraries/owl-carousel/ 		902 B
946 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/owl-carousel/owl.theme.default.css
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f609fd574b2094dafab5320518d76c86c11e9f9a79344707151284b63f2a4345

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
442220
cf-polished
origSize=1380
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCK%2BBT6v2rWMKEzwEKXzXmx8jHeWlop7rB4s138ZCRFl%2FkrnvxFCQ1jHg%2FoVmPtMUQEWa6ILK%2BJmcIgpHQi16MFyx7WyRXInn0KVRMhhpuxWs1Etq4YULRLTWpEpYIhfPHaqdaIorukXdgs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7df649abcb556969-FRA
priority
u=0,i=?0
expires
Sun, 02 Jul 2023 09:16:54 GMT
style.css
paytolet.com/themes/flex-home/css/ 		48 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/css/style.css?v=2.29.0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da12db52730c60e2b4d0a0b01f96bacb3a3bbd1b7dbdf44aa38ceacc370a4f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
x-sol
orig
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol, orig_site_sol
age
453693
cf-polished
origSize=49274
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Sat, 12 Nov 2022 00:38:18 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnZ4QynGGNwwAijvFqqVRpZjgP38oayQuCqsqo1tS%2FxAsI8WeY67WwjN%2FkYiX%2BP1vpLcEf0wGaCPO4GMFEsLODdIC50KL7C5aQhJtxjrtMofvErjY9Qowb5yavpZ3iSD23jEI1AjzihdfKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7df649abcb566969-FRA
priority
u=0,i=?0
expires
Sun, 02 Jul 2023 06:05:41 GMT
style.integration.css
paytolet.com/themes/flex-home/css/ 		166 B
720 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/css/style.integration.css?v=1684116263
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d33950a44ee27b039f7f0711ad1dd36d7dd56695f19faf40db311f03ca83d09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
442220
cf-polished
origSize=220
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Mon, 15 May 2023 02:04:23 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5V7NqzS6SH7rZNiov0Bt627234xII782DHyqzxpDwzHADXGZofT37QEFSdyQBEcJuIQIbFZOqvPaNjfAWbqy4x5xmQaj4VlmStwIawTSpfI4V%2F53Pehn%2Fk6RDAoUmz5QSCKaI%2BAfjwP1fJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7df649abcb586969-FRA
priority
u=0,i=?0
expires
Sun, 02 Jul 2023 09:16:54 GMT
jquery.min.js
paytolet.com/themes/flex-home/libraries/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/jquery.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
208623
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMTaa05XNON6oiN5%2FqCfcDe3MxrR3Wv8Pha9LOytizEX1cjQhZED7xLtsfuLrZe%2B6tmcJSd9hM8ss1RTslL3%2FVy7%2BD%2FYKdjQB%2FhjLoaDnuI6l9A6tL1D%2BVlvbspDXvt8za48l1%2B2AsYZRY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649abcb596969-FRA
priority
u=1,i=?0
expires
Wed, 05 Jul 2023 02:10:11 GMT
popper.min.js
paytolet.com/themes/flex-home/libraries/bootstrap/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/bootstrap/popper.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b03501649c2d236c411cb4a4ef04ddb5b306df9d01d22be86e8174a48661f6a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
30515
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHGqQLkdZSUpTTeu2nSizHFi5wtBEr6T0eDAYlphm5x8punPLs0UNdztPsz%2Floou9wW4HuZgiRqMRafaYpqwVD6Cw13ZkidgJZvToQXn%2FmXq6DCD9lLbgSe3pgxrulu443sQ9JmzPC%2F7uaE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649abcb5a6969-FRA
priority
u=1,i=?0
expires
Fri, 07 Jul 2023 03:38:39 GMT
bootstrap.min.js
paytolet.com/themes/flex-home/libraries/bootstrap/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/bootstrap/bootstrap.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88JKEL5j%2BgGLtQV%2Bok2bKkXNQzBpWuP9MPVvQu2lTFUoN6KlJo9guyQIcOjxeaLCz2DN5ShAMATiM5djzxqIIUKRTEyqje6S39r6k%2Bb5TY%2BiaOgGKUgiThaxPC%2BZJ2ZEzhm7gd8W5AKLEao%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649abcb5b6969-FRA
priority
u=1,i=?0
expires
Fri, 07 Jul 2023 12:07:14 GMT
owl.carousel.min.js
paytolet.com/themes/flex-home/libraries/owl-carousel/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/owl-carousel/owl.carousel.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=plw6jiNpjPrOT0UPoOp85VInJw2eYrACM62K1APjYQtRBso5qYhoPJ9PU4kIshwcYJZ6kP3D8dQA9zrWSoJR9icHIs%2FnKVgrIgP1hH6MgiPCOtzmFF8bw5dD3xXAt2DceKnevU8DSh4VDgw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649abcb5c6969-FRA
priority
u=1,i=?0
expires
Fri, 07 Jul 2023 12:07:14 GMT
jquery.matchHeight-min.js
paytolet.com/themes/flex-home/libraries/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/jquery.matchHeight-min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103545
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSH%2F9WML5PivadV9Bgt191HZxsitrn075KcjFLdjaYt4K563CaJ40KPdWWYwkvLWlnAF9DXWd%2BjG0NMw8GkOpPBjSDoSroWPCUiTh1qPQJSD3pRrFtswQhAHwyWofw%2BKxRq29ZlecdPg0V4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649abcb5d6969-FRA
priority
u=1,i=?0
expires
Thu, 06 Jul 2023 07:21:29 GMT
ezvideojscss.css
paytolet.com/ezvideo/ 		41 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/ezvideo/ezvideojscss.css?cb=66
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aa332e002bd6453021c397acb37df2ff7e0bce47b081fbfdf85177f459519cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ji%2BQFaMclN3dGd9udSuM0xQr%2BuSY%2BcAqIVHaBfEXqU5Xv4KDpZlILkK7mFyN2PT8ib6WZYyIXlf8hMtfNdgnjFep06QPUDYCRSKMn7XxJaNMC5h45Gim6NEFBdAjIhMXfyduj1kchORUXyE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf8
cache-control
private, max-age: 2628000
cf-ray
7df649abcb5f6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=0,i=?0
ezvideojspluginscss.css
paytolet.com/ezvideo/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/ezvideo/ezvideojspluginscss.css?cb=66
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
998031baa249d094c5164e9e1412432c080b832b6e354ae004ce8d1c35ddba59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LPmFPnIAZKHWfcqC4nGEfz3v6dl029LPMCMafMB03S1dN9xWApGV0lQrN1o8zO76AwedeqlcPAOo%2F4q7OL14eystaf4iyXYAnqW6%2Fa%2FBIEBadKwcF%2Bju8Qs%2BB9GPMU9OLkN0mzOCYAacyf0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf8
cache-control
private, max-age: 2628000
cf-ray
7df649abcb616969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=0,i=?0
ezvideocss.css
paytolet.com/ezvideo/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/ezvideo/ezvideocss.css?cb=66
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3443b1248e73d80cad497be0ad72125664f5900083a9a7c3210de6aae062db1a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3WkW83XcN%2FHQtEt8k0TuPHEvlrkO59k%2Foz7fjU8g1vQskeLr9QE9ArrXFnIhWaWItVlm5XR8TdSzjyXYFZS7gcKk3jK6teTCYx5Vd77ox9AovYWeO33qN5u7kt1k9cA1z5bdud%2BS%2BDEBvFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf8
cache-control
private, max-age: 2628000
cf-ray
7df649abcb626969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=0,i=?0
cleaning-booking.gif
paytolet.com/storage/ads/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/ads/cleaning-booking.gif
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a43357561e7f451ff35d3e7c20196f9c8af2f2c94195d815f50a4c37f0a67b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103544
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Fri, 05 May 2023 13:55:30 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDy0Ts1%2BksAL8zV79EL4i7Ou%2FzeI32dtuNYjsDeyRucUb7KOfh9%2BPq2IkWfSPdR9guj%2FVAPSupfr4Rw%2BHjRzSr685v1CLnPb8oUVWL%2Fi1EpdAQTW5Rm6iVKGPg1DTsbP3PyHY73AeH%2F0VJg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
cf-ray
7df649ae6e0e6969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:30 GMT
search.gif
paytolet.com/storage/ads/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/ads/search.gif
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61df879c468bdf567ef4560ba40b4e22702bc3d041c67617e076d7df4cfec422

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103543
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 26 Mar 2023 19:35:40 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qg8Mbw0uadEGAsZ5dd0OgmrXNr09BWiR9OOjLWRhnOvhEwFlBrrXva5RIcddmWqxEXzzCOB%2FkjnG86bzRhsvp4M67j2uC2gjxw0x6ZopzBeC1%2B3%2Bp0kN6DuSm5tFh%2Bt3jD7aUDAxDkuhCTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
cf-ray
7df649ae6e106969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
ad.png
paytolet.com/storage/ads/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/ads/ad.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fcfd4197f5307a145a18c5fd671d89323f4842fed7534f8c25fcc6cb37b2cd2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
327640
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Fri, 10 Feb 2023 06:36:35 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJOa%2B8w%2BKoM7%2Bvl7nIqvCekeqA4WkEjk%2BxVl6StJvOKjzFQcx%2B7kHhhtzQdS3r93zVsvz1Hky%2FIprtYc%2Ba9yxsauyt58HD6Oaa87nN7ZCVWltMEkAQFumF2Nk99Twyt%2BMS2eiwe1eTc78bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e116969-FRA
priority
u=3,i
expires
Mon, 03 Jul 2023 17:06:34 GMT
ads2.gif
paytolet.com/storage/ads/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/ads/ads2.gif
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fff4561aa80560ecdcb6289afee29a65cefd1706f78367ca23aaec91c97659d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103543
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 30 Apr 2023 01:35:13 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sChmArVI0xhw2v48gpCNpuML4qkBJ3qwkknF%2FI2nXS9b2r0XxfDF%2FJmlkIf1JKi0%2BAoAwcGVVvU51DVQAfJ3zr7VsICv%2B0CiPJTBrAGReyJSOrnNDsGuhT20L57oHZH9rdvnfOL4L81EvSc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
cf-ray
7df649ae6e136969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
ilashe-beach-resort.jpg
paytolet.com/storage/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/ads/ilashe-beach-resort.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dd9d0239673769ed47f4254822c6df177cafa2ee6de8c70b6890259ae6c6aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103543
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Thu, 04 May 2023 05:23:28 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOGiBaE%2BeOirgrjZyHeRNdZwOX%2FoesJmjTcQD2iCEZt%2Btq0rE1ml55Kr4mR9fNhz4PiGSuhaiFxxbN5om7Fmw7HUZkg4o%2FLBPej9i4WzjAei4Xhow0U%2Fs%2FBnpmyl%2BXZOgM3wB2%2F2ktuikc8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e146969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
gust-posting-service.gif
paytolet.com/storage/ads/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/ads/gust-posting-service.gif
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0367981962bcb2fb5e472c74ff6120294bd46a5e7961d211e0c6bbb51c73ba43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103543
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 14 Feb 2023 10:48:01 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWk78EbHUGmWJmyZcUf8ZH9cxMXw%2BuhYBjjOafl%2Be9qpOyvI25f%2FS%2FLbVF9qYpqcZD8%2BI8hfQ737raSR%2BlIs0lNzyL%2FMKMTK90gERITZQRuPaZIxZNbBSEdoPx1r45VwbGb1G6OF8rsYiRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
cf-ray
7df649ae6e156969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
eK3Dg4X10n
shown.io/metrics/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shown.io/metrics/eK3Dg4X10n
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.186.64.46 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
7bb3a0e0618ea7872d14178a204c41179319fa40d6c28cb019fa3968a45ec0f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
referrer-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Apache/2.4.52 (Ubuntu)
x-content-type-options
nosniff
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-response-id
57a27547-6aea-492c-bc93-a528930e07e6
cache-control
no-cache, private
feature-policy
none
access-control-allow-headers
Upgrade-Insecure-Requests
content-length
1106
x-xss-protection
1; mode=block
21342073.js
js.hs-scripts.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-scripts.com/21342073.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:863b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7966f4699faf90259eccc0712ad31df0923e53d5eb04017f17e2be011018f957

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
EXPIRED
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
0812f42c-def3-4af3-9737-5fc3687d0ec9
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
0812f42c-def3-4af3-9737-5fc3687d0ec9
last-modified
Fri, 30 Jun 2023 08:07:52 GMT
server
cloudflare
x-trace
2BDE02B44EAD491F32B46DC17AE26276A28C9DD923000000000000000000
vary
origin, Accept-Encoding
access-control-max-age
3600
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://paytolet.com
x-evy-trace-virtual-host
all
cache-control
public, max-age=60
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-wnhdc
cf-ray
7df649ae8dbb2c76-FRA
expires
Fri, 30 Jun 2023 12:08:15 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EZWW9JQPLY
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3ea24731f090de32eff31fad71e25328201ffd719078e6c22da76e6470a654ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83570
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:14 GMT
optimize.js
www.googleoptimize.com/ 		125 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-WWTVXCM
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43ee3f001a45d8140785867c54428887bfaff044cef3d79d5fa98fcb739b6dd4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
49448
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:14 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10850344926
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63140b61722479a99262b83e9691eaf42bac37e1132262ef6fe43c130b360480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76278
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:14 GMT
tp.widget.bootstrap.min.js
widget.trustpilot.com/bootstrap/v5/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-42.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 05:19:07 GMT
via
1.1 09f78fab17e561a78ea60bb6223c4962.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
24488
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6676
x-xss-protection
1; mode=block
last-modified
Wed, 03 May 2023 13:48:29 GMT
server
AmazonS3
etag
"befec09eb386fc68a0869c8d1b529dd6"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
XwPGieI1m5WSHZr0Jxoka7cRqWO4FAppXyYfV40C8-n8Z44eTfKO2g==
email-decode.min.js
paytolet.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 22 Jun 2023 09:29:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64941465-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2mvUwfw7yW4uE0b4QA8YsZeIp4gUvrGCnTFuZzlg%2B2XzaSj76d7e49tHDb2qDVOm8ffKTlaawZlVv7Le%2BXyNGK3LJdMWixq8X4MyusQBG7m9HqDKDX6%2FL7XMz7uuGx0Xgy9tWmx2ZJug6Gk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7df649ae5df76969-FRA
expires
Sun, 02 Jul 2023 12:07:14 GMT
transperent.png
paytolet.com/storage/logo/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/logo/transperent.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
628798fe5d57af55187c1667fbb5cea14c2d5420b21a16ea57406485472c87f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
442220
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sat, 11 Jun 2022 23:42:01 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ho6nbeERwlcoZcQo83jhIGNgsbnK0sFx5ws4llEk0h1iI%2FIERzmn3FRLyZlWcXNG%2Bp5%2BPOwgIfoYu9C7dtByMxMhlPtad5Wd4XgfcPX9KBTfs1f8CwZcngcuy8T9wuDNZO74%2F0TCowOAVao%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e176969-FRA
priority
u=3,i
expires
Sun, 02 Jul 2023 09:16:54 GMT
logo-1.png
paytolet.com/storage/logo/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/logo/logo-1.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b0b827ce038a8735e05d723ed0d59d8a948add3a7c64025686901ef8f66ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103542
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sat, 12 Feb 2022 07:42:20 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKueXYIsxGM0iteOWxKmS7ZjeE1IvHGWywd7kYsa33QJOFtit3fuJiTds2AL8nynavRZNnz%2FItBUNfqJrko7kyjTh1Gh%2BtVTpyMHh0ydUsXq%2B7O4Ynkfw9WsGOC7v%2FufDm%2B00mlIn6eawyU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e186969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
cse.js
cse.google.com/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/cse.js?cx=7df96e17e2a169319
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
fc6bb3d490f4d56efeb0600138d374c85df85d65b7d135ce1ab655d58f6914b8
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-lDeDp39DwcPCFZstpT5WEQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-lDeDp39DwcPCFZstpT5WEQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-encoding
br
date
Fri, 30 Jun 2023 12:07:15 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3167
x-xss-protection
0
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
cross-origin-opener-policy
same-origin-allow-popups; report-to="gws"
server
gws
x-frame-options
SAMEORIGIN
report-to
{"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private
permissions-policy
unload=()
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
expires
Fri, 30 Jun 2023 12:07:15 GMT
v2.5.1-m
run.louassist.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://run.louassist.com/v2.5.1-m?id=289340402156
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
011212f2fd4d8ef1a8aa82adcbbfd224353e49ba45ee2cb8974251130a04cada

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
via
1.1 8b15d366b8a05fea04eb2afabb997d46.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP63-P4
age
34885
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 23 Nov 2020 07:19:36 GMT
server
cloudflare
etag
W/"5c39b78a21e30efcef352f61d1759b5e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhDm5M2vU7eGTjYnHXycX5CVzJapcVagvG1Ldl9c5aXi8CWzwGw9zoocBfevgBC5J1FCKCD8OUAhyEbVFuFsIpxWco95cFoSjjhLgzqyk3u77ROwO8ckDQUbEm%2F8hnl10A2CIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
cf-ray
7df649b18adb1c11-FRA
x-amz-cf-id
_fdN6Xv7h1XkU7fH0Nf6AFqBKZj-_suApMqNVfYoM_OWiDTq3DpA1Q==
api.js
challenges.cloudflare.com/turnstile/v0/g/19b997cb/
Redirect Chain
  • https://challenges.cloudflare.com/turnstile/v0/api.js
  • https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/19b997cb/api.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7df649aedc5d9957-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 30 Jun 2023 12:07:14 GMT
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/turnstile/v0/g/19b997cb/api.js
cache-control
max-age=300, public
cf-ray
7df649aeac3a9957-FRA
alt-svc
h3=":443"; ma=86400
pub-7184064643088596
fundingchoicesmessages.google.com/i/ 		147 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-7184064643088596?ers=1
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d6bb673fc4f76bdd441d0337cf21b0edc0caf4823b408505485d0126e4aeb44b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gWPk1xE1-9P3ILeWEGlyjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-gWPk1xE1-9P3ILeWEGlyjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zuma-plains-mock-layout-1-410x270.jpg
paytolet.com/storage/projects/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/projects/zuma-plains-mock-layout-1-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75b6a564a6e463c44fc7640c585e90411bea891df84bf187096af5876cf7221d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 02 May 2023 19:55:21 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bxYlyREIc3ecVQQHJb27mT7qTYQ1FAJ0o6nDJrzRDPORhzvOtuf0MIqug8WRLLeWKA1ZorjhE0NMSuz3E2c%2BamgEXfppkB4C4lYP2GbsG7oykVkPtrD%2BGRXuL6tBWWz3I0ok%2BqcDLttgXI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e196969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
summer-villas-2-beds-1-410x270.jpg
paytolet.com/storage/properties/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/properties/summer-villas-2-beds-1-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7add38aec8861f2b752684bf5a71d1cd8127a6beaf9f71df7aa36eb36c20ff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 02 May 2023 19:24:53 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG%2FKxC3m3rYqkmObZ5%2FJIFCM%2F1V2yLOFJJH%2FT8YD6sWZapOj%2BZSjhYr%2FPEcGlvMWoDyF%2BoYZ%2B7jfmDAukKXeajTgP%2FP72JC%2BJiVUZEs%2B4tKMb%2BNC4J%2BOWaydiFw3dQ5Y9I75WR%2Ffq27p6qY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e1a6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
4-1-410x270.png
paytolet.com/storage/projects/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/projects/4-1-410x270.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c2b0a7e5941aed9b64ac84459cb3d4beb2bb416db5b83b29c8f19199d3b4331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 05 Dec 2022 13:10:01 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZUR%2FzFDIT6GsrVmshijbYwYQwsk5D463UFrhzV%2FheK%2BUu4bQf1wggOu%2FRnHEHYat2uTZMViQPl5a%2FK5UrvnJfV6js4fM9hqJXOLENyPLgyGELdjvhA3c1XSsbwO2VKVXiOWbJLynvXse6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e1b6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
3-1-410x270.jpeg
paytolet.com/storage/projects/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/projects/3-1-410x270.jpeg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96e70fe1d109f7d904b7e7dada1a1f38fcecd64160db5f7efd98b5b6bdf5e512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 05 Dec 2022 12:46:05 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9KNpIMCpsbR%2F8j9qLrru3dmATmXrK8yIzFWu6FFvqymVPxxZ8qD9IMawgqZBKOzvY0CMruBGZb2jJXWsL67KmjPy6gbwKJeOfyoQ843YAyHhDgdzqh05Lk%2FiOz%2BOIUfJ%2BkZ6FNm6O2WYBs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e1c6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
c46f09c7-city-25271-164b28b9357-410x270.jpg
paytolet.com/storage/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/c46f09c7-city-25271-164b28b9357-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
416d2a417940877d507578cb0c9eb3d6e86cd6ee566534e9d671bbb6111c67ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 03 May 2022 17:12:12 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0wQH5qJcGq0a6GK540p%2FWpyvWAwmo6RdEAHePMQ4AjqM6DPMKr%2BzV2LTQ610egBIGGriQy9hTjtzpJqQ7%2FYp4SGmoZE%2Bvf6lBQ8YBgntz0%2FTrudIdKrB2UeFd77xWHvtjc14ViPIEGjpSEY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e1f6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
9-amazing-beach-resorts-you-should-visit-in-lagos-on-your-next-vacation-410x270.jpg
paytolet.com/storage/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/9-amazing-beach-resorts-you-should-visit-in-lagos-on-your-next-vacation-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30a7919c0c21802d3b7bc127ec1361cc696c6fe840d49ee41f5bddc4e763b620

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 03 May 2022 17:29:01 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ADxGH%2Bni3T50itB6SXMZnILlUNSEzFbzSqGFw2BgIM1jQminSZdbhzf%2BI2Yh0wAPy7kIGBMGJ1ofFppiN5TWiBGaZvJpaa%2BXOVxFr1WEoboL5kv5D3Tos0TtNfmCvLToyqI87Y4XuJzB5o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e206969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
download-1-410x270.jpg
paytolet.com/storage/general/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/general/download-1-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
405e60d4d83515cb48da7462a2bc4c892ca9a5bea6631cb452ffd1fd388bb8a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 14 Feb 2022 08:17:11 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R5DTw%2BwrCBAFAIopIn0U9G%2Bq36cr1%2FK9SLbI94iuLQcyUQiWpKPUfxyjMP9pToOj6UDZIH7L3ulUNLzKhOrqCNB%2FaKVIspXA6Q668umb2KvnVWr4A6B45pok4IbWoS7QR2rbJ6NzVpIvxRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e216969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
download-1-410x270-410x270.jpg
paytolet.com/storage/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/download-1-410x270-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b409773b3642eed610eeb6b9d226ed7b90200dc142559e755e30e7ff1c4b4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 03 May 2022 17:19:23 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nuQL30QTqZvvpRlQd%2BhEpkoaRtM0ysd0yXy8Nadbr7GkMbnxJwIRZU6wrCTGmht8nV9mJFJPPHeM63MX6jSDjN4uZvT2h7Jc3yKgcXH%2FTTLL4t0aJZUnl78uqN4uBWpRXtLr99I9nEbguf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e226969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
awka247-410x270.jpg
paytolet.com/storage/cities/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/cities/awka247-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e88acc2f5ca6e8dd1a5788e79700064a3431b8bfefee49f517d0a9870d29b9f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103543
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 12 Jun 2022 02:21:36 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNuRP1wbqhfPrXdSqS4pPGVXgwSxDtRA7QvDis%2Bu47mGKFtqN9Gdj%2FFj%2FSXGrbuuslVuq7r%2FqF%2F%2FvduJ5bcE9SANeFG4NhL9IVJyyruIQn2FZ2zS2gZjvZgYxGDN30wLH%2BQAw0ZIYkI0cdI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e236969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
aleft.png
paytolet.com/themes/flex-home/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/themes/flex-home/images/aleft.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad6efd36d7fcbb0ff2489c995d2867044aa83e5b4c7abdb63431efa63b937c32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
300918
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
true
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GtSm7BT278d4u15qyoO2ED0Kpr5CbLcbt%2Bcds5h8EHxS4n9urFAy2nFpt0H297zHyNOj70U2kVTA340bBnGWVt3qOJufIjGc1LDY8b3QAJbrpRdFWEclOekksrcZty1VarPLZqz1ekF9v5w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
cf-ray
7df649ae6e246969-FRA
priority
u=3,i
expires
Tue, 04 Jul 2023 00:31:56 GMT
aright.png
paytolet.com/themes/flex-home/images/ 		112 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/themes/flex-home/images/aright.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0f8e80c9819b5f56dd994bd8240c107178ab91951bc142c7a9a2e6439c18ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
content-length
112
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhSW09%2BuuD7xP82%2BCHkcnIT752BtMAodmOBrHruP6sj32NLgu0Pl5HR%2FMCkiZ0DJfUjIMVL0Ca%2BphAZ%2BKkj7yt3YyykuizVODCR7sGIn1Y%2FelqoJhx0je2h6%2FArlLnToUWki8rHN7J%2FcLYI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7df649ae6e256969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
sherpa_init1_08.min.js
cdn0.agoda.net/images/sherpa/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_08.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-188.deploy.static.akamaitechnologies.com
Software
Akamai Resource Optimizer /
Resource Hash
c24483ffb2b66466c15a7c4b15662c997ae3b82166cb105638e534d3d41cc825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
last-modified
Wed, 21 Jun 2023 13:36:52 GMT
server
Akamai Resource Optimizer
x-dc
HKG
etag
W/"5dada82a80c2d31:0"
x-cache-status
MISS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1736755
timing-allow-origin
*
content-length
2896
expires
Thu, 20 Jul 2023 14:33:10 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		140 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7184064643088596
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ec224af78f85d82a718dae1ba0e055b0faee499d8ee0b4b7e698e566cce4d8a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48954
x-xss-protection
0
server
cafe
etag
7925893799337825369
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:07:15 GMT
powered-by-google.png
paytolet.com/storage/ads/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/ads/powered-by-google.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efa66f0a953a51c5d0047ef28be8d73d37fcf901c959803b067ee33bcb742adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103543
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 10 Oct 2022 10:12:53 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ZPyNRRQLgmWjhLnGduw%2BmDJ%2Br%2BiO1rklK2JXlGew%2B6dyQ4cT67UfHgtRatdWjs2iWZ0yN%2Fo9TgfNL0owesY1yk6TCz04JV8Bz01F3VpDHktHxM9N14tFXvrdT1gjyESvN5EeaJwyWT1TCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e276969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
jquery.waypoints.min.js
paytolet.com/themes/flex-home/libraries/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/jquery.waypoints.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103544
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0A0R%2BoEJFrn4ZkQjwNdDQOg0JKIA7lPhzpWoFI2ic%2F%2FC4EO%2BWi%2BmG%2BfxLI9M5YKYqr%2B%2F581DrEmnPAvR8IRNaEP0JJhteRYBtI5QdoyO9X2xj9pT3lFGxQVRQnLHox3yL6K1K5KLJkmZOxw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649ae6e066969-FRA
priority
u=2,i=?0
expires
Thu, 06 Jul 2023 07:21:30 GMT
app.js
paytolet.com/themes/flex-home/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/js/app.js?v=2.29.0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6c5a9b65868088d8bccdaaac6a4b479180c2f247fdaaabb16713374bbfe42d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103544
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Tue, 19 Oct 2021 03:56:30 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGz%2FUc%2Bmv92iMPdln7i8IvKX7nv6jyiaEeS54sl2Ff%2BfAxj0ljraH6a2xV9x6HvCJd4V%2BCcDWS7qjr7NTrn7M3vc%2F5yrlTjuvqQWW4rHxKmaULvY2Z0MebuOpLpZyVMHEhqav9huscj5kTM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649ae6e086969-FRA
priority
u=2,i=?0
expires
Thu, 06 Jul 2023 07:21:30 GMT
components.js
paytolet.com/themes/flex-home/js/ 		292 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/js/components.js?v=2.29.0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6240cc7c252d8caa79a8e3d46219f75c3a07a6dcf0bdd14b86ab88c4bb376a42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
208620
cf-polished
origSize=298583
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Tue, 19 Oct 2021 03:56:30 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3caOxjMvczweqwLAU2VgiokcXjsIu4fYpbMWuFB4DPxIzLOGur%2BSwkVFamTUzYOOCybT%2B3URTeB0IUL8QJNNhB1I%2Fspu0KttcCVkmmwgbKRtxFbJa4Md30Xj6gxFQVbEZvhDJbEAVjrfRM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649ae6e0a6969-FRA
priority
u=2,i=?0
expires
Wed, 05 Jul 2023 02:10:14 GMT
wishlist.js
paytolet.com/themes/flex-home/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/js/wishlist.js?v=2.29.0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a1b9a3a89866841ed20eed2700b1b2f5e06b152eb6eb66b769dc95c915b394a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:56:30 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWA%2B6n6lv%2Bf96y9g%2FvTHu0cUGZzu6pCDpO0m6v7Bg2qdExzY3x4DYkitszERa5M0jmwuAdoussvfv08ZPC2emkdFCOXZnJJZ%2Ft5E2Xm1OWSCrMfpAqK3D307bQix2gRPE7pG1HTZbDdgvOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649ae6e0b6969-FRA
priority
u=2,i=?0
expires
Fri, 07 Jul 2023 12:07:15 GMT
language-public.js
paytolet.com/vendor/core/plugins/language/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/vendor/core/plugins/language/js/language-public.js?v=1.0.0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e6b2fac4ad5c44ed969ce0f77ab179f36b4f87647509e49687e2e42c2a4ee7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103544
cf-polished
origSize=1063
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
cf-bgj
minify
last-modified
Fri, 28 Jan 2022 01:33:56 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pes1KG7BrFAHRo9YaRNOGgrcHIgVu3wYr3tUTWzEvJ%2Fite7ZHyjPIQ7DdqTVW4GFkjBpNar2UpjBgU46DVutKtqbb2eVJTJrPy3%2FxGA%2BwX5%2Fsb9GkeHJ0oNh%2FTV7j12dYzX2eY9%2FyBwZxZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=604800
cf-ray
7df649ae6e0d6969-FRA
priority
u=2,i=?0
expires
Thu, 06 Jul 2023 07:21:30 GMT
paytolet-footer.png
paytolet.com/storage/logo/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/logo/paytolet-footer.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8d1a3f280520722da06c2c13678bc83fc80f32bfb51472d3cf1c91abd860a3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103542
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 23 Nov 2022 16:25:54 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tT7%2BZ%2BgpYzRHojdjOb7eCepPGzcs91EmCoAU6O4mMOalA8rUVO%2BjlTuhWonwi9inqBSAV3Y95dzRXn8nkA6OvRTml216S0%2B89nstvlwt7YOubCB%2Fc1SPtJTN%2BV9yhWVyEJGKuuVZv%2BykOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649ae6e286969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
v.js
g.ezodn.com/cmp/v2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6013 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 14:50:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5469582
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AzD2NTij%2F40HfNWKB6jn3%2BWTOOfwox9UjZTCQdKEdzlGKDtwRCeZHptC7miqNNRse2Nr6NstWcIoLbVGNeNNmazbzfPs2wEjJqZTrLDzOIOudWKJm3MhqdTmRZ3rRlZbsRlO5KRDtdQ5QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7df649af0e1492b1-FRA
alt-svc
h3=":443"; ma=86400
augusta.js
paytolet.com/detroitchicago/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/augusta.js?cb=24
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 30 Jun 2023 12:07:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MSigJq22rn%2FPEMJsloRg4Ii8vNWH9jUU9iiTk5IhgqlI9WekI%2BJ5YFHCB9vwtlfRLGYYr5UlQKovav8PZb6g2btV24dJ9zwP%2FKpbJfTOjY65z0RdvtYKbYcuZzUeo3kszlK%2BjoGOUKtRZc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649ae6e2a6969-FRA
priority
u=3,i=?0
alt-svc
h3=":443"; ma=86400
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer
https://paytolet.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
last-modified
Mon, 17 Apr 2023 20:41:48 GMT
server
cloudflare
etag
W/2023.4.2
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
7df649b189239001-FRA
VAh3pJvojw_eZsI0MGJ5Y3knANs.js
paytolet.com/cdn-cgi/apps/body/ 		732 B
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/cdn-cgi/apps/body/VAh3pJvojw_eZsI0MGJ5Y3knANs.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/cdn-cgi/apps/head/YKotlbUugk7jYuEHrqaUA9nyfKE.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec80b323ef9dc8488b808533a146135d7bb341072eb2c10605ba8515a7f73d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
x-amz-version-id
1GPjOIRkrhkXp3R1xy4Z4jVUm03Qcbng
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
P22QCR6VT8YAQC3J
age
103543
alt-svc
h3=":443"; ma=86400
x-amz-id-2
vNGVPbZ627aWAj+0EO0yKWnHlovM033+zwxXUneMleZIGfdVIC98f2DsYxNSrN6PGT/kZdk73gs=
last-modified
Thu, 01 Dec 2022 16:36:53 GMT
server
cloudflare
etag
W/"0e6d37e160e45d53c195ba129645b1c3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hkm%2FaFVFOqrkMRUPWEGzrN8gYakIFolMtwU22xOYNrd1FuA6CP4fRP%2B%2BgvLCqarTSgRM%2BF8lK3KGsGsUq%2F%2BlSY%2BLADvlj3iv62bLRdLUqZSnDnq3LQh%2BnYIydND%2Fpb%2BUsyYs3quTLQPMJls%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7df649ae6e2d6969-FRA
priority
u=3,i=?0
banger.js
paytolet.com/porpoiseant/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/banger.js?cb=195-3&bv=232&v=74&PageSpeed=off
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
636ee43cddd96a5e26ff67cdcb9cd38261250d40cf87b10873a5de88551440e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103543
cf-polished
origSize=57517
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Jun 2023 07:21:31 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDlZbhlVhmb6tPycFL19MdWZmee6WJj3vDRUvqQDw668lssaNc2tW7Lg3e%2BpkCJAQ8MGBdjUxLIg%2B60F5i8wtbpQbeQgOeUr2bcbNVPoR8T7wRgYeOiXK6l4Fp%2Bq0cMhrE7nmQTIiFNsiTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649ae6e2f6969-FRA
priority
u=3,i=?0
ti.js
cdn.tynt.com/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/ti.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dedde02e623568215d9f2bbd16574fd7d13f7c22ae41588a41f56351aeb9fbd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 15:48:05 GMT
server
cloudflare
age
245771
etag
W/"64109735-b6b0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7df649af390668e9-FRA
expires
Mon, 03 Jul 2023 12:07:15 GMT
6wmyrkK.gif
i.imgur.com/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/6wmyrkK.gif
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/css/style.integration.css?v=1684116263
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0313ebfeb00bd7f6e6d4d98760cdec4033359cf3cb269dcd0be3299a76f205ee
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
IAD12-P2
age
937749
x-cache
Miss from cloudfront, HIT, HIT
content-length
1118
x-served-by
cache-iad-kiad7000034-IAD, cache-fra-eddf8230083-FRA
last-modified
Mon, 05 Jan 2015 09:12:35 GMT
server
cat factory 1.0
x-timer
S1688126835.987993,VS0,VE1
etag
"748c759fcbf52774838dc79d0f4758ab"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
1jVX8IqrFLKpO0EaFbLKcjeBnXzuC2KguQMQs08JrKa65HdZFDGPQw==
x-cache-hits
525, 1
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t1R-s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 14:39:37 GMT
x-content-type-options
nosniff
age
77258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:27:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jun 2024 14:39:37 GMT
cmbv2.js
paytolet.com/detroitchicago/ 		904 KB
249 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd15bac74e9f228c9a3ba2dcf4d64515f407d76f346a64cb75f5b19688b14a2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 30 Jun 2023 12:07:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=117OtQaEla7%2BOcoRaHhWbXFSLM0f4wJ2MR2ySm2m62mOY4HtuEGnV5SO7NMrI9tO6z3G%2BxrOIInpp52kFF2yerKaRNayGFIAlTZAbsSUSb9myfwROl%2F%2FXRQA3RX0epeNVpe1b%2FbFDCtEHpg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649ae6e306969-FRA
priority
u=3,i=?0
alt-svc
h3=":443"; ma=86400
qevents.js
a.quora.com/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.quora.com/qevents.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.153.247 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
x-amz-version-id
VqBO7svKfismDjrOf54BMqOIARlRLNs7
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
EFHR3G5GTGQA71CH
age
5648297
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
BK/ROoScV68EuoV+02aoVjqhDqCbCQRyRQBXfzSS4mZCsmdX+tx3ckGhVazbLNyeb4CIhuyj9tNuPBfbUdnPpWM5v2t9D1znTtGlu4SQxBA=
last-modified
Sat, 22 Apr 2023 01:03:41 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
md5:47078e63380c6b0cbbfb6d8508b25ee7
etag
W/"47078e63380c6b0cbbfb6d8508b25ee7"
vary
Accept-Encoding
content-type
text/plain
cache-control
public, max-age=14400
cf-ray
7df649af3a628fe6-FRA
expires
Fri, 30 Jun 2023 16:07:15 GMT
tag.js
mc.yandex.ru/metrika/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
b886f11e6cea2d231535fd0b59bb2950a8d40d9ec4a39b6da894c1f90d89a382
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 29 Jun 2023 11:28:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"649d409c-125d3"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
timing-allow-origin
*
content-length
75219
expires
Fri, 30 Jun 2023 13:07:15 GMT
/
pageimprove.io/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pageimprove.io/
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.30.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.30.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7522c2cf228f80d9b1af1172f45d04b729d43dd8b9fc7cccb06eee2dd9629fed

Request headers

Referer
https://paytolet.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:07:26 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1683295904
age
3589
x-guploader-uploadid
ADPycdtTqDcgL0mNUE2JJx3OHFuiGO-K_9YW1cF6-POJW0wi89TwUCT7_M4gFyQ0vha--2_j-tPFkvSiJkq_8lcMjFYehA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4157
last-modified
Fri, 05 May 2023 14:16:37 GMT
server
UploadServer
etag
"432676a5846e294b1a77d1170fa3e21a"
vary
Accept-Encoding
x-goog-generation
1683296197265863
x-goog-hash
crc32c=b8Pcnw==, md5=QyZ2pYRuKUsad9EXD6PiGg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-stored-content-length
4157
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 30 Jun 2023 12:07:26 GMT
gtm.js
www.googletagmanager.com/ 		158 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-54T4J4H
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a798191befddcfe31bdc3964ba3103add438f7d553dfe65a1f9b89595409428
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
59298
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:15 GMT
hotjar-2812607.js
static.hotjar.com/c/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2812607.js?sv=6
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-81.muc50.r.cloudfront.net
Software
/
Resource Hash
1ee6b17c207d430e5735eb654135c6bbdd352c3fd4268f3ca1bf44b1b799ae64
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 12:06:36 GMT
via
1.1 16c1fbe376c986a5f9ba0cb7fbfd58b4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
39
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/750ce7636eca13645c6d03bbaaa9f7eb
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
1cw7B4wXi8USP8vj-wWSwLMNPnhlyS5PZNM2zZPmFHNlWYjMWe1xAw==
aigj3e8vew
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/aigj3e8vew?ref=bwt
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7c1fe55e1f8d9bb17a7dc826174e42830eb9026a2d5a5cd591a906c93f195c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
-1
date
Fri, 30 Jun 2023 12:07:15 GMT
x-azure-ref
20230630T120715Z-8k83fnmre13km8txsamcyp95qn0000000sbg00000000p50w
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1210
request-context
appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
aigkyg0nkv
www.clarity.ms/tag/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/aigkyg0nkv
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
446bea0baf9d4fb2520dea351853d06bc09a7f52000e8163fdef0eeb7c77727d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
-1
date
Fri, 30 Jun 2023 12:07:15 GMT
x-azure-ref
20230630T120715Z-8k83fnmre13km8txsamcyp95qn0000000sbg00000000p50x
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1210
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
/
bshr.ezodn.com/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bshr.ezodn.com/?did=410164&bf=30000&dc=1254144
Requested by
Host: paytolet.com
URL: https://paytolet.com/porpoiseant/banger.js?cb=195-3&bv=232&v=74&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5c042d81ee44f17f4f9778091ff7aa9a1b9b1efe7455a673ba4d8dea5fcbce7

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
363003
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 22 Jun 2023 09:54:03 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf8
access-control-allow-origin
https://paytolet.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OM40q0oaUnYRCxt4N7vvBDoaam%2FIODPFX6u3uZLmkK%2B6aneow3gwYWgWPImx5ZGm%2FI5AM%2FjR9vNQjDxCK2H13vOgCmSH3lM5P3uV63Jj04sDTzfAr4H9GCs0TD8WljavnmDBq8PfDWA%2F2eMkRA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1209600
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray
7df649af1a918ff2-FRA
access-control-allow-headers
Content-Type
nmash.js
paytolet.com/porpoiseant/ 		22 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/nmash.js?v=232
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7afacfe1657f7be1a450cfc4365f906e0d54961cfcc256c2f82528bc6ab2c1ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
EXPIRED
last-modified
Thu, 29 Jun 2023 13:22:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpBo7euWVKQ4NSwj15AmFAYn7%2BruCkatzWLVcs4K%2FNsOb5asXNVJf61wvfYTYMt6N7waZN7MiUETefQpyNAgFqGF%2BEBNdgiwTRmC0XtTndFC82H63pbvL3uIPBCdBNasW7L%2FdWSuuUp2jwU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=1800
x-robots-tag
noindex
cf-ray
7df649aeae676969-FRA
priority
u=1,i
alt-svc
h3=":443"; ma=86400
/
bshr.ezodn.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://bshr.ezodn.com/?did=410164&bf=30000&dc=1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6113 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://paytolet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://paytolet.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7df649aeda5d8ff2-FRA
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 30 Jun 2023 12:07:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKF2LuLp5VR%2BhvAwgoO2G5V8CkjRoLnjMNgHevE7DmKATLXzzUDOvF637A622nsEEFkxFdbwXTlIaVWlXZOLBzrMRrrSWxNgMSarDhv4VZiPsJb%2BE9rGnFn31BkmaRtoSP6GNH%2BCszr8yBRm%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
js
www.googletagmanager.com/gtag/ 		122 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-218196865-1&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WWTVXCM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27fb0eb9d16e7d2a905f88b59cbfd020b9cc131e44b851e5eaeefb99d62ed962
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
48244
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:15 GMT
js
www.googletagmanager.com/gtag/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EZWW9JQPLY&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WWTVXCM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
382eb011abc2de54db115b34d5bb6411bcb5bfa9bb4d6a394b62825c99e04462
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83597
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:15 GMT
js
www.googletagmanager.com/gtag/ 		212 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10850344926&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WWTVXCM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c3f753a32feddae68daf0b884418960121210954b7a0afd6a18c144b642e07e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76363
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:15 GMT
tp.min.js
invitejs.trustpilot.com/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invitejs.trustpilot.com/tp.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.192.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-192-18.muc50.r.cloudfront.net
Software
/
Resource Hash
ab9a107dadcf1743abae886825985947f077d19ced7a0a31baf83680f1b36a3b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 01:15:20 GMT
via
1.1 89efe3a7854e47cf7f1fe47e28e39348.cloudfront.net (CloudFront)
last-modified
Mon, 28 Nov 2022 07:41:17 GMT
x-amz-cf-pop
MUC50-P1
age
39115
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
9851
x-amz-cf-id
w0fcZAdvsMpLtEFMrTLC-xt_t8YpslTvJCkhDDSHBN-o9Qc4gy-OeA==
cpa
prod.api.adline.com/api/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.api.adline.com/api/cpa?key=UID-tfkdnEFrHfZMEYSK7RV8
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.22.180 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-22-180.eu-west-1.compute.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
93d6fe3dced027c87ed8e524d4ba7f09626f3307922eac40f268212a47cd7fb2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cache-control
no-cache, private
content-encoding
br
server
nginx/1.20.2
content-disposition
inline; filename=cpa.js
x-xss-protection
1; mode=block
content-type
application/javascript
app.min.js
cdn.webpushr.com/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.webpushr.com/app.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.57.196 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
24121647cc448082299e345c46eadb6f1e488fcf6a0e11302fc8e7d67df711be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
last-modified
Wed, 24 May 2023 18:51:59 GMT
server
nginx/1.16.1
etag
W/"646e5ccf-aca2"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
x-gg-cache-status
HIT, HIT
cache-control
max-age=86400
expires
Sat, 01 Jul 2023 12:07:15 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		1 KB
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 26 Jun 2023 17:35:57 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=77112
accept-ranges
bytes
content-length
560
fa-brands-400.woff2
paytolet.com/themes/flex-home/libraries/fontawesome/fonts/ 		73 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/fontawesome/fonts/fa-brands-400.woff2
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/libraries/fontawesome/css/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30d34a03dcaa7bb6a46bb49960bd4d7648ca71068b0635da5784e3a1f9070ed6

Request headers

Referer
https://paytolet.com/themes/flex-home/libraries/fontawesome/css/fontawesome.min.css
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
81885
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://paytolet.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GSTqeZ5RQaYTi%2FOTDRxyIzaoAPuSt7rfh0p4urrViJ9HJDwd1Zj684S8fdyvyCqhSFbOv9F87QO8Fw6boV4HOnIVdDiSLm0PXgH0%2F67UwuexfeiVQbLMFZ52kqDTyDk3cFS6dYNkT4SDmw%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
cf-ray
7df649aefee26969-FRA
priority
u=0,i=?0
expires
Thu, 06 Jul 2023 13:22:30 GMT
fa-solid-900.woff2
paytolet.com/themes/flex-home/libraries/fontawesome/fonts/ 		115 KB
115 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/fontawesome/fonts/fa-solid-900.woff2
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/libraries/fontawesome/css/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5869f6bb9116c6dd0b6b691d57a17954f3c522cf9ae4497094e62146d8bac15

Request headers

Referer
https://paytolet.com/themes/flex-home/libraries/fontawesome/css/fontawesome.min.css
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://paytolet.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ph2iJe9BvO4nNwMEPlIOMX7lEE97aS2hoqHESMeTOP8ctGipSRloupnydXG57LZODLdNnK1BfF2Qe0qjo%2BS%2FhDjAxr2QsBwKseg0ORgDesWXuotxzOF9w79WvH0N9kyRKS4Fi1jJeI8q3Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
cf-ray
7df649aefee36969-FRA
priority
u=0,i=?0
expires
Fri, 07 Jul 2023 12:07:15 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 		392 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 07:44:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
15755
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127740
x-xss-protection
0
server
cafe
etag
1744020965594933375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 29 Jun 2024 07:44:40 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-218196865-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 10:35:22 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5513
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 30 Jun 2023 12:35:22 GMT
paytoelt-modern-cityscape-skyline-outline-doodle-drawing-on-white-5353663.jpg
paytolet.com/storage/logo/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/logo/paytoelt-modern-cityscape-skyline-outline-doodle-drawing-on-white-5353663.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b23c34a305d5ac98e5cf8df2ff04ac33de5f069e83962366023102218548f64b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 23 Nov 2022 15:57:25 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4erTjywbtkJFE%2B6tM0F8CNDrVwXryHozpGU49SG5c%2F7j%2BvMou6yNcpySYCotUB5G6AeZpCgYpygqdgXcOKsPro3XA2byeo0Jtgv0dQRwdy9TLz3uLilH3qWmueqjeFMp%2FX558VxAt4iexPg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649afafdb6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:15 GMT
cse_element__en.js
www.google.com/cse/static/element/827890a761694e44/ 		307 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/827890a761694e44/cse_element__en.js?usqp=CAI%3D
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7df96e17e2a169319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bad408ca687f7bbb93fa8a5bda6ed18d6a04ecdcb03ae364e5d074f6cd3d9c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 18:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104755
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 16:35:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 25 Jun 2024 18:50:18 GMT
default+en.css
www.google.com/cse/static/element/827890a761694e44/ 		41 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/element/827890a761694e44/default+en.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7df96e17e2a169319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 18:50:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
321417
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9102
x-xss-protection
0
last-modified
Thu, 08 Jun 2023 16:35:59 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Tue, 25 Jun 2024 18:50:18 GMT
greensky.css
www.google.com/cse/static/style/look/v4/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.google.com/cse/static/style/look/v4/greensky.css
Requested by
Host: cse.google.com
URL: https://cse.google.com/cse.js?cx=7df96e17e2a169319
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e75d9252582697a1b7a8cab4307bf877c4749655ccf731c148c44c3b519108b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:03:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1579
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Fri, 30 Jun 2023 12:53:43 GMT
0.json
pageimprove.io/s/e5254b13-8c38-40c3-8470-eeb1a0142506/paytolet.com/public/ 		0
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pageimprove.io/s/e5254b13-8c38-40c3-8470-eeb1a0142506/paytolet.com/public/0.json?version=1.0.0
Requested by
Host: pageimprove.io
URL: https://pageimprove.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.30.33 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
33.30.117.34.bc.googleusercontent.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 30 Jun 2023 12:07:15 GMT
cache-control
public, max-age=120
via
1.1 google
server
nginx/1.18.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/?random=1688126835179&cv=11&fst=1688126835179&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10850344926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa9bba5c2745b686813ea9e52325854a4f13b96fffb1c2286f48b2a8eaf3842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1338
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/10850344926/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10850344926/?random=1688126835195&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10850344926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
ee432cd521f48f722321b82164555df9c2bf4a38a00657c61b80576620b528fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1588
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/?random=1688126835199&cv=11&fst=1688126835199&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10850344926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b0669766d7046c59969c78d47af78e686cca308d3953506f6ff61b3413beb06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1339
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/10850344926/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/10850344926/?random=1688126835206&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10850344926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1df9281439d77d2fb421d34837981d08d71d6a860de2644f830e0c80e54fe2d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1587
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EZWW9JQPLY&gtm=45je36s0&_p=1663611148&_gaz=1&cid=1136948999.1688126835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1688126835&sct=1&seg=0&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dt=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZWW9JQPLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EZWW9JQPLY&cid=1136948999.1688126835&gtm=45je36s0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZWW9JQPLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=paytolet.com%2Fpublic%2F&tdp=G-EZWW9JQPLY;69162478;0;2;0&z=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
td
www.googletagmanager.com/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=gtm.init_consent&eid=-1&h=Ag&dl=paytolet.com%2Fpublic%2F&tdp=G-EZWW9JQPLY;69162478;0;2;0&z=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
server
Golfe2
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=gtm.init&eid=0&h=Ag&tr=1setproductsettings.1ogtgooglesignals.1ccdemvideo.1ccdgaregscope.1ccdemdownload.1ccdemscroll.1ccdconversionmarking.1ccdemsitesearch.1ccdemoutboundclick.1ccdempageview&ti=2setproductsettings.2ogtgooglesignals.2ccdemvideo.2ccdgaregscope.2ccdemdownload.2ccdemscroll.2ccdconversionmarking.2ccdemsitesearch.2ccdemoutboundclick.2ccdempageview&z=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=gtm.js&eid=1&h=Ag&tr=1gct&ti=1gct&z=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=gtag.config&eid=2&h=Ag&z=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EZWW9JQPLY&cid=1136948999.1688126835&gtm=45je36s0&aip=1&z=1442528234
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=gtag.config&eid=5&u=AAAAAAAAAAAAACA&h=Ag&epr=1G.2G&z=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
q.quora.com/_/ad/79cac46bc99b455f8d0ba24cf9e9f03d/ 		43 B
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.quora.com/_/ad/79cac46bc99b455f8d0ba24cf9e9f03d/pixel?j=1&u=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tag=ViewContent&ts=1688126835244
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.107.26 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-107-26.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:07:15 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Server
nginx
Connection
keep-alive
Content-Length
43
X-Q-Stat
,ccd415c2f58e2b52c214bd52e2ed5f1a,10.0.0.101,26482,37.58.58.244,,134735446683,1,1688126835.700,0.001,,.,0,0,0.000,0.004,-,0,0,197,150,75,10,34729,,,,,,-,
Content-Type
image/gif
a2zUHwIdOr7ikqrkHcnlKl.js
sc.tynt.com/script/sc/ 		47 B
434 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/a2zUHwIdOr7ikqrkHcnlKl.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/ti.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf24f883cd87ef58435746c4f919df31f420226fd2d545befcfc300366af7cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
status
200 OK
x-xss-protection
1; mode=block
x-request-id
51fecbfa-66fd-460b-9b16-01a4a94b1931
x-runtime
0.010263
x-content-digest
2fba23bee5021270feeacfa57ce6bc05e8b8a267
last-modified
Thu, 29 Jun 2023 14:08:01 GMT
server
cloudflare
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
max-age=86400, public, s-maxage=172800
cf-ray
7df649b0fb3c68e9-FRA
x-rack-cache
reload, store
expires
Sat, 01 Jul 2023 12:07:15 GMT
imp.gif
paytolet.com/detroitchicago/ 		43 B
629 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod58-c%22%2C%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A3%2C%22ad_lazyload_version%22%3A4%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C39%2C38%2C21%2C5%2C22%2C4%2C2%2C701%2C1%22%2C%22adx_ad_count%22%3A10%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A4%2C%22city%22%3A%22%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A6%2C%22domain_id%22%3A410164%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A4%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221006%2C1100%2C1110%2C1111%2C1114%2C1900%2C1901%2C1909%2C1975%2C1976%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22c2c3f7e1-3a16-4fad-421c-78a5c4d200de%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%22%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A82539%2C%22response_time_orig%22%3A196%2C%22serverid%22%3A%22i-0d5edd4182857d95e%22%2C%22state%22%3A%22%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1110%2C1111%2C1114%2C1900%2C1901%2C1909%2C1975%2C1976%22%2C%22t_epoch%22%3A1688126834%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fpaytolet.com%2Fpublic%2F%22%2C%22user_id%22%3A0%2C%22weather_precipitation%22%3A0%2C%22weather_summary%22%3A%22%22%2C%22weather_temperature%22%3A0%2C%22word_count%22%3A314%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display
imp_sol
alt-svc
h3=":443"; ma=86400
content-length
43
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://paytolet.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sidzpUsyb763BafjgVAecJXfVb6ELcbcy9J8nk39PYeKnomFjZVhjxIytuD0K21e27ZMSZ0Xi7dJN2neRSeB6CAsLbiv30wskodh6ipjfhNR%2FQAVJSq23yeqsA36wTxLIzw173toYrVx5hY%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
cf-ray
7df649b069196969-FRA
access-control-allow-headers
Content-Type
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:15 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 07 Jul 2023 12:07:15 GMT
cmbdv2.js
paytolet.com/detroitchicago/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/cmbdv2.js?gcb=195-3&cb=03-8y0c-6y1c-5y5e-22&cmbcb=151&sj=x03x0cx1cx5e
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad72cc6f0d61431b600cbcad6fb96b6391b9f66a2a5e6bdcac73f91d9e9f9df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86817
cf-polished
origSize=36353
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Jun 2023 12:00:18 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r%2FUWmDF22MD3A8t5p0AJgBp%2F5dYiD6Ops5FH7wTVkC0wGfdZ0QgRtkPafHdhAs7ablMfdC890KAwZZ35oN%2FUy21FdNG5myGxdiVbvLlA%2Fp8IMvfapXlc%2FWG%2F2%2B95oYdf%2FSrG4V28Ens%2BgBk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649b099686969-FRA
priority
u=3,i=?0
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EZWW9JQPLY&gtm=45je36s0&_p=1663611148&cid=1136948999.1688126835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1688126835&sct=1&seg=0&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dt=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&en=scroll&_c=1&epn.percent_scrolled=90&_et=88
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZWW9JQPLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bat.js
bat.bing.com/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54T4J4H
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Fri, 30 Jun 2023 12:07:15 GMT
last-modified
Thu, 11 May 2023 18:08:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 448FEC732704408E997FB425297146AE Ref B: FRAEDGE1915 Ref C: 2023-06-30T12:07:15Z
etag
"80df77953384d91:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
12183
conversations-embed.js
js.usemessages.com/ 		75 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21342073.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:63ac , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c5961b01b6612e4ff3224bf3c542bd1c21b45358343c4be87e16c9c002a946a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
x-amz-version-id
jjUrezIYj8IRX0nakH9qDCxmbBUEDnzv
via
1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
248
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.13513/bundles/project.js&cfRay=7df6439f4f5d18d8-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
3b9be5a4-4d19-4beb-95fd-c5b8d4f8d952
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
1
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
3b9be5a4-4d19-4beb-95fd-c5b8d4f8d952
last-modified
Tue, 27 Jun 2023 03:45:29 UTC
server
cloudflare
etag
W/"4ff90f95bf2a692be33b0ef93c6ffb8f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-h6thn
cf-ray
7df649b22a1a3687-FRA
x-amz-cf-id
fW81THFstyI5cTdbDYWl2dB1thoOGDlvuLPa2RQbK8k8w7y1ICSTCw==
x-hs-target-asset
conversations-embed/static-1.13513/bundles/project.js
collectedforms.js
js.hscollectedforms.net/ 		69 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hscollectedforms.net/collectedforms.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21342073.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.107.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3

Request headers

Referer
https://paytolet.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
x-amz-version-id
S1jmwKbmrdTaJO._teNI0LpuWSvl4WIJ
via
1.1 3042bd56e0ca0a7910df89f6b5e95e9e.cloudfront.net (CloudFront)
cf-cache-status
EXPIRED
content-encoding
br
x-amz-cf-pop
IAD12-P3
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
c5f5c143-761c-4b6f-a632-413dd214d5b2
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.378/bundles/project.js&cfRay=7df649b52b305b44-FRA
x-cache
Hit from cloudfront
cache-tag
staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
c5f5c143-761c-4b6f-a632-413dd214d5b2
last-modified
Tue, 13 Jun 2023 09:45:35 UTC
server
cloudflare
etag
W/"b19afd994dc32a5784e74169cca8128a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-evy-trace-virtual-host
all
x-hs-cache-status
HIT
cache-control
s-maxage=600, max-age=300
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-s8xd8
cf-ray
7df649b52b305b44-FRA
x-amz-cf-id
7prHd0UiLO7sYkFjmNkvARr_i4pD1S4ObMJDk121UUsYaaLlqz3DAg==
x-hs-target-asset
collected-forms-embed-js/static-1.378/bundles/project.js
banner.js
js.hs-banner.com/v2/21342073/ 		209 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-banner.com/v2/21342073/banner.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21342073.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fed92e56028dca8addea19cbe6de75170a2108fd700faf38f0fb781e1c79da81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
x-amz-version-id
dPN5EvHyLq4xw5zs8c2ZTkVsW8ls8s.d
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
6TFDKMVFT7K0QHJ4
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-envoy-upstream-service-time
82
x-amz-id-2
3KonW4BAe9qrGXNCZdX/ujPtFvtgRRhHz7l4Vj9xGGXloISlm3MvODzgcrOyWqFTbch0AyBgx67rjYOOF7MTEVrIJO8isK7nCzFqeT0UpiY=
x-evy-trace-listener
listener_https
x-request-id
482527b3-9cac-40f6-a85a-627ed412b7de
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 22 Jun 2023 19:01:19 GMT
server
cloudflare
etag
W/"1897fc758b07a5bd2557928aa0961c15"
access-control-max-age
604800
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://paytolet.com
x-evy-trace-virtual-host
all
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300,public
access-control-allow-credentials
true
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-f4w7q
vary
origin, Accept-Encoding
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray
7df649b3ffc33653-FRA
expires
Fri, 30 Jun 2023 12:12:16 GMT
21342073.js
js.hs-analytics.net/analytics/1688126700000/ 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hs-analytics.net/analytics/1688126700000/21342073.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21342073.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:8bce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
400a32c50b37971cce4b4e7a3f9ce754efab3afbf1767c695bf2156ae136e771

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
x-amz-version-id
null
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
GC157KCFQGSB8SZ7
x-evy-trace-route-service-name
envoyset-translator
x-amz-server-side-encryption
AES256
x-hubspot-correlation-id
7a582cc7-a00c-464f-881b-1f1b8c1b6c92
age
37
x-envoy-upstream-service-time
26
x-amz-id-2
geZZsoIDs+pRKQ4AOKYXNPKW+4rR7EK228Ign1e9PCBTLvZoW/TFguq71IXyg2AeuvowTcUkAKtlKBp4mK+kErA8tC535qfsArD6AcHlf68=
x-evy-trace-listener
listener_https
x-request-id
7a582cc7-a00c-464f-881b-1f1b8c1b6c92
x-evy-trace-route-configuration
listener_https/all
last-modified
Thu, 15 Jun 2023 15:22:08 GMT
server
cloudflare
etag
W/"32d4d77ab623d2a73306d070fcd0a27f"
vary
origin, Accept-Encoding
content-type
text/javascript
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-2sbs7
cache-control
max-age=300,public
access-control-allow-credentials
false
cf-ray
7df649b38a5d9232-FRA
expires
Fri, 30 Jun 2023 12:11:37 GMT
fb.js
js.hsadspixel.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21342073.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:78be , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1874f11501aa7118cdfa7af21a9ef1c87301e917881dc941831b122d82b34a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
x-amz-version-id
tZNqk9JR4hpL4HhK3M1JevHxbsFiShRO
via
1.1 c5f8f8068a88ebb73e505f5e51b5262e.cloudfront.net (CloudFront)
cf-cache-status
HIT
content-encoding
br
x-amz-cf-pop
IAD12-P3
age
334
x-amz-server-side-encryption
AES256
x-evy-trace-route-service-name
envoyset-translator
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.382/bundles/pixels-release.js&cfRay=7df64187ff951d92-FRA
x-cache
Hit from cloudfront
x-hubspot-correlation-id
a3343ced-d761-4706-8119-3f7150495cb8
cache-tag
staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
x-envoy-upstream-service-time
0
x-amz-replication-status
COMPLETED
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
a3343ced-d761-4706-8119-3f7150495cb8
last-modified
Tue, 20 Jun 2023 11:26:10 UTC
server
cloudflare
etag
W/"15e730192a32cd4563797f160ff1fd6f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-hs-cache-status
HIT
x-evy-trace-virtual-host
all
cache-control
max-age=600
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-frzj9
cf-ray
7df649b38aa11da4-FRA
x-amz-cf-id
oTKoEvEKUgWlE3WBP1p0_qnmrZrSGitA1pD-W5fOShebFMg71mO16Q==
x-hs-target-asset
adsscriptloaderstatic/static-1.382/bundles/pixels-release.js
p
ic.tynt.com/b/ 		0
228 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=a2zUHwIdOr7ikqrkHcnlKl&lm=0&ts=1688126835344&dn=TI&iso=0&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&t=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&chmob=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 30 Jun 2023 12:07:16 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EZWW9JQPLY&gtm=45je36s0&_p=1663611148&cid=1136948999.1688126835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAC&_s=3&sid=1688126835&sct=1&seg=1&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dt=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&en=page_view&_c=1&_et=33
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZWW9JQPLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EZWW9JQPLY&gtm=45je36s0&_p=1663611148&cid=1136948999.1688126835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=4&sid=1688126835&sct=1&seg=1&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dt=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&en=paytolet&_c=1&ep.Home%20Landing=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&_et=1&up.Event=gtm.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EZWW9JQPLY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Jun 2023 12:07:16 GMT
x-content-type-options
nosniff
content-encoding
br
age
2848
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230080-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
esp.js
cdn.id5-sync.com/api/1.0/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.86 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
KQFF0FWPP4C17CP6
age
13
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7df649b598003815-FRA
x-amz-id-2
8HczqSS59NC5+bMgvklOJToJ5CbRskupftalLHCw5wQPI4bAuQkMqhcD6kfepdHSTAjOpZlv/QM=
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:42:25 GMT
via
1.1 google
age
1491
x-guploader-uploadid
ADPycdukGx8lb9liT8hYvnsvw6rcCc1jAx363WM1jziCe7eqJKJ79vHqnv0UTY-aiLoOB8Xc0sulGZJ242dn2JRKkQjB9_q-XA62
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1938
last-modified
Thu, 27 Apr 2023 19:53:17 GMT
server
UploadServer
etag
"0a4a90264145ed4c5c647dae5dfb0429"
x-goog-generation
1682625197861193
x-goog-hash
crc32c=jhvysQ==, md5=CkqQJkFF7UxcZH2uXfsEKQ==
content-type
text/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
1938
accept-ranges
bytes
expires
Fri, 30 Jun 2023 12:42:25 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-23.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 05:20:10 GMT
content-encoding
gzip
via
1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
24426
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ZJ2qwFLHggdgfizAThDCAb9_oq1RRL6jxAT2Shg-723i83YWwiusXA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225b:3a00:a:e047:753:be1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-amz-version-id
null
Date
Fri, 30 Jun 2023 05:58:56 GMT
Via
1.1 28e56b9ddced4ed414e75f87cbd0d976.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
MUC50-P1
Age
22101
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
SVBLKJ05r0HwOgOQvHPfgqS30g39U9Z8QilSKI57D24O5zaL_p19iA==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 19 Jun 2023 16:21:58 GMT
content-encoding
gzip
age
935117
x-guploader-uploadid
ADPycdu0ofEeAAYzdW5Z96wZyLXgm23ax7D6-P-kRrnYYyzN40_lI7nGf6iRwNhdTCtUf4jMUk4Ic8OfTq9SQAz3Ia2XKw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 18 Jun 2024 16:21:58 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 31 May 2023 13:09:50 GMT
server
nginx
etag
W/"6477471e-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Jul 2023 12:07:16 GMT
modules.b7e89cfe73c8ba46aa49.js
script.hotjar.com/ 		270 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.b7e89cfe73c8ba46aa49.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2812607.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-84.muc50.r.cloudfront.net
Software
/
Resource Hash
22ae6f58bd1013447d9f05ea28371857449f6404f6190d66ca7347325ccb81bc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:34:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
1989
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70392
last-modified
Fri, 30 Jun 2023 11:33:12 GMT
etag
"a42f04af7254bdab75b4bea0d6e20478"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
mLKGip60l3WvpmQJ1tJRQgV3Mfp63hA5EiHrww7h88oTNVSXadXf0A==
insight.beta.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 21 Jun 2023 22:23:45 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=16578
accept-ranges
bytes
content-length
4807
collect
www.google-analytics.com/j/ 		2 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1663611148&t=pageview&_s=1&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ul=en-us&de=UTF-8&dt=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1840381624&gjid=1944674170&cid=1136948999.1688126835&tid=UA-218196865-1&_gid=593329929.1688126835&_r=1&gtm=457e36s0&jsscut=1&z=210998848
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1663611148&t=pageview&_s=2&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ul=en-us&de=UTF-8&dt=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=1136948999.1688126835&tid=UA-218196865-1&_gid=593329929.1688126835&gtm=457e36s0&jsscut=1&z=1230156337
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 06:12:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
21259
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/aigj3e8vew?ref=bwt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
last-modified
Mon, 26 Jun 2023 21:38:04 GMT
etag
W/"0x8DB768D9FE1FAC0"
vary
Accept-Encoding
x-azure-ref
20230630T120715Z-8k83fnmre13km8txsamcyp95qn0000000sbg00000000p52x
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
594b0475-201e-0033-7199-a87170000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
/
www.google.de/pagead/1p-conversion/10850344926/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/?random=22240904&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpayt...
  • https://www.google.com/pagead/1p-conversion/10850344926/?random=22240904&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&...
  • https://www.google.de/pagead/1p-conversion/10850344926/?random=22240904&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&l...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10850344926/?random=22240904&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzJrVTVXcURZNGpGb21mWEpnUW5vRUhUSHZpQnlXYTYxbGVBWUdsTlhwSEZWWTl6VDB5OUNxRSITCI7W6cL66v8CFRSJsgod4moJhA&is_vtc=1&ocp_id=c8WeZM7QEZSSygXi1aWgCA&cid=CAQSKQBygQiDmC6IErsXqfzTdECRPBhsIAZIhbIukH3l_Cius-Ow48WMQqFz&random=1036975859&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/10850344926/?random=22240904&cv=11&fst=1688126835206&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzJrVTVXcURZNGpGb21mWEpnUW5vRUhUSHZpQnlXYTYxbGVBWUdsTlhwSEZWWTl6VDB5OUNxRSITCI7W6cL66v8CFRSJsgod4moJhA&is_vtc=1&ocp_id=c8WeZM7QEZSSygXi1aWgCA&cid=CAQSKQBygQiDmC6IErsXqfzTdECRPBhsIAZIhbIukH3l_Cius-Ow48WMQqFz&random=1036975859&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/10850344926/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/?random=2101720508&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpa...
  • https://www.google.com/pagead/1p-conversion/10850344926/?random=2101720508&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2...
  • https://www.google.de/pagead/1p-conversion/10850344926/?random=2101720508&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/10850344926/?random=2101720508&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzNFTFNiYV9ILU9EYTFCbXd1WHFFWTRUbUVjNEhIbVVfUmYzZEd1T0FCNnZWdG4zSUxNaUVJVSITCLvK6cL66v8CFUmJsgodUoQOLA&is_vtc=1&ocp_id=c8WeZPvEEcmSygXSiLrgAg&cid=CAQSKQBygQiDUuokqzL9CVq-xHX-qi7crSVYXNS6zfFEsDTSBcCMxt_PKxWF&random=1426697551&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/10850344926/?random=2101720508&cv=11&fst=1688126835195&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&label=7x_pCLz835sDEN6_7LUo&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&gtm_ee=1&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEVJOFByNXBBWVFzTUhmdEpLRDByV2JBUklsQUdwRkFHcHZ1QmZjam4wbk9GbndqdmtTRlAtdWZQZ2Y1STVqdUpZdkxjSzF0M25OUFEaV0NoQUk4UHI1cEFZUW9iS0luY3E4MWVzV0VpMEFGQS1zRzNFTFNiYV9ILU9EYTFCbXd1WHFFWTRUbUVjNEhIbVVfUmYzZEd1T0FCNnZWdG4zSUxNaUVJVSITCLvK6cL66v8CFUmJsgodUoQOLA&is_vtc=1&ocp_id=c8WeZPvEEcmSygXSiLrgAg&cid=CAQSKQBygQiDUuokqzL9CVq-xHX-qi7crSVYXNS6zfFEsDTSBcCMxt_PKxWF&random=1426697551&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10050.oWe9YOIJv_HpK5ZVPeCMHRTUC_panTVpn8TuJRsQnbPATOoYCL4B6YmXfSVvUDBq.-YzEvFIA_D8prxetRBoB16zd-z8%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10050.4ANhYQyLRt7_iQHUetQjQ7ZENW5IulavFgvU8Jr0JNVfOhEl9N__wd-pgjLKnkK3QDGdf1oeg1rPyNYt1DohcDoHUc6Xh53dLhTJzumZLW4%2C.JakZ4jr61-kykVRMehlnnQFvhtY%2C
43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=10050.4ANhYQyLRt7_iQHUetQjQ7ZENW5IulavFgvU8Jr0JNVfOhEl9N__wd-pgjLKnkK3QDGdf1oeg1rPyNYt1DohcDoHUc6Xh53dLhTJzumZLW4%2C.JakZ4jr61-kykVRMehlnnQFvhtY%2C
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=10050.4ANhYQyLRt7_iQHUetQjQ7ZENW5IulavFgvU8Jr0JNVfOhEl9N__wd-pgjLKnkK3QDGdf1oeg1rPyNYt1DohcDoHUc6Xh53dLhTJzumZLW4%2C.JakZ4jr61-kykVRMehlnnQFvhtY%2C
date
Fri, 30 Jun 2023 12:07:15 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-218196865-1&cid=1136948999.1688126835&jid=1840381624&gjid=1944674170&_gid=593329929.1688126835&_u=YADAAUAAAAAAACAAI~&z=2137900737
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 30 Jun 2023 12:07:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api.louassist.com/v1/assistant/public/289340402156/script-data/ 		50 B
636 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.louassist.com/v1/assistant/public/289340402156/script-data/
Requested by
Host: run.louassist.com
URL: https://run.louassist.com/v2.5.1-m?id=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5614a46f9a51eabf15239f22ffe370c2d3c9dccc6e9369c0c1791a3212fca4c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
x-frame-options
DENY
vary
Accept, Origin, Cookie
content-type
application/json
access-control-allow-origin
https://paytolet.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0531Wx6oRTmwM0GA3E7C%2FqtbwSL5vUN1q0iMfoB3hoqwceGcnVwVj1YfB1sC7%2BtGVmDJnAhV94KVlH6tXZusorSX8pNivp%2Fl4rjSJXtrLqy%2Fn4SoL3ce%2BnOc7QvZKm6SPMQjh2l4GY6MMMhjH%2F3b3g%3D%3D"}],"group":"cf-nel","max_age":604800}
allow
GET, OPTIONS
access-control-allow-credentials
true
cf-ray
7df649b26a6b3764-FRA
token
cdn.linkedin.oribi.io/partner/4624961/domain/paytolet.com/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/4624961/domain/paytolet.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-96.muc50.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:06:41 GMT
content-encoding
gzip
via
1.1 106a2e3801afa4dfd5bd4bfaeb93d526.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
35
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=35847
x-amz-cf-id
6LiIRJAtcwkP2RboHs8CC-3ygnglRU9Mm7F_fO1U8RsiBzFBr2WbZQ==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4624961&time=1688126835533&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4624961&time=1688126835533&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D4624961%26time%3D1688126835533%26url%3Dhttps%253A%252F%252Fpaytolet.com%252Fpubli...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4624961&time=1688126835533&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&cookiesTest=true&liSync=true
0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4624961&time=1688126835533&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&cookiesTest=true&liSync=true
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 175464AD5201471EB0F115B3C5397846 Ref B: FRAEDGE1518 Ref C: 2023-06-30T12:07:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAX/V6iBwxWqkpVaYm56iw==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' snap.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 12:07:16 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAX/V6h9ARC+jD5cqeo0+g==
pragma
no-cache
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 25A2DCDB0383432995878419DE6BC9D6 Ref B: FRAEDGE1518 Ref C: 2023-06-30T12:07:17Z
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=4624961&time=1688126835533&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
pub-7184064643088596
fundingchoicesmessages.google.com/b/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-7184064643088596
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9912196cfbb855b3a035ec2d7cd7b6b30b278131ecb6c29062726ad75b98869
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-e-L9r1MGVQapFarJ3rqt8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
script-src 'report-sample' 'nonce-e-L9r1MGVQapFarJ3rqt8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t7R-tCKQ.woff2
fonts.gstatic.com/s/nunitosans/v15/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v15/pe0TMImSLYBIv1o4X1M8ce2xCx3yop4tQpF_MeTm0lfGWVpNn64CL7U8upHZIbMV51Q42ptCp7t7R-tCKQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,600,700,800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
c1dbb40c462897a6e1deba145143a9bb0d84c27afc6029b4f83740349d9d1238
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 14:56:14 GMT
x-content-type-options
nosniff
age
76261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27216
x-xss-protection
0
last-modified
Thu, 27 Apr 2023 00:53:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Jun 2024 14:56:14 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1663611148&t=event&ni=1&_s=3&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ul=en-us&de=UTF-8&dt=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1y0uci6&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=1136948999.1688126835&tid=UA-218196865-1&_gid=593329929.1688126835&gtm=457e36s0&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Faigj3e8vew%2Frdh2wz%2F1y0uci6&z=347174544
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 17:28:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67133
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1663611148&t=event&ni=1&_s=4&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ul=en-us&de=UTF-8&dt=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1y0uci6&_u=aDDAAUABAAAAACAAI~&jid=&gjid=&cid=1136948999.1688126835&tid=UA-218196865-1&_gid=593329929.1688126835&gtm=457e36s0&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Faigj3e8vew%2Frdh2wz%2F1y0uci6&z=622997568
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 29 Jun 2023 17:28:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
67133
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWW0yAuIRhPEMrxHgpoNPI7Fro-ERbqFEDgh9QpgwVQlrBGmVqtL5gJFXhvBTVbdzxYe-muRnWh4uTN7ijzX9s=
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWW0yAuIRhPEMrxHgpoNPI7Fro-ERbqFEDgh9QpgwVQlrBGmVqtL5gJFXhvBTVbdzxYe-muRnWh4uTN7ijzX9s=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg4MTI2ODM1LDYzNzAwMDAwMF0sIkQxMDkxQUU1LTEyRjYtNDdBRi04QTEzLUJFMDhBRTJFNUU4QSIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vcGF5dG9sZXQuY29tL3B1YmxpYy8iLG51bGwsW1s4LCJ1MkN6QTdHeWs0ZyJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a0ccc5355a9350669c11c13a38d1777b674d450aa25274e99edf994096606253
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-99XHI_pOIDgfXDkr9u3F8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-99XHI_pOIDgfXDkr9u3F8w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
get_info
bot.webpushr.com/prompt/ 		27 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bot.webpushr.com/prompt/get_info
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
157.230.100.179 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7d19b9fff3b33035c316f3e338c92ba5e82be0e82e12dcfe1c7cb9d928a73dff

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

server_name
lookup3
Date
Fri, 30 Jun 2023 12:07:15 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
X-Fastcgi-Cache
EXPIRED
Access-Control-Allow-Origin
https://paytolet.com
Access-Control-Allow-Credentials
true
proxy_server_name
fr1_lookup_proxy
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
X-Proxy-Cache
STALE
session
analytics.webpushr.com/impression/ 		0
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.webpushr.com/impression/session
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.54.9 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Jun 2023 12:07:15 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://paytolet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=1582104233802460&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=3162661208&didk=2639643799&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D687389980650716%26eid%3D687389980650716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-2-687389980650716%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26asau%3D8408181829%26bv%3D18%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688126835672&lmt=1688126835&dlt=1688126834513&idt=860&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYyJXN4ZAxSABSAghkEhcKCHJ0YmhvdXNlGMiVzeGQMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSGQoKdWlkYXBpLmNvbRjJlc3hkDFIAFICCGQSFAoFb3BlbngYyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjIlc3hkDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
65d7999d97b566dedbe5b8da9c538622efb0d26fc38b12c00eefb14fa610cb8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
670
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=1970633947702555&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=2&adks=1957513018&didk=3512010702&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D8292738108625282%26eid%3D8292738108625282%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpaytolet_com-edge-1-8292738108625282%26eb_br%3Da495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688126835680&lmt=1688126835&dlt=1688126834513&idt=860&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYyJXN4ZAxSABSAghkEhcKCHJ0YmhvdXNlGMiVzeGQMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSGQoKdWlkYXBpLmNvbRjJlc3hkDFIAFICCGQSFAoFb3BlbngYyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjIlc3hkDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2704d8857780ed1765ddbf4b2ca324ad0759138f7a8a3f0061aaa0cb1c3903f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
586
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F1B1 		0
0
Index
sherpa.agoda.com/Static/ Frame 078E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
Requested by
Host: cdn0.agoda.net
URL: https://cdn0.agoda.net/images/sherpa/js/sherpa_init1_08.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software
istio-envoy /
Resource Hash
5941a626695f3d452e86105f287b35a17017e3477a9f421a285782f23d05fa7f

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

ag-correlation-id
c6a9ad3f-8cf6-4de9-9874-175595da70e8
cache-control
public,max-age=300
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 12:07:15 GMT
server
istio-envoy
transfer-encoding
chunked
vary
User-Agent,Accept-Encoding
x-envoy-upstream-service-time
6
v2
de.tynt.com/deb/ 		4 B
326 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=a2zUHwIdOr7ikqrkHcnlKl&dn=TI&cc=1&chmob=0&r=&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/ti.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Fri, 30 Jun 2023 12:07:15 GMT
cache-control
max-age=86400
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
4
expires
Sat, 01 Jul 2023 12:07:16 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-218196865-1&cid=1136948999.1688126835&jid=1840381624&_u=YADAAUAAAAAAACAAI~&z=1672729054
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-218196865-1&cid=1136948999.1688126835&jid=1840381624&_u=YADAAUAAAAAAACAAI~&z=1672729054
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
ads
securepubads.g.doubleclick.net/gampad/ 		3 KB
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=3714016053006970&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&iu_parts=1254144%3A22852681713%2Cpaytolet_com-box-2%2Cpaytolet_com-box-3&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C468x60&ifi=3&adks=3730846524%2C2888625247&didk=1533033682~1533032731&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D7536534294636650%26eid%3D7536534294636650%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1900%26sap%3D1900%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dpaytolet_com-box-2-7536534294636650%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%7Ca%3D%257C0%257C%26iid1%3D32787398583637%26eid%3D32787398583637%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpaytolet_com-box-3-32787398583637%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1688126835707&lmt=1688126835&dlt=1688126834513&idt=860&adxs=436%2C566&adys=157%2C1175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0&ucis=3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1600x90%7C1410x60&msz=728x90%7C468x60&fws=0%2C0&ohw=0%2C0&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYyJXN4ZAxSABSAghkEhcKCHJ0YmhvdXNlGMiVzeGQMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSGQoKdWlkYXBpLmNvbRjJlc3hkDFIAFICCGQSFAoFb3BlbngYyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjIlc3hkDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fccf4c44ba6e220d5b4bb6c8a9ef4e07177b33f15139e3cbc11ee6954a3a2c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
603
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/ 		344 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7184064643088596&plah=paytolet.com&bust=31075664
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7184064643088596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4e539500752069c624d4c1c9719b0cd75bf0e88923c78017e42ceb8e095596ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120898
x-xss-protection
0
server
cafe
etag
9597987923561657142
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:07:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/ Frame 1348 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230627/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7184064643088596
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
16377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4544
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 07:34:18 GMT
etag
12368291122986407432
expires
Fri, 14 Jul 2023 07:34:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6A65 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/js/components.js?v=2.29.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:16 GMT
expires
Sat, 29 Jun 2024 12:07:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
properties
paytolet.com/ajax/ 		26 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/ajax/properties?type=sale
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/js/components.js?v=2.29.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7629303e79e930ce0b081ab8757ff9de381b5be526cb8aa3c531eab315079dc

Request headers

Accept
application/json, text/plain, */*
Referer
https://paytolet.com/public/
X-XSRF-TOKEN
eyJpdiI6InNkR2pOeDJldEIvVENBU3pJRmlTenc9PSIsInZhbHVlIjoiQlUvS0lJMDJXUFRsMnFWbkFCZkFVTjJIRm9LZEZEZVBVeUhhOHRWWFQyWE02a1RzaVVvd1p6aXNHejQvZmsrWGlyUmxPVHI3UkUydGRkTG9wOGFwdTB2VXdZTnFvKzRwa3FEN0lQVGZwK21Da0pnMmVKMFFOZGNBM05HMXhwMUciLCJtYWMiOiJhMjExZjY3MmZlNTFhYTY1MTEzZDM3ZGM1NmMxY2Q3ZjBkOThjODJhOWU0NjA3NTM0MDBiNzdlNGZjZjI5YTFlIiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TV0dKwMchJf2DlkrWTL0Ux5x9r11%2FZ89RA4YoTbfsglJFE3kcZbCkA9IHBuLMSAboRE3s%2FxZ2zK2PTx64o1JOhpAAXUcPB0d5KfGtm3zbN5W9rXh9K6F4PfI2XitxYeuxOkhEz%2BJk2zfBrI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
7df649b3fd466969-FRA
priority
u=1,i
properties
paytolet.com/ajax/ 		20 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/ajax/properties?type=rent
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/js/components.js?v=2.29.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7787fd9bcaab977f378061acdfe9bc6c012f8d6189a3ba41f2d33b886580aef2

Request headers

Accept
application/json, text/plain, */*
Referer
https://paytolet.com/public/
X-XSRF-TOKEN
eyJpdiI6InNkR2pOeDJldEIvVENBU3pJRmlTenc9PSIsInZhbHVlIjoiQlUvS0lJMDJXUFRsMnFWbkFCZkFVTjJIRm9LZEZEZVBVeUhhOHRWWFQyWE02a1RzaVVvd1p6aXNHejQvZmsrWGlyUmxPVHI3UkUydGRkTG9wOGFwdTB2VXdZTnFvKzRwa3FEN0lQVGZwK21Da0pnMmVKMFFOZGNBM05HMXhwMUciLCJtYWMiOiJhMjExZjY3MmZlNTFhYTY1MTEzZDM3ZGM1NmMxY2Q3ZjBkOThjODJhOWU0NjA3NTM0MDBiNzdlNGZjZjI5YTFlIiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4kcKNw%2Bn3BXN2rbi5JCQ%2BZjUUnv57DDud%2F7xQTT6FgbUO%2FuXEyohBLNGMR2cHYAczDpiFzp4STUCQzPqSgW97IbxPwpZijgs3%2FZNsVwtKYf8wMI5VgekU%2Bj68l7E6SEFR5QhIaHmh3WVPE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
7df649b3fd476969-FRA
priority
u=1,i
featured
paytolet.com/ajax/agents/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/ajax/agents/featured?limit=4
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/js/components.js?v=2.29.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3ad1e7d25dfad39a00724579c180be50697940ca9f273b700dd3499ffe25d0

Request headers

Accept
application/json, text/plain, */*
Referer
https://paytolet.com/public/
X-XSRF-TOKEN
eyJpdiI6InNkR2pOeDJldEIvVENBU3pJRmlTenc9PSIsInZhbHVlIjoiQlUvS0lJMDJXUFRsMnFWbkFCZkFVTjJIRm9LZEZEZVBVeUhhOHRWWFQyWE02a1RzaVVvd1p6aXNHejQvZmsrWGlyUmxPVHI3UkUydGRkTG9wOGFwdTB2VXdZTnFvKzRwa3FEN0lQVGZwK21Da0pnMmVKMFFOZGNBM05HMXhwMUciLCJtYWMiOiJhMjExZjY3MmZlNTFhYTY1MTEzZDM3ZGM1NmMxY2Q3ZjBkOThjODJhOWU0NjA3NTM0MDBiNzdlNGZjZjI5YTFlIiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1SDDzkvvQIB2MHSm2yF9xUeJtbfJtmUBovGEaNeqeAC7yiqvuXJJ4O4BWhAWZKkOM5vgQl3pL01POg4nDZr67qrkyHc0ysm1aSex1XqeW7KRyyKa0y8%2BG0saIDuUanTRBLluH%2BxhTq9izT4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
7df649b3fd496969-FRA
priority
u=1,i
posts
paytolet.com/ajax/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/ajax/posts
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/js/components.js?v=2.29.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a19e36401943762efbbf44d5e485e5b352042330ae476eec64aa95659b797b

Request headers

Accept
application/json, text/plain, */*
Referer
https://paytolet.com/public/
X-XSRF-TOKEN
eyJpdiI6InNkR2pOeDJldEIvVENBU3pJRmlTenc9PSIsInZhbHVlIjoiQlUvS0lJMDJXUFRsMnFWbkFCZkFVTjJIRm9LZEZEZVBVeUhhOHRWWFQyWE02a1RzaVVvd1p6aXNHejQvZmsrWGlyUmxPVHI3UkUydGRkTG9wOGFwdTB2VXdZTnFvKzRwa3FEN0lQVGZwK21Da0pnMmVKMFFOZGNBM05HMXhwMUciLCJtYWMiOiJhMjExZjY3MmZlNTFhYTY1MTEzZDM3ZGM1NmMxY2Q3ZjBkOThjODJhOWU0NjA3NTM0MDBiNzdlNGZjZjI5YTFlIiwidGFnIjoiIn0=
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xOXVdI6u9j4U%2B380gkYscCFcKMSNyo64Dq1Z%2FaxKXw6OP85hSxIzzrxzmqcsNF4aMp%2BWjgm8GNy5avUVqpN2MJtSopQgj9vVDAW98h1Zj4MF5UNt0vq%2FvMozx7J%2FQxSXvO7hUNnJ4hJRqt8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
cf-ray
7df649b3fd4d6969-FRA
priority
u=1,i
AGSKWxUCfVH0qedVlrzSfmJihHhog5ANG2FECWnzGBmOsPZLzIm9mSDdXAYlBydJ5DbcvC_rupGX4Ld1REqM6uCMCZZToA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUCfVH0qedVlrzSfmJihHhog5ANG2FECWnzGBmOsPZLzIm9mSDdXAYlBydJ5DbcvC_rupGX4Ld1REqM6uCMCZZToA==
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RRUQl6MEYTEZl2a8K6mUXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-RRUQl6MEYTEZl2a8K6mUXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://paytolet.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Jun 2023 12:07:16 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
HvZk+ae0YcMP5e3niH1udbDNl2qXkh+oyfjY1+8lYmayr5M4khcRL5efyjOb/smVlh+cuoZPTxAKeOEP6aRAdA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		141 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11165448312
Requested by
Host: prod.api.adline.com
URL: https://prod.api.adline.com/api/cpa?key=UID-tfkdnEFrHfZMEYSK7RV8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e2406197ffaaa60f120018bc024fd6e14eebf16fd1109908d7265bdaaf385354
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
55064
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:15 GMT
js
www.googletagmanager.com/gtag/ 		141 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11165448312&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-WWTVXCM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a45d5cb959d21cd7a042ef1e23ee0922d718b4d4342adac45fccd645a6ab7189
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
55000
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:15 GMT
js
www.googletagmanager.com/gtag/ Frame 078E 		175 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-6446424-36
Requested by
Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
adbb927b59fb265a16d9e9f95b64fee9a554c93d72018c19a7538c1aaa1f61ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sherpa.agoda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
65354
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:15 GMT
widestatic_simple.min.css
sherpa.agoda.com/css/production/ Frame 078E 		72 KB
72 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sherpa.agoda.com/css/production/widestatic_simple.min.css?v=_6u8GJLmnXT7cXoGpKHWONcS45nggdtztM0a3mR8kRQ
Requested by
Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software
istio-envoy /
Resource Hash
ffabbc1892e69d74fb717a06a4a1d638d712e399e081db73b4cd1ade647c9114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
last-modified
Fri, 03 Mar 2023 02:43:21 GMT
server
istio-envoy
etag
"1d94d79eaceb5fa"
content-type
text/css
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
73594
logo-color.png
cdn0.agoda.net/images/sherpa/logo/v1/ Frame 078E 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn0.agoda.net/images/sherpa/logo/v1/logo-color.png
Requested by
Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-188.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c1c1a6dc0077c6c25cdc9ccc26e81c72030b342e2fe388914f38d84571c0b24f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sherpa.agoda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
last-modified
Mon, 15 May 2017 06:50:45 GMT
server
nginx
x-dc
ASH
etag
"6825e9447cdd21:0"
x-cache-status
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2098179
accept-ranges
bytes
timing-allow-origin
*
content-length
6487
expires
Mon, 24 Jul 2023 18:56:54 GMT
common-scripts.min.js
sherpa.agoda.com/js/production/ Frame 078E 		131 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sherpa.agoda.com/js/production/common-scripts.min.js
Requested by
Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software
istio-envoy /
Resource Hash
601a7644b2a2838ad9404c7b57d79151d9610c3f2d43c07f609300f7f930794f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:14 GMT
last-modified
Fri, 03 Mar 2023 02:43:23 GMT
server
istio-envoy
etag
"1d94d79ec02db18"
content-type
application/javascript
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
134296
simplesearchbox.min.js
sherpa.agoda.com/js/production/ Frame 078E 		14 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sherpa.agoda.com/js/production/simplesearchbox.min.js?v=qXO6hVAqSYFgfrYjOylLRUXFtv84udWEYPHipVeZKGM
Requested by
Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
103.200.108.61 , Netherlands, ASN45530 (AGODA-TH-AS-AP The Offices at Central World, 27th floor, TH),
Reverse DNS
Software
istio-envoy /
Resource Hash
a973ba85502a4981607eb6233b294b4545c5b6ff38b9d58460f1e2a557992863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
last-modified
Fri, 03 Mar 2023 02:43:20 GMT
server
istio-envoy
etag
"1d94d79ea3722f8"
content-type
application/javascript
x-envoy-upstream-service-time
1
accept-ranges
bytes
content-length
14072
095812cb705f7bb4e9fad4541.js
chimpstatic.com/mcjs-connected/js/users/1effe642718bec7e021dee11a/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chimpstatic.com/mcjs-connected/js/users/1effe642718bec7e021dee11a/095812cb705f7bb4e9fad4541.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.208.149.253 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-149-253.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
104
Date
Fri, 30 Jun 2023 12:07:16 GMT
Content-Encoding
gzip
x-amz-request-id
Q2V4SZ6FZRDQD74K
X-EdgeConnect-MidMile-RTT
0
Connection
keep-alive
Content-Length
653
x-amz-id-2
hgPH/DPhVILDIuw9DGS3basy43jNiGYjiEWrX1GPypcGNT48JeT2t4skRGoAgDIvZRXe2d9vI4o=
Last-Modified
Tue, 14 Jun 2022 22:08:33 GMT
Server
AmazonS3
ETag
"4b60d3ea13c42468679685c32a1680ac"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=1742
Accept-Ranges
bytes
Expires
Fri, 30 Jun 2023 12:36:18 GMT
xfbml.customerchat.js
connect.facebook.net/en_US/sdk/ 		321 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk/xfbml.customerchat.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1f98869df9d8d50e62236048fd4f7925ac51a367492362b66407205396750afc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 12:07:16 GMT
content-md5
10i0PLKPl054woHpiFKk1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
92608
x-fb-debug
o37Xvw90Zvu9aBgcl5ta7AN4TIYoUDrZg8PLMPViWJX0gSDOPXIJ9VdK9QvXfQaIbeYHS7mfxGAo22iCK+tpFA==
x-fb-content-md5
e9f64a7c2b4f4b87232e096076aad00c
cross-origin-opener-policy
same-origin-allow-popups
etag
"9d1d73a843e2418b4c23c4f25cd73a23"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:21:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		361 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
123120
x-xss-protection
0
expires
Fri, 30 Jun 2023 12:07:16 GMT
kenai.js
paytolet.com/detroitchicago/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/kenai.js?gcb=3&cb=6
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86818
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Jun 2023 12:00:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMcB9TM%2FpMYci3GJFv%2BrBlkAJGH6OMP26pdYmV2538JMDgrB9p958x7tsODG4YIqzPn0fClx%2F%2BzvD2%2BjalF1BN1ajneyj%2B9kl3mAYVjA3QkKh0EhhBPQbjRgMtGv16nP2IV4VN9KsRLf0Ow%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649b45daf6969-FRA
priority
u=3,i=?0
portland.js
paytolet.com/detroitchicago/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/portland.js?gcb=3&cb=9
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c6f6d530015f6103f20b2afab894e9f567fc382b43c2c6b1a487ed49c083ad7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86818
cf-polished
origSize=31587
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Jun 2023 12:00:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C8ACfTBTRxHxnJNz5y7Mj4CgAfbNMcq4oHiMmqU8L0hPCi0z9tafcAO1CDZ2BkNZmmX36azRCYj%2F5m9TjsFPmFYdj%2Fw0lNJsT3ifzQ9hrAzSLAgxRIyk7e4EXpx7rZ1s2fsVIPRLeaxVMhA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649b45db36969-FRA
priority
u=3,i=?0
sidebarwall.js
paytolet.com/detroitchicago/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/sidebarwall.js?gcb=3&cb=19
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 30 Jun 2023 12:07:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xqN12y52HM02fOd2uJf76kWfzxFrJFoH2RAdGXG5vbgwxlIXQbOkzy4%2FZSIqFtDQOMT7TY%2F%2F3JA19fVcv8TZ5tw6Bdh4qNW0QFb4bm%2FQWsCIW5myQGgyy1mEQw0cm%2BYZSPOIvqCGST7xvXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-middleton-display
sol-js
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649b4ae346969-FRA
priority
u=3,i=?0
alt-svc
h3=":443"; ma=86400
gateway.js
paytolet.com/detroitchicago/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/gateway.js?gcb=3&cb=15
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40e66c1d31577b34406b9b1bf8fa5b7391f180e663e5b60f902fed8c84258202

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
86818
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 29 Jun 2023 12:00:17 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAartXK%2FmzhBI5xnNJlzFjCdmccnF%2FMc%2BNwAUhjhAosJi6V5%2BXUmLqSo5x2FwnaUK5uvohTZtLjfpy3I7T%2FzDq4DAQwrnKJTdLBPcCjwGbeCBO0iJhGcSghKT4cc0Qn3j5ovkrMt4nzIeC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7df649b4ae366969-FRA
priority
u=3,i=?0
LaborDay-1-widestatic.jpg
cdn0.agoda.net/images/sherpa/bg/v2/ Frame 078E 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn0.agoda.net/images/sherpa/bg/v2/LaborDay-1-widestatic.jpg
Requested by
Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/Static/Index?&ReferenceKey=ntyMlyxbFZqQ2mIJ81MDFw%3D%3D&Language=en-us&Hg=90px&Wd=728px&OverideConf=false&Layout=WideStatic&MobOptimized=true&Ver=1.04&crt=6122451948935&Cid=1906535&City=175541
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-188.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
c7d9e521655217d28644c35646022d2df59f9edc2f1ada5a3ba4fdbcae9fcdb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sherpa.agoda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
date
Fri, 30 Jun 2023 12:07:15 GMT
last-modified
Thu, 17 Aug 2017 03:28:06 GMT
server
nginx
x-dc
ASH
etag
"0271cd7817d31:0"
x-cache-status
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=1977228
accept-ranges
bytes
timing-allow-origin
*
content-length
24004
expires
Sun, 23 Jul 2023 09:21:03 GMT
mallory-light-webfont-v01.woff2
cdn6.agoda.net/images/fonts/ Frame 078E 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn6.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
Requested by
Host: sherpa.agoda.com
URL: https://sherpa.agoda.com/css/production/widestatic_simple.min.css?v=_6u8GJLmnXT7cXoGpKHWONcS45nggdtztM0a3mR8kRQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-188.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8

Request headers

Referer
https://sherpa.agoda.com/
Origin
https://sherpa.agoda.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

unused62
8096267
date
Fri, 30 Jun 2023 12:07:16 GMT
last-modified
Fri, 07 May 2021 10:15:20 GMT
server
nginx
x-dc
ASH
etag
"8e35bce22943d71:0"
x-cache-status
HIT
content-type
font/x-woff2
access-control-allow-origin
*
cache-control
max-age=1142342
accept-ranges
bytes
timing-allow-origin
*
content-length
52321
expires
Thu, 13 Jul 2023 17:26:18 GMT
/
www.google.com/pagead/1p-user-list/10850344926/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10850344926/?random=1688126835179&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2391394673&rmt_tld=0&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10850344926/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10850344926/?random=1688126835179&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2391394673&rmt_tld=1&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/10850344926/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10850344926/?random=1688126835199&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3788545057&rmt_tld=0&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10850344926/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10850344926/?random=1688126835199&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3788545057&rmt_tld=1&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:15 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-31iz6hfFutd16.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-30.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:39:21 GMT
via
1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
1676
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:41:49 GMT
server
AmazonS3
etag
"af15ecfe46737cb2a37226fd060f23a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
gzWmtpSMXZOQarlkDAoAzaytSvbLtWVKyAYPI4UPszIG6gc1_qrm3A==
advert.gif
mc.yandex.com/metrika/ 		43 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 29 Jun 2023 11:28:12 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"649d409c-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 30 Jun 2023 13:07:16 GMT
ticf.js
cdn.tynt.com/ 		46 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/ticf.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/cdn-cgi/apps/body/VAh3pJvojw_eZsI0MGJ5Y3knANs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc09613dcc5d485401a3f40a6b23011e58a37628fb97234067a1c2faa01bf699

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:15 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Mar 2023 15:48:05 GMT
server
cloudflare
age
245631
etag
W/"64109735-b6ba"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
7df649b4c86e68e9-FRA
expires
Mon, 03 Jul 2023 12:07:15 GMT
index.html
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame A82E 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=636bea1d08d05ff86ad01723
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/bootstrap/v5/tp.widget.bootstrap.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-42.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
402179b88fa6e0b17851d64725ec39658d804bd6cc9b8ba227e27bd3b4cca459
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
14350
cache-control
max-age=86400
content-encoding
gzip
content-length
2030
content-type
text/html
date
Fri, 30 Jun 2023 12:07:16 GMT
etag
"0bed8f219278d79878d48af3082f466e"
last-modified
Mon, 08 May 2023 11:47:08 GMT
server
AmazonS3
strict-transport-security
max-age=31536000
via
1.1 09f78fab17e561a78ea60bb6223c4962.cloudfront.net (CloudFront)
x-amz-cf-id
qL622MRDPdP4rSYQfc0yZ80VrGTP0EbOF0xGZyjA4T9nHU8Kih7Nfg==
x-amz-cf-pop
MUC50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
public
api.hubspot.com/livechat-public/v1/message/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=21342073&conversations-embed=static-1.13513&mobile=false&messagesUtk=44b34961c971497a99b0a9a4c155c789&traceId=44b34961c971497a99b0a9a4c155c789
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
x-hubspot-messages-uri
Access-Control-Request-Method
GET
Origin
https://paytolet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://paytolet.com
allow
HEAD,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7df649b7fa5c9267-FRA
content-length
18
content-type
text/plain; charset=utf-8
date
Fri, 30 Jun 2023 12:07:16 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XpFkeEQh0tFZ%2BUNZ74yeLPoRCcJt91zCkId1%2B268JL09VIc7KhTwXAAXjGSRD7LRVN%2B0XPFjVixtp4OacPLOtcECevULySTHzbR9r8TyagHPZ96yg5KqslmfwkwLHpA3P%2BKj6P4%2F%2Bly4vW5FRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
x-envoy-upstream-service-time
2
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-h5kcm
x-evy-trace-virtual-host
all
x-hubspot-correlation-id
115f7106-815e-4d48-8507-8bed8212ac10
x-request-id
115f7106-815e-4d48-8507-8bed8212ac10
x-trace
2BEC79FE6BDCDA748A3758D3EFB16FFDE502C14C77000000000000000000
public
api.hubspot.com/livechat-public/v1/message/ 		263 B
911 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=21342073&conversations-embed=static-1.13513&mobile=false&messagesUtk=44b34961c971497a99b0a9a4c155c789&traceId=44b34961c971497a99b0a9a4c155c789
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97d6faed6f752cf6fbc5de57e056326a6bfd145d508e9410c17a7ab19ec4352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
X-HubSpot-Messages-Uri
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fe323d63-c344-4c6c-852c-e86103b65a74
x-envoy-upstream-service-time
17
alt-svc
h3=":443"; ma=86400
content-length
208
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fe323d63-c344-4c6c-852c-e86103b65a74
server
cloudflare
x-trace
2BE71B3FE583AB31C0BA68ABFB8E96771738E2A4B9000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://paytolet.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-ds89m
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BIzJi1Wa9vV2dF3eLLT2p0EiSDu1T3fOp21fI7lchj4zkJe8Ts9ow60OwC6myv4Zj3RlJkBYnSPKV2LL5UrmEK6tX1oY3u4Aw0KaI6O3e6pwTs2E6m9SAFLH7kLJExE9QyUA7a0H5qMFx4ZeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
7df649b8eb3d9267-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10850344926/?random=1688126835976&cv=11&fst=1688126835976&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&us_privacy=1---&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-10850344926
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de05ff346744289ae37495fd4a814f1d8440190b9aa67ebd2db6386ffbf215a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s.js
paytolet.com/cdn-cgi/zaraz/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyUGF5dG9MZXQlMjAtJTIwU2VhcmNoJTIwRW5naW5lJTIwRm9yJTIwUmVhbCUyMEVzdGF0ZSUyMiUyQyUyMnglMjIlM0EwLjkyNTE5OTE0Njg4NTMyMzElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBheXRvbGV0LmNvbSUyRnB1YmxpYyUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjAlMjIlMkMlMjJBJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxJTIyJTJDJTIyVyUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMiUyMiUyQyUyMi0lMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjMlMjIlMkMlMjIxJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjI0JTIyJTJDJTIyMCUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyNSUyMiUyQyUyMjglMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjYlMjIlMkMlMjI1JTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjI3JTIyJTJDJTIyMCUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyOCUyMiUyQyUyMjMlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjklMjIlMkMlMjI0JTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxMCUyMiUyQyUyMjQlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjExJTIyJTJDJTIyOSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMTIlMjIlMkMlMjIyJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxMyUyMiUyQyUyMjYlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q=
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce115bc063e7c54b2a257af989e4fb8ed022e2898e721f59ecff9e8da6412172

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
600
vary
Origin, Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://paytolet.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhLXAgVr6mZ8MlrmdqhILObdYFBIgC9eWKHjxVy4%2FEPGw3zn8u%2BbFZ7rfl5AUVBIEo8fqxKOxzlnT1Kg6Qff16%2BYGI8s1gGqYbuAbGQbtweaAHx65Zev1CwZU4R2wqZbdN9DtL3qRSrmee8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
access-control-allow-credentials
true
cf-ray
7df649b4fe866969-FRA
access-control-allow-headers
Content-Type, Set-Cookie, Cache-Control
priority
u=3,i=?0
alt-svc
h3=":443"; ma=86400
async-ads.js
cse.google.com/adsense/search/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cse.google.com/adsense/search/async-ads.js
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/827890a761694e44/cse_element__en.js?usqp=CAI%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194d8526005f4b58a221b7663db4e5af819b5dbf33a66100fd1d4b346d96f951
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"9538977060887944812"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Fri, 30 Jun 2023 12:07:16 GMT
clear.png
www.google.com/cse/static/css/v2/ 		1018 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/cse/static/css/v2/clear.png
Requested by
Host: www.google.com
URL: https://www.google.com/cse/static/element/827890a761694e44/default+en.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/cse/static/element/827890a761694e44/default+en.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 22:20:39 GMT
x-content-type-options
nosniff
age
481597
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1018
x-xss-protection
0
last-modified
Mon, 25 May 2020 08:30:00 GMT
server
sffe
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sun, 23 Jun 2024 22:20:39 GMT
generate_204
clients1.google.com/ 		0
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients1.google.com/generate_204
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/ Frame F289 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6af2070c5a4326f303cd491919e92228d45a5ec1ddf4830a5f1b3e8230e8d628
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7df649b54db59957-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:16 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rid=esp&cc=1
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
9e8923668c9615546029b28e901d14d875ca35a59a28066ab922437ad8ae9daa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-hbWz1YF8IwUadsBnqQjSxaFXKow"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytolet.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 30 Jun 2023 12:07:16 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://paytolet.com
location
/esp?url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
x.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytolet.com
Date
Fri, 30 Jun 2023 12:07:16 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
137032158.js
bat.bing.com/p/action/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/137032158.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
746a740b54620bf99442e8b65d7f4462c71301a399b198f1c98e119b9db3ff94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Fri, 30 Jun 2023 12:07:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 8ABD66F3EA704256800A0C0ED0DEF8A6 Ref B: FRAEDGE1915 Ref C: 2023-06-30T12:07:16Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=60
0
bat.bing.com/action/ 		0
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137032158&tm=gtm002&Ver=2&mid=3a68211e-d369-4d27-826e-1cbb8ef0d184&sid=a77e6ec0173e11eeb5814944c0bd8923&vid=a77ec360173e11ee847aab87cabc75ec&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&p=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&r=&lt=3579&evt=pageLoad&sv=1&rn=727590
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Jun 2023 12:07:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0F82FD9D90694C61A85F14387C6DE97B Ref B: FRAEDGE1915 Ref C: 2023-06-30T12:07:16Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=137032158&tm=gtm002&Ver=2&mid=3a68211e-d369-4d27-826e-1cbb8ef0d184&sid=a77e6ec0173e11eeb5814944c0bd8923&vid=a77ec360173e11ee847aab87cabc75ec&vids=0&msclkid=N&gc=AUD&gtm_tag_source=ga4&tpp=1&ea=paytolet&en=Y&p=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&sw=1600&sh=1200&sc=24&evt=custom&rn=169340
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 30 Jun 2023 12:07:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: DD339CED0601486C94EBF0B38910E29D Ref B: FRAEDGE1915 Ref C: 2023-06-30T12:07:16Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11165448312/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11165448312/?random=1688126836082&cv=11&fst=1688126836082&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&us_privacy=1---&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11165448312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
777b263876e8ebfed40c0f21022d8aa8863551b182d562ea5515caf0ff88b750
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1338
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11165448312/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11165448312/?random=1688126836098&cv=11&fst=1688126836098&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&hn=www.googleadservices.com&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&us_privacy=1---&auid=652625874.1688126835&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11165448312
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6a30ce5793df7a59e0c7ffed6aea2d74ccfb78d62f809964f73a7e50b3ceaca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/ Frame A82E 		55 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=636bea1d08d05ff86ad01723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-42.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2f193d706417bcf72a130968908edcd09a192c51f4b592114ea4697ee4dfe85b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=636bea1d08d05ff86ad01723
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 01:06:08 GMT
via
1.1 09f78fab17e561a78ea60bb6223c4962.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P4
age
39669
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
17380
x-xss-protection
1; mode=block
last-modified
Mon, 08 May 2023 11:47:10 GMT
server
AmazonS3
etag
"9708742d2d4498168c0fc01551f7c6f2"
content-type
application/x-javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
EHchJZSmphC5bk05eNGci7LlqYTsxqd2qZGZS-JxY50NH0dTjRIjBA==
map
bcp.crwdcntrl.net/6/ 		60 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.229.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-229-177.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
41cbeced808dfe637d813751d9b52210f9dd48e8655a7e2a20f80ef0383faaa4

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:16 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://paytolet.com
cache-control
no-cache
x-server
10.45.31.72
access-control-allow-credentials
true
content-length
60
expires
0
impression
analytics.webpushr.com/notification_card/ 		0
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.webpushr.com/notification_card/impression
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.54.9 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Jun 2023 12:07:16 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://paytolet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prompt
analytics.webpushr.com/impression/ 		0
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.webpushr.com/impression/prompt
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.54.9 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Jun 2023 12:07:16 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://paytolet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prompt
analytics.webpushr.com/impression/ 		0
535 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.webpushr.com/impression/prompt
Requested by
Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.54.9 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 30 Jun 2023 12:07:16 GMT
Content-Encoding
gzip
Server
nginx/1.14.0 (Ubuntu)
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
https://paytolet.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
elIH4vY2y8.png
cdn.webpushr.com/siteassets/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.webpushr.com/siteassets/elIH4vY2y8.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.57.196 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
fd390b709bbe6d9524dd0ac01f8520cf95945d365e0ab6206ae6e6e60551a2e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
last-modified
Sun, 06 Feb 2022 14:09:27 GMT
server
nginx/1.16.1
etag
"61ffd697-861"
content-type
image/png
access-control-allow-origin
*
x-gg-cache-status
HIT
accept-ranges
bytes
content-length
2145
whatsapp-image-2023-01-19-at-50952-pm-410x270.jpeg
paytolet.com/storage/accounts/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/accounts/whatsapp-image-2023-01-19-at-50952-pm-410x270.jpeg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b379a9a4907129eca021a642b12eea706f590bd664d294291b68d506c48083cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sat, 21 Jan 2023 09:49:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxBxo7W8CYd5tilRKKt3QEG92AW5VX4TF7KGy%2F63Hzpe12v%2B2rPlqG4SUe%2FSe8LjXPo%2FrB%2BYVBqZ%2BovXuw0EtoK2LJuXWRpujvRAOxnTDMuYeaNuY62eHJYBvoFihTcXzGsnE%2F%2FvPsysT7M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668636969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
media-count.svg
paytolet.com/themes/flex-home/images/ 		693 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/themes/flex-home/images/media-count.svg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
015498a26232e3fc4693444f159d61e23d4a866b14e1cafbae40810cd1851203

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uDWKrkWHP%2FFG%2FNFKzRKlYLimnzC%2FqXwqcoJb3kW%2FTj1%2FOID6TqCzqhBVFeIappgZI342PmUM7kzTpkzgQ0mvVx5b4ctsClhYEuTC%2FvOduLH%2B%2BzaMl%2F0YjCFReIIHsP6L3q2vtd47HSqy08g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7df649b668676969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
bed.svg
paytolet.com/themes/flex-home/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/themes/flex-home/images/bed.svg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06773ce630186ff0a64e18a6947ae126ba329d4a4c13cb6e9e611f59b8548a16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YoAUIPeWpoU8aI0nkm2WCq4ZrNSBokw8G5ZSeE0w7Tb8NTOCiOvOx2XqHZGCagCftrEmc%2F2MvDrYE3gD53oysntLRQWUKbQqhM0%2FpvhZPpx691T%2Frzopry%2BsogiM%2BXgYiJZ0Z9v1OeoYyxY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7df649b6686a6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
bath.svg
paytolet.com/themes/flex-home/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/themes/flex-home/images/bath.svg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc909e337d186a47be7019d37f8b939f92ee0270a9921ee5a31ddd4064b51d37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jh%2Bwu7NMOqmwMUn2fpdWtYZ9%2FrFW97Duo0sz7Tku3sK%2BzD0vLoZIkha8wkSYMFLar5VLdSTtpsr779RAJlows%2F%2Ft%2FNve2f8qxlWAP6le6uL3KDjzskIl6e4o91TjQG7KtSKRKA4fME7JSxU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7df649b6686d6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
whatsapp-image-2023-01-19-at-51111-pm-410x270.jpeg
paytolet.com/storage/accounts/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/accounts/whatsapp-image-2023-01-19-at-51111-pm-410x270.jpeg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff4b231e47084581c812566c51b926c887f610e8dc430ae128b836e3c1435020

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sat, 21 Jan 2023 09:36:14 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T0ZCc%2FQHa4TK3uw4AQXxOYce%2F9i9kWiRxZNy6Xx16nEoMkGIchnhlfyAvcEa0hI6E2Ym7qwL%2B1dHqpj7B8NHfj1oDQwsMBCO7J5RZZdascezPPTGUoQn%2Baf86XN0ec7lZuxzGT4XymKd0Dk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668706969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
whatsapp-image-2022-11-02-at-43731-pm-410x270.jpeg
paytolet.com/storage/accounts/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/accounts/whatsapp-image-2022-11-02-at-43731-pm-410x270.jpeg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717789dcabdf7976b73d846593a750fbf718a305654767167c3d658ec727a0fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Mon, 07 Nov 2022 11:31:51 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=igBkwf%2BWbIT2XfIKnxeiaiMYz3Sv71UmBmPFMVGzwhUUUbm6rWZBrkzaXExWjmkpCi5ymTPs0aE5kPmeenJcDgzyCYgD6bM543YNSd4E7ZNlzX7fD4RZwH1Gzkf0NKcY6Tj6gyhDISumlkc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668726969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
whatsapp-image-2022-11-06-at-40244-am-410x270.jpeg
paytolet.com/storage/accounts/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/accounts/whatsapp-image-2022-11-06-at-40244-am-410x270.jpeg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
233b9dc0e2c476ab5f438f45096130361f5b0f79cd4711cafdf4cb9d82fdbc76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 06 Nov 2022 17:22:15 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69e082k4Jnb%2F%2FkAWoo66Q6GRnF8q09eKyybEWBqgD1EwPeHSYeaCBIf7f5%2BNPAAUmay1jugOKcEz%2BTflPsXIc4q1KnAFV0hkCKk4hRiSF1KA8VuWln4%2BVEApWJ4l%2FjkbozqeLRndwN%2FsHTs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668736969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
whatsapp-image-2022-11-02-at-45903-pm-1-410x270.jpeg
paytolet.com/storage/accounts/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/accounts/whatsapp-image-2022-11-02-at-45903-pm-1-410x270.jpeg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
804a3c2e58bcac2838632051fb781c1828ba95d91f54989b44481358ab1fd90a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Thu, 03 Nov 2022 13:11:33 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mh2ysnsatF41VlfIWXlrlwIPnNBulUInXox0Lk4CQikea7kFXU%2BtSxO5sOViMmD8L%2FsT4fcibRf77%2Bj%2BPwBY8lghUF50thzqR33RiUXFuj%2Fj6r4nA070I%2Br8m4BplTYr28mbhgaeSIzwjHI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668766969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
whatsapp-image-2022-09-08-at-80548-am-410x270.jpeg
paytolet.com/storage/accounts/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/accounts/whatsapp-image-2022-09-08-at-80548-am-410x270.jpeg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba79a13f8a53faf7d6abe4e0c4eb575ea0c1d34a3262e00eeadff4099dd62682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Thu, 08 Sep 2022 10:07:50 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SPZrbjd7I3DaMzLM3LaDHqQCMEWwmy0ILD0TSuk%2BIeeOc37WMGWRVLDdbLFnUMIlqpvIEAPGOWYujwwovenszmWrtqPb3EG%2F%2FV1Xu4dOiAWVG8gyTpstygAH2vv99lVsoAwCBbC7%2BIYAVYc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668776969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
whatsapp-image-2022-06-01-at-70421-am-410x270.jpeg
paytolet.com/storage/properties/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/properties/whatsapp-image-2022-06-01-at-70421-am-410x270.jpeg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cdff77a528171f5534961c778258ae485b6c552b85f681970131ede6de8c8b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Fri, 24 Jun 2022 15:24:15 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qti0ksiigZsg5G1KOJav%2FvD0T7T0b2OpM4lj3o1L7VqdRh5oPMFkXIX1CCW2MEQ8M5uq3H1wgLZYfUi613%2B8wjpwiD4piNreSB1aIy6ubmBUevk8%2Bc30UxePlGJVPD3pi81DNVKZLZ7mTVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668796969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
5-bedroom-detached-home-osapa-19-410x270.jpg
paytolet.com/storage/properties/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/properties/5-bedroom-detached-home-osapa-19-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a2b1a251bb272b4babc53c625d0b4cd1543e6d06beaa03fcb7bd1a7d6449bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 22 Jun 2022 00:58:33 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BXUcdOAFMBf3DSdydcKxoRknSrcaFC%2Fo7rn5Drf5DHuK6TdbZscByVMbp%2FgY1pdxsUP2KnhsVuvIhSjVnOb%2FmRrq3mobSW5Z7gwxLbvbUoRqU8nxQNvID96t7%2FKk5wCyN2oF1OtR1DxRPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b6687b6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
dsc01203-410x270.jpg
paytolet.com/storage/properties/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/properties/dsc01203-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb1fe5f836ad325db5ee805fccce085eaab05625d476fbae76adccd5f3baa786

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 22 Jun 2022 00:22:58 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2xB2evJEvt5z%2Fl1XIav1vE9O64h5TLQqcdrXkGt%2BS2hhIvWe%2FZblq8e5%2BrPGzIoGHtpFMR4r9ohndmkOKcKzRhKZ1WpkAN6up8rwmRHejmLMvcHP7p4BvDeViDD7K%2BzUWOBrkTuATmQyKvk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b6687e6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
aa1-594x467-410x270.png
paytolet.com/storage/properties/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/properties/aa1-594x467-410x270.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
851582e0d5f58ca12ab6c2481295b9e54bffdaec106503131b399a09189b5911

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 12 Jun 2022 11:27:09 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QnJxzTWNpgAKWaHsX4vVxJ0a59saae5vM52sP4S98C89xL14sWxpRXG8zLeUNDRStx%2FXPqigzmjC5lqqMATUIoi26MOP%2F%2FlJ24ILQCs92ghR0Dq6zQatgSpntXN%2Bs4QEdjo48t0xrNvkHa0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b6687f6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
platform-c-plots-details-page-0001-min-1024x576-410x270.jpg
paytolet.com/storage/properties/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/properties/platform-c-plots-details-page-0001-min-1024x576-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88885ad28a6eccdbf03b997a92b276f559ff08967a4db804a040dcf11e14273

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 31 May 2022 01:27:19 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gqz%2Bt2uU3HALBiTTqjtXQTVnMpttR%2BFGhgqk96c6RYZavDoSTc%2FnT8kq2mbu2Jmi145OpP3XJfqWPWWJGsVQVkab5kEUQWYC4rlSrwWzJNWQJo%2F%2Fqye08xj6QobGHIhCkRjGdde03l9wnsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668816969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
gr-169-scaled.jpg
paytolet.com/storage/george-residence/ 		117 KB
117 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/george-residence/gr-169-scaled.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef43469f7ad0da262c41ab84556768a9019c224a1118fe38e836b1a8768a711e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Thu, 20 Oct 2022 17:37:01 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2B9KY%2BhtuKBfKIlHhadj9Hq1X1VK5%2FAJxAfOgGbVQhnJrfubVucc4HkqL0D8eqrL7TlhdogZjvKO72RN3CP3L8YPunOKHU71kejBtU%2Bsa5vyVnu5X40u%2FLqqnvg0pSufzhyJUqReKTrXP8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668836969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
img-20230201-wa0007.jpg
paytolet.com/storage/accounts/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/accounts/img-20230201-wa0007.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f21fec7cd7a1dd0524a55e71cffde6e48e74278abb4815ab6ae6c150075906f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sat, 01 Apr 2023 05:24:18 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pp0%2FZbCx8wwP9043OxQVViCb5dyWFFPRCbWi2ANHaQQ1SiTB6XDL1WuDZx1Q5xLCZ5SeFpow92S3HJj4I%2FkIP%2Bvoo1HN82EOmax%2BrS01Wo5yYuxlAZsE0w%2BzSScI9GDQ%2FmWGCzo%2BIe%2FTa4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668866969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
whatsapp-image-2021-11-11-at-43602-pm-removebg-preview.png
paytolet.com/storage/general/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/general/whatsapp-image-2021-11-11-at-43602-pm-removebg-preview.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203917544e475b7640ff41e15806e1347389fbee74f67f492436343b1f092fca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Tue, 08 Feb 2022 23:34:03 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ar84%2B7uzvGLllNOb9JWPSIFTXzDy2tXhzOeniPDvXdFNg1XHRSCFvKF8XO51JlDDQCrqeVtVbXRsPu%2BHHbzTsPx75LloEDYOtZzOyQ23xp3%2BbrqfWWhfuIVoYY62Cg0NJrusnDs7kVWQKuU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668876969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
183424812-1106040850137298-3312178831112311320-n.jpg
paytolet.com/storage/general/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/general/183424812-1106040850137298-3312178831112311320-n.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aaadd60745c1ce74bdcb526ec2cbb90b062140c4c1e9f5bed054dd8c3c40d80e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 02 Feb 2022 20:30:53 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmqB4jUd4Glo11yYqqHnzdIbEgLX5JTg7v%2Fwo4KWu2xg%2BjrhTt3D4X6cVjPHwOhbBEze5auNEpSYjZbWr3loc7GkNszU9s1HWBuZTARnK8DbFoNyXJzAdkpwH3swnB8TVEJTBr3fVMEG9eQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649b668896969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:16 GMT
fa-regular-400.woff2
paytolet.com/themes/flex-home/libraries/fontawesome/fonts/ 		142 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/themes/flex-home/libraries/fontawesome/fonts/fa-regular-400.woff2
Requested by
Host: paytolet.com
URL: https://paytolet.com/themes/flex-home/libraries/fontawesome/css/fontawesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f15cf39100feae2e2bf4c38f08b2d89701c3f04a2ad84a1d6f89bc70f21cf6e

Request headers

Referer
https://paytolet.com/themes/flex-home/libraries/fontawesome/css/fontawesome.min.css
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
response
200
last-modified
Tue, 19 Oct 2021 03:43:10 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
https://paytolet.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2MSzw%2FgKX6v76hP3ubZgCzKdmsPUKFYV%2BmlG0N2%2F8K6rvdPKIMcvQ1Umm6DXsyXvvz8bTu5s%2FQn8CH5tLB2sPiyK68sKjNYnXMQXKGRkGdqU%2F8SZpkrF9Fwr%2BJBGikuMcAL%2BbQZ2o%2B%2BkkI%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
cf-ray
7df649b6688c6969-FRA
priority
u=0,i=?0
expires
Fri, 07 Jul 2023 12:07:16 GMT
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame F289 		170 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df649b54db59957
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8def762254d6a0865e0bb036d90e5984db22caccbd0d96f2e165dccb390efbad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7df649bacd439957-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
fred-12082019-news-3w-410x270.jpg
paytolet.com/storage/news/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/news/fred-12082019-news-3w-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61fee1b3a8aa8280bebd7a389d08acdbfeee67605518681e4a2f15a47e3669e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
81887
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 28 Jun 2023 11:58:22 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1oaeQeqJd0MSIEBVzbtPxXHBn9J3ozP%2B2HWp6eLsAsAK%2BDLGbZ7p6UWPDvCqH4L6I%2BHoDShRJShctdJcvJB5svFzAy3f9R062f4%2Bekj9DJz3ZlWKIvtQoYljpWR4h5kYrWpxb3r5CB8RRs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649baed766969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 13:22:29 GMT
maxresdefault-6-410x270.jpg
paytolet.com/storage/news/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/news/maxresdefault-6-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bec55cc5744e463b4538576a1f1d17e52ebf455e76886d66f601c0b211f852c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:16 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
81887
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Fri, 02 Jun 2023 10:24:01 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g99jC3qiwobqfARFAsTtJzWqtK1ZgvnrA7hjIfDvq70wpij8eKk7Q3TbP4hJgewEeVifH6PGPdc8dBe4GMdgaipTrh%2F%2FCuzhFVK4lLkHcMYf3EsCaczwgbBPRz7FGZfPQowj8wRnGtdTx7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bafd846969-FRA
priority
u=3,i
expires
Thu, 06 Jul 2023 13:22:28 GMT
1537552996936-410x270.jpg
paytolet.com/storage/news/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/news/1537552996936-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
153278132bf1aa80acee605d37e8b8f5a7d2d334dcdf376f66715938a805bc7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 31 May 2023 19:43:41 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIFsy8r7jVNstc71HPNR1DdLNXkhtTkwwDptl50AdSWbjJEmJEAbCt3bo9wrYfEYhg7gpcddFeO3WAZ9N7KpvEfZ%2F%2FzStC7wjV7PB0GGzQEiBxZW2Lhk11I7Eyd3c73UYjI62Ret830TrGU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bafd856969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
governor-of-lagos-state-410x270.jpg
paytolet.com/storage/ads/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/ads/governor-of-lagos-state-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3692ec270e6e83ae35b97ef697b5ffa66e6808bae62f804c249f57a63dad8ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Wed, 31 May 2023 19:25:23 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F5W9XsyD3dEiie%2BD6yjBR3gtkwKhn54FiORLbs%2Ff4AMpX0F4Phri6z%2B62mSuKC4weNFRhMRnPLm9mPTzgpZWbYKCghkcOXQxtWTELqE4L4qQ4ZVRIeE4vU28owH6QDmysCdwMiaZgBqlWwc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bafd866969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
425409227-410x270.jpg
paytolet.com/storage/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/425409227-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3bf8c0e8f2f526bce6f38287401899ee884e9f4207a0bf02f82e0517954cc7b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:22:38 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2BUpAmeLSd5K1klJfenK8CGONsz3uvJSKJP0v6v0jAWpNo4Ne3qtQod8rAz9TA8I29jaj8NwY0q7nq2aKsKKQ4v0gntqoinY8WO%2BPM%2FYcx%2Fh1yZBSrH5JjaDg20goJxI2JnJ1lBnCmSJ2aM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bafd936969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
434226232-410x270.jpg
paytolet.com/storage/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/434226232-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f93f2d3e6f3b4bd570ab40b97fe90da437d0dbb38d460352d85304d58478d4b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:20:39 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSWVFJt7ttbvCayei2Rq27mbUn2eNU9qkgWeFJHZY5XtQtcc3zGq786OK36r3zknTdjsXm1ErxMCDu6X2IA5Ln7p7kN4FBRvrzrACtQwcgWnU37aMMrdUZigc6UtG0SCxsR74PAsYxnpK%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0daf6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
408082761-410x270.jpg
paytolet.com/storage/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/408082761-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5364b451e5b91b5c3b6b2831e8f2260ba547aa35edcbdd466f97ce23fb528dbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:17:48 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qeGiBkoYwyNEh9P1ZylVHWZkovmweoQBUr%2F90w%2FstA2vl00KQxh64s3FJIf35sM19hVOw70qyVXnyWJIhKu7Dc5PDkHCGBtIvmsbFQSyff%2BRcKO0F5zucT206JME90Jjcw70EQ%2BYlqAu%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0db36969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
388456363-410x270.jpg
paytolet.com/storage/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/388456363-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e736932319bf292a1fe30fd72eb5e3fa2d622b40e8fbe1c2a9cf8e3e442d85da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:15:05 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7j69sYfJQT0a3kcZ%2BqlDQ1Qe00UjHiUqdzW%2B16sCegQaWvl3iU9vSbWG%2B9dOiMVTbGHpbhOiJulhuO8tV3wMd%2FjADVYO%2BM6%2F6TT0hnPcKV4lUmMNzskFLiW1TlyLHmRX9RDeurIfW8Trhs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0db46969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
426264423-410x270.jpg
paytolet.com/storage/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/426264423-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54731f45e4aafa9beb0d6b414a96f034a4d6eee152e0aa63b755a068cab61399

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:12:00 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FoysKhIWQ0HYMpwc%2BljzabwprEn2RGzBpHpoTmfDUtEOZLHIdZBBH5%2FyvJWGT01WItu0vAwUMnhppt8F%2FdmLjFyHbCQ50MFn9JMpOeEQ4ZgGfAZBzgKhQpyCAvYvmkC7ZS9nrnYfWPxAec%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0db66969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
345879058-410x270.jpg
paytolet.com/storage/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/345879058-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51103c0324b88fd9dce7c65dd73ec25c736880c28242ccec70feca8a12f942b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:09:43 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qWRClF%2FFr%2BWI9QyzGIFX1390hTL%2FHfw9vjV6TnP%2BCUgN6HQbbUkWpsWKa2OJfi8G7sxJ0QgBZ4TKIeiyCCpdP3u9du0xY4jynKlXf61bot77nh%2FoLWiMSFh903OPso4wlE%2B7JL%2Fwxj1gXOo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0db86969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
411094159-410x270.jpg
paytolet.com/storage/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/411094159-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c4d5e82620f140540bd562f221bed2c5650f26de22b436295ca6d638002047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:07:03 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGfFk5Nv32OUAq4LUthP6mf87tnF17HZ3msxy4AlzD6BJy3jLtmT%2BFQmNNajJbBgnVaPpeKPLyYXj%2Batm8psMTSVV3An%2Fe%2FrjnA4kWW%2B4KxAv4NBJp2mNSzfxfbPWxht7sK%2FfmrWxR9YcX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0dbe6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
9627cdc4c3d5e3647f19df31ab4106d9-410x270.webp
paytolet.com/storage/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/9627cdc4c3d5e3647f19df31ab4106d9-410x270.webp
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387f8f9a4eb728b443e3de3ed70be2b691083bfabdfd0b44560d7c6e80d3b3e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:04:33 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOssxAbR6bXfLo%2FjFVQDiSx%2F3yD0JBbCW36Ia%2Br4VVV3dEREdiWHbAgQctxoGl%2BhYtmQqeGY9nDSFpbGJ3G2k3fR3niMvjBMIFlALI4mJEuOSxoaM3LSMRYKyR6o5jo0xyPpBttdBbIISZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0dc06969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
424716635-410x270.jpg
paytolet.com/storage/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/424716635-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1fe30ec9144eeec7009f5c05c3c292d80f60d5d63fd10103fd68bf02668c9db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 23:01:39 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=od9HVxPDuW95pnXpr1DnzSytbRkLEilCTFVr1EtM4MIaUhLrIuJKyWZz21aIGCDhIXBFiaLT3W0sgNqZRPjculntGbzAtJq%2BozsPFDt%2BtlyfdnTQQsF%2FiA6IpDXkBtBPDOxou4AdejVH%2BY8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0dc16969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
434624521-1-410x270.jpg
paytolet.com/storage/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/434624521-1-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11ed3e457776339ca21d74c7697a33b82ca710e91ec24a16591376d9fb21bc65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 22:58:48 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gXxyBcixD5z28o%2Bx4Pk6927hV0cMcikjEarm6bmfdy%2Bvsb%2BlwfrEH2PH6FrGhquoJ07rYe1SAMf3RT7oIKlVS%2FIxDsvYM%2B5%2BBVexJOzck6TPuXmHNycy6FGa7Pj%2BTnev3Z5Pns0HUlvzGkE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0dc26969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
434624521-410x270.jpg
paytolet.com/storage/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/434624521-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3000b1e7a236cf48e5f4e4168aa0b9b127718d314b79f29c652ffc9f8e275df2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 22:56:02 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9jCFDt6Hjic07Xa%2Bg%2Bruc%2FHINWErMPqrZh2JOf%2Bus1gicEYXCaWft4CmrBwGzpseME5LINE6ohnurn2hsXf%2BGPdvCOyIDxiF1UzZleU0We7x%2BEmoESKwOwPwURNvPy2vGJRbKfw2XYFIIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0dc36969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
420381248-410x270.jpg
paytolet.com/storage/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/storage/420381248-410x270.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
625e6ed8959b27ac331adbb0ee5c9d1e90f51e5174795dd5b017048d0c9d99c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sun, 02 Apr 2023 22:52:45 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wge345RaL1L3i1naBfN9DZTZ1kRl087vw8ndzUJO9YcNW6UHbnHLJsq5tYOKfVGPxa6B77I69%2F9Fos4PWi7iXXFUJcyyXqii5UKTJiIrTzWNYOQdkLm0uzlVsBemYLyoBO%2F5i9Y28jbSMwo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bb0dcc6969-FRA
priority
u=3,i
expires
Fri, 07 Jul 2023 12:07:17 GMT
greenoaks.gif
paytolet.com/detroitchicago/ 		0
526 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDYtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9yZXF1ZXN0IiwidmFsIjoiMjExMiJ9XX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nm0OAff0LW%2F%2FzMpxyqc8LsL5XJrCLPmgenLBfi%2B2%2Fx4giGdMQyuDvsTjpVZTlRFaSakaohS3hh1hiaj%2FK5pBCmbYMEbC%2Fbe%2BCidyhYlq3rGRsobpJohHO8MsPkMVZOhGfsSj3z79Yq6kU78%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649bb6e376969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:17 GMT
army.gif
paytolet.com/porpoiseant/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIyMTEyIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2F3aygTo3UpHQ5EomgdUDjipliPimUZcwyQcOaCp9ApwLK5z3myAZWYb8cg6knrYlO5M9OCGhdoQJA7SbhOD1kDCFcmRZ%2F6upcCHSQcK0ok1t7Zfm4ftOUrkSQN8ap3T4JeQx%2B6%2BiVlGQ%2FE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649bb6e386969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:15 GMT
army.gif
paytolet.com/porpoiseant/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMjEzNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qVVOAHqXOXEKhZ3LD%2BEdEauJh8H3Yyy%2B8TFYdXAcnrPe0SAw0Pyd2TFHjgrTSSc9dE4F4Qle8GY7eFTqeZRejTfTqV%2BeEm5ORWaREXUlhC7yICWrGkG213WKzPmGwOAb48s%2FoY140uWdF1w%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649bb8e5e6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:17 GMT
army.gif
paytolet.com/porpoiseant/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjIxNDIifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4Is8dFOF5lofTcp%2Fkfb2LTP7%2BsHrMtqtkzX9CB4MLi4s7H54g%2BTluAlnR8lM1Zsv0Mw86pTII1zHFK2OAwCHzF32wKRQDkGwPKeGLt1RTgTTYXOBdKEkRngeNOhbbU1w4QTXLB3%2BntJA1A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649bb9e6a6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:17 GMT
army.gif
paytolet.com/porpoiseant/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIyMTQzIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EexPnMNHfk5bRdeY8xwmxDZHoKCb0PDWv3dB%2B4fVIX%2B%2FsEw%2BSIMFvIaxtPEQwpKVEVz3gYkze1PVCLffpMdEhwrwQrVratpekb4x9vTgcctWjOkC3yTkJ8id5Eg%2B4aUw7W92pcaD0JEj0A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649bb9e6e6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:16 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=gtm.dom&eid=29&u=AgAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		197 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=4445010378958117&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=6&adks=1475698092&didk=999871017&sfv=1-0-40&ists=1&fas=8&prev_scp=eb_br%3D3530fcb6bcc13dc3c1712eaef7d92700%26br2%3D100%26bra%3Dmod58-c%26reft%3Dn%26br1%3D160%26ga%3D2497208%26avc%3D100%26iid1%3D8939506294615200%26tap%3Dpaytolet_com-pixel1-8939506294615200%26ap%3D9999%26al%3D1006%26d%3D410164%26bvr%3D0%26ic%3D1%26ezoic%3D1&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZq-i30YDkai5h6GoKYbjHLaqnFjA&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126837131&lmt=1688126837&dlt=1688126834513&idt=860&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYyJXN4ZAxSABSAghkEhcKCHJ0YmhvdXNlGMiVzeGQMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSGQoKdWlkYXBpLmNvbRjJlc3hkDFIAFICCGQSFAoFb3BlbngYyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjIlc3hkDFIAFICCGQ.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8687779ddc4430303d8105e8dda7af06db6686d7d3e88231183c5d695b8d78dd
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKTl3cP66v8CFdfM1QodXOMG7Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/7441985601152547353/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKTl3cP66v8CFdfM1QodXOMG7Q&gqi=&layout=/sadbundle/%24csp%253Der3%24/7441985601152547353/index.html
date
Fri, 30 Jun 2023 12:07:18 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59828
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a784560c79c2bd930b184a4134d59b1d672fe786320828f191e68f48458d6f90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:43:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
1421
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13154
x-xss-protection
0
server
cafe
etag
6000168152910430745
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 29 Jun 2024 11:43:36 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=a2zUHwIdOr7ikqrkHcnlKl&lm=0&ts=1688126835344&dn=TI&iso=0&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&t=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
v2.11.34
cdn.louassist.com/viewer/script/ 		106 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.louassist.com/viewer/script/v2.11.34
Requested by
Host: run.louassist.com
URL: https://run.louassist.com/v2.5.1-m?id=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.34.178 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caaf3975886cfdf5f38b32d0c0aecf4a6217a12fa2f8b6df09e24ef3847022c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
via
1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P5
age
19066
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
108327
last-modified
Wed, 07 Jun 2023 18:28:59 GMT
server
cloudflare
etag
"4ff290ab4f55fbf2e33a436ff9475d0e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZcQI3eKeA0caYAPBL4QBb0UQjWJUui4PqeztN8B7q%2FQEnOR%2FJz9bXgE1YaOlEZq%2FcrRkkOMdQyqeE3i26EkiFWLN5YK6Vt4T1U4PHeW%2FVYs9k%2B0oLIaRAEjfy%2Fes%2Fz62q5%2BT6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
7df649bc4f401c11-FRA
x-amz-cf-id
Bo7Zghn_TyOJvX000m4sTNS2JEKnyumuoo4oFxbQ4hMZtSUkCRT0nQ==
encrypt
esp.rtbhouse.com/ 		221 B
315 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
452ba6e0fcbbb3d19cf93bfd8010762711b9d26ed812dd7463f9042d6ac62eb9

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
14e26d56ba0ce99952977abceebfd6f5
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paytolet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://paytolet.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 30 Jun 2023 12:07:17 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
eb6d7cd4a9a7becf45970d406e25b6db
visit-data
in.hotjar.com/api/v2/client/sites/2812607/ 		148 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2812607/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b7e89cfe73c8ba46aa49.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
63.34.4.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-4-15.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
76dd5024f59224f7b30edc12726bcc0fbacb94b75e906d8ca208ce4e827c75f4

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-encoding
br
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
preact-incoming-feedback.2b759dec7af3a15d3cd9.js
script.hotjar.com/ 		176 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/preact-incoming-feedback.2b759dec7af3a15d3cd9.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b7e89cfe73c8ba46aa49.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-84.muc50.r.cloudfront.net
Software
/
Resource Hash
164d98df48d58ef27812c45e98705e9de5bf183ca93a7c1a5a8d14fc516d9799
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:24:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f620f5422d3678dbdbb8544d75a30f78.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
2590
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
34956
last-modified
Fri, 30 Jun 2023 11:23:45 GMT
etag
"c59e7c7ee650015b23cef5ab302e229c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
DtMY8lLy1j1LKz1c2cOLLnuMccGzQrzrDuPkGJNyT7nmS48Oz3UriQ==
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=4.1206578046952345
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-z4rQpsYeOCl381fX-CjlCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-z4rQpsYeOCl381fX-CjlCg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=9.89233565496193
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sXFTQr_y83Tc6SlJTxtw2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'report-sample' 'nonce-sXFTQr_y83Tc6SlJTxtw2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytolet.com
Date
Fri, 30 Jun 2023 12:07:17 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
1
mc.yandex.com/watch/89229263/
Redirect Chain
  • https://mc.yandex.com/watch/89229263?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Ae...
  • https://mc.yandex.com/watch/89229263/1?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3...
468 B
504 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/89229263/1?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A0%3Als%3A1395123191021%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120715%3Aet%3A1688126835%3Ac%3A1%3Arn%3A190740643%3Arqn%3A1%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C501%2C14%2C1559%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688126832447%3Arqnl%3A1%3Ast%3A1688126837%3At%3APaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
63719c6b2c76443759381bbcbd237473d894c91e81043291ee840b24f85f2d08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 30-Jun-2023 12:07:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
468
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:17 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/89229263/1?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A0%3Als%3A1395123191021%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120715%3Aet%3A1688126835%3Ac%3A1%3Arn%3A190740643%3Arqn%3A1%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C501%2C14%2C1559%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688126832447%3Arqnl%3A1%3Ast%3A1688126837%3At%3APaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&t=gdpr%2814%2C14%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:17 GMT
1
mc.yandex.com/watch/90663950/
Redirect Chain
  • https://mc.yandex.com/watch/90663950?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Ae...
  • https://mc.yandex.com/watch/90663950/1?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3...
470 B
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90663950/1?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1629049244660%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120715%3Aet%3A1688126835%3Ac%3A1%3Arn%3A64679154%3Arqn%3A1%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C501%2C14%2C1559%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688126832447%3Arqnl%3A1%3Ast%3A1688126837%3At%3APaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a5f077b380fd859dc6f2e7b1a9a25103a57c267ac82ad351500117a2621db88a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 30-Jun-2023 12:07:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
470
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:17 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:17 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/90663950/1?wmode=7&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afp%3A2502%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A0%3Als%3A1629049244660%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120715%3Aet%3A1688126835%3Ac%3A1%3Arn%3A64679154%3Arqn%3A1%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C501%2C14%2C1559%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1688126832447%3Arqnl%3A1%3Ast%3A1688126837%3At%3APaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ecs%280%29ti%281%29
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:17 GMT
increment
id5-sync.com/api/esp/ 		0
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
/
www.google.com/pagead/1p-user-list/11165448312/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11165448312/?random=1688126836082&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=117179788&rmt_tld=0&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11165448312/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11165448312/?random=1688126836082&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=117179788&rmt_tld=1&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/11165448312/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/11165448312/?random=1688126836098&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3129695040&rmt_tld=0&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/11165448312/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/11165448312/?random=1688126836098&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3129695040&rmt_tld=1&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
137032158
www.clarity.ms/tag/uet/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/137032158
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/137032158.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bb16ea6d4e22fb1948a41e3360e0bcb594fe82950da1113298eba674a8910077

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
-1
date
Fri, 30 Jun 2023 12:07:17 GMT
x-azure-ref
20230630T120717Z-8k83fnmre13km8txsamcyp95qn0000000sbg00000000p5fn
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
1067
request-context
appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0
syncframe
gum.criteo.com/ Frame 4D83 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paytolet.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:17 GMT
server
Kestrel
server-processing-duration-in-ticks
287589
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 		123 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21342073
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:c8cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c3a917896b6c2e9e5796b7230d175269b26f16504bf018ef70e0731bd98078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
9c668e91-c6b9-4961-a525-1f935b4b57f1
x-envoy-upstream-service-time
6
alt-svc
h3=":443"; ma=86400
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
9c668e91-c6b9-4961-a525-1f935b4b57f1
server
cloudflare
x-trace
2B7DDE1A824A1A9C3DFA9253DE4BDC1A305DCA0E0D000000000000000000
vary
origin, Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type
application/json;charset=utf-8
access-control-allow-origin
https://paytolet.com
x-evy-trace-served-by-pod
iad02/hubapi-td/envoy-proxy-598c95b5b7-nbhzm
access-control-max-age
180
access-control-allow-credentials
false
x-evy-trace-virtual-host
all
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bOzAPlYWJ1mREIx5XlQ4CcieyzHxTWUutWDfUd9uJlwVSDJABjSH0%2BfiTRWvTMmC738E0MHEdnsAKMFQiCLAeRF4Ws9z1xtzrCnLVB2fXVRyFbBvt0rd6OhHRCaJO5JOWDh1vC7abqYRI3ZV"}],"group":"cf-nel","max_age":604800}
cf-ray
7df649be998c043a-FRA
access-control-allow-headers
*
1304153140423865
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1304153140423865?v=2.9.110&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd5bf95280e509e7150d394d731106ac503683371a25dca7f34c306c910e8051
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Jun 2023 12:07:17 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
i/SrMyWIZncEGcYL+V/cBZinv3Cxhvnfk6IMnicgNSKLRXZkmEn96lbCfhxJxIzI2uPOqeQJe6W7Yg/Wv8ekCA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel;r=1106419059;labels=Domain.paytolet_com%2CDomainId.410164;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F;uht=2;fpan=1;fpa=P0-1129075504-1688126835954;pbc=;ns=0;ce=1;qjs=1;q...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1106419059;labels=Domain.paytolet_com%2CDomainId.410164;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F;uht=2;fpan=1;fpa=P0-1129075504-1688126835954;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=paytolet.com;dst=0;et=1688126837531;tzo=0;ogl=site_name.PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate%2Ctitle.PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate%2Cdescription.PaytoLet%20is%20changing%20the%20way%20people%20rent%20homes%20in%20a%20market%20that's%20growing%20at%20ove%2Curl.https%3A%2F%2Fpaytolet%252Ecom%2Ctype.article%2Cimage.https%3A%2F%2Fpaytolet%252Ecom%2Fstorage%2Fgeneral%2Fpaytolet-logo%252Epng%2Cimage.https%3A%2F%2Fpaytolet%252Ecom%2Fstorage%2Fgeneral%2Fpaytolet-logo%252Epng;ses=89458ba2-f684-46c2-ab2f-d3f00dc20e4f;mdl=
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.200 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=paytolet.com&callback=_gfp_s_&client=ca-pub-7184064643088596&cookie=ID%3D14c5fd6f47da3553%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZq-i30YDkai5h6GoKYbjHLaqnFjA&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202306230101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7184064643088596&plah=paytolet.com&bust=31075664
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3ba239840d0d27fc3bd5dbaa4976da421d1464fcc2f88775099ad4d23cd4d0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
202
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=ez-cookie-banner&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=WEBPUSHRPROMPTCONATINER&cls=Drop-in&ign=false&pw=1600&ph=1200&x=800&y=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
play
videosvc.ezoic.com/ 		599 B
616 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://videosvc.ezoic.com/play?videoID=0dc8134f926d50e853f317c202e2cbf0ad272b9256181b263c8a1312c162c0b3&manifest=dash
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.192.83.3 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-83-3.eu-central-1.compute.amazonaws.com
Software
openresty/1.15.8.2 /
Resource Hash
eb9445bdddaf0686b78183b753f816750a757102b69cb93e007885c8185f797e
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
server
openresty/1.15.8.2
vary
Accept-Encoding
access-control-allow-methods
GET, PUT, POST, DELETE, HEAD, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytolet.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, Content-Type
/
www.google.com/pagead/1p-user-list/10850344926/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10850344926/?random=1688126835976&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1646841814&rmt_tld=0&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/10850344926/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/10850344926/?random=1688126835976&cv=11&fst=1688126400000&bg=ffffff&guid=ON&async=1&gtm=45be36s0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=0&tiba=PaytoLet%20-%20Search%20Engine%20For%20Real%20Estate&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1646841814&rmt_tld=1&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eK3Dg4X10n
shown.io/metrics/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shown.io/metrics/eK3Dg4X10n
Requested by
Host: paytolet.com
URL: https://paytolet.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyUGF5dG9MZXQlMjAtJTIwU2VhcmNoJTIwRW5naW5lJTIwRm9yJTIwUmVhbCUyMEVzdGF0ZSUyMiUyQyUyMnglMjIlM0EwLjkyNTE5OTE0Njg4NTMyMzElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBheXRvbGV0LmNvbSUyRnB1YmxpYyUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjAlMjIlMkMlMjJBJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxJTIyJTJDJTIyVyUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMiUyMiUyQyUyMi0lMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjMlMjIlMkMlMjIxJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjI0JTIyJTJDJTIyMCUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyNSUyMiUyQyUyMjglMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjYlMjIlMkMlMjI1JTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjI3JTIyJTJDJTIyMCUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyOCUyMiUyQyUyMjMlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjklMjIlMkMlMjI0JTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxMCUyMiUyQyUyMjQlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjExJTIyJTJDJTIyOSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMTIlMjIlMkMlMjIyJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxMyUyMiUyQyUyMjYlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.186.64.46 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
7bb3a0e0618ea7872d14178a204c41179319fa40d6c28cb019fa3968a45ec0f6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-encoding
gzip
referrer-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Apache/2.4.52 (Ubuntu)
x-content-type-options
nosniff
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
x-response-id
bb954461-ed79-47a4-9fca-e38d7989574e
cache-control
no-cache, private
feature-policy
none
access-control-allow-headers
Upgrade-Insecure-Requests
content-length
1106
x-xss-protection
1; mode=block
__ptq.gif
track.hubspot.com/ 		45 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=de-DE&v=1.1&a=21342073&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&t=PaytoLet+-+Search+Engine+For+Real+Estate&cts=1688126835997&accountId=21342073&vi=cb7cef7282af4d66b3b63186f9c3bac1&nc=true&u=117032583.cb7cef7282af4d66b3b63186f9c3bac1.1688126835997.1688126835997.1688126835997.1&b=117032583.1.1688126835997
Requested by
Host: paytolet.com
URL: https://paytolet.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyUGF5dG9MZXQlMjAtJTIwU2VhcmNoJTIwRW5naW5lJTIwRm9yJTIwUmVhbCUyMEVzdGF0ZSUyMiUyQyUyMnglMjIlM0EwLjkyNTE5OTE0Njg4NTMyMzElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBheXRvbGV0LmNvbSUyRnB1YmxpYyUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjAlMjIlMkMlMjJBJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxJTIyJTJDJTIyVyUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMiUyMiUyQyUyMi0lMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjMlMjIlMkMlMjIxJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjI0JTIyJTJDJTIyMCUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyNSUyMiUyQyUyMjglMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjYlMjIlMkMlMjI1JTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjI3JTIyJTJDJTIyMCUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyOCUyMiUyQyUyMjMlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjklMjIlMkMlMjI0JTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxMCUyMiUyQyUyMjQlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjExJTIyJTJDJTIyOSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMTIlMjIlMkMlMjIyJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxMyUyMiUyQyUyMjYlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
ae3841ed-e582-4202-af3b-43dfc0b52b9f
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
8
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
ae3841ed-e582-4202-af3b-43dfc0b52b9f
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHzLkHNwwpkNB%2FJ1HzNO%2FxlUryLUeRElui7NCoCQVUYKuUY9CBFK87fA7zXHgWPg03s9LfP22FIOSJL7gCZPXRz1uiBU%2Bvp2eZaQeAlM%2BcrB9FwvCSZ2xoq9qHSYncmycklR"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-5f6448c676-pwxm2
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7df649c148889a12-FRA
x-robots-tag
none
logo-1.png
paytolet.com/storage/logo/ 		33 KB
33 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/storage/logo/logo-1.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyUGF5dG9MZXQlMjAtJTIwU2VhcmNoJTIwRW5naW5lJTIwRm9yJTIwUmVhbCUyMEVzdGF0ZSUyMiUyQyUyMnglMjIlM0EwLjkyNTE5OTE0Njg4NTMyMzElMkMlMjJ3JTIyJTNBMTYwMCUyQyUyMmglMjIlM0ExMjAwJTJDJTIyaiUyMiUzQTEyMDAlMkMlMjJlJTIyJTNBMTYwMCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBheXRvbGV0LmNvbSUyRnB1YmxpYyUyRiUyMiUyQyUyMnIlMjIlM0ElMjIlMjIlMkMlMjJrJTIyJTNBMjQlMkMlMjJuJTIyJTNBJTIyVVRGLTglMjIlMkMlMjJvJTIyJTNBMCUyQyUyMnElMjIlM0ElNUIlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjAlMjIlMkMlMjJBJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxJTIyJTJDJTIyVyUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMiUyMiUyQyUyMi0lMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjMlMjIlMkMlMjIxJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjI0JTIyJTJDJTIyMCUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyNSUyMiUyQyUyMjglMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjYlMjIlMkMlMjI1JTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjI3JTIyJTJDJTIyMCUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyOCUyMiUyQyUyMjMlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjklMjIlMkMlMjI0JTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxMCUyMiUyQyUyMjQlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlMkMlN0IlMjJtJTIyJTNBJTIyc2V0JTIyJTJDJTIyYSUyMiUzQSU1QiUyMjExJTIyJTJDJTIyOSUyMiUyQyU3QiUyMnNjb3BlJTIyJTNBJTIycGFnZSUyMiU3RCU1RCU3RCUyQyU3QiUyMm0lMjIlM0ElMjJzZXQlMjIlMkMlMjJhJTIyJTNBJTVCJTIyMTIlMjIlMkMlMjIyJTIyJTJDJTdCJTIyc2NvcGUlMjIlM0ElMjJwYWdlJTIyJTdEJTVEJTdEJTJDJTdCJTIybSUyMiUzQSUyMnNldCUyMiUyQyUyMmElMjIlM0ElNUIlMjIxMyUyMiUyQyUyMjYlMjIlMkMlN0IlMjJzY29wZSUyMiUzQSUyMnBhZ2UlMjIlN0QlNUQlN0QlNUQlN0Q=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b0b827ce038a8735e05d723ed0d59d8a948add3a7c64025686901ef8f66ca1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display
staticcontent_sol
age
103545
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=86400
x-ezoic-excludewebp
false
response
200
last-modified
Sat, 12 Feb 2022 07:42:20 GMT
x-ez-proxy-out
true 2.4
server
cloudflare
vary
Accept-Encoding,User-Agent,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODi%2B%2FIz4R8s1UYkjQmtmdRQ5pvQufY9BXqLhPSvpO2%2FH3zqSw4FsoIfNlqC09x7uuzRE4%2FE7W3wtyPqdi8ThyCe33R9X%2FNILmgofea%2FDE7T9mbPALw2bprO6mGdQiaD%2BqkSQVOzfdftco7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=604800
cf-ray
7df649bf3ac76969-FRA
priority
u=1,i
expires
Thu, 06 Jul 2023 07:21:31 GMT
/
www.google.de/pagead/1p-conversion/171-127-6666/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/171-127-6666/?guid=ON&random=1688127512718&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ti...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/171-127-6666/?guid=ON&random=1153242463&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fp...
  • https://www.google.com/pagead/1p-conversion/171-127-6666/?guid=ON&random=1153242463&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLe...
  • https://www.google.de/pagead/1p-conversion/171-127-6666/?guid=ON&random=1153242463&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet...
42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/1p-conversion/171-127-6666/?guid=ON&random=1153242463&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI3d_5w_rq_wIVyc2yCh25lQrh&is_vtc=1&ocp_id=dcWeZJ3RJ8mbywW5q6qIDg&cid=CAQSKQBygQiDbqbNGGjHl8Fb1phVc3O-2-GrE1EGGAw__PMnswCf_M-Dg4tH&random=1715598816&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:18 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/171-127-6666/?guid=ON&random=1153242463&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&ig=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMI3d_5w_rq_wIVyc2yCh25lQrh&is_vtc=1&ocp_id=dcWeZJ3RJ8mbywW5q6qIDg&cid=CAQSKQBygQiDbqbNGGjHl8Fb1phVc3O-2-GrE1EGGAw__PMnswCf_M-Dg4tH&random=1715598816&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/171-127-6666/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/171-127-6666/?guid=ON&random=1688127512718&fst=1688126835997&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%...
  • https://www.google.com/pagead/1p-user-list/171-127-6666/?guid=ON&random=1688127512718&fst=1688126400000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=Payto...
  • https://www.google.de/pagead/1p-user-list/171-127-6666/?guid=ON&random=1688127512718&fst=1688126400000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoL...
42 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/1p-user-list/171-127-6666/?guid=ON&random=1688127512718&fst=1688126400000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&is_vtc=1&random=270818670&ipr=y
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-user-list/171-127-6666/?guid=ON&random=1688127512718&fst=1688126400000&cv=9&sendb=1&num=1&u_cd=24&u_java=false&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&tiba=PaytoLet+-+Search+Engine+For+Real+Estate&u_tz=0&u_his=10&is_vtc=1&random=270818670&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
localstore.js
script.4dex.io/ 		483 B
1021 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:07:17 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
2068979
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0apzhAs56%2BARLQO40eg6UxVWl2ag%2FvtX0BApn%2B1JAPI2jRRNCr%2BzzguUlyIGxncmRhPA0lAZMctN6iPv4fwM0PggHn5zKYoIuKQlrjgM7j3Egs4ueSoQft1W9G0nRpZuUSwvbfqqfzdDPEnJ"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7df649c00c4618f9-FRA
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.11.96 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-11-96.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		2 KB
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&PageUrl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&PageReferrer=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&CanonicalUrl=https%3A%2F%2Fpaytolet.com%2Fpublic
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.150 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d29b2cebef491def9b5517709519ccc0ae89647bd7ddbe0caebeebc47dfe87fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
56
content-length
349
pragma
no-cache
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
js
www.googletagmanager.com/gtag/ Frame 078E 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PS3CN8PQR2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6446424-36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
649625a6826bd78ccb8299212ff9a4fb4610f54981ebda8939289d211d331d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sherpa.agoda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79127
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 30 Jun 2023 12:07:17 GMT
analytics.js
www.google-analytics.com/ Frame 078E 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-6446424-36
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sherpa.agoda.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 10:35:22 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5515
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 30 Jun 2023 12:35:22 GMT
json
forms.hscollectedforms.net/collected-forms/v1/config/ 		116 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms.hscollectedforms.net/collected-forms/v1/config/json?portalId=21342073&utk=cb7cef7282af4d66b3b63186f9c3bac1
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.107.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b16efcca394116d68fd631031e90d393a65c9d4c9cb5634ca32899b4da5aab6d

Request headers

Accept
application/json, text/plain, */*
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
fa056502-05b3-4034-93d0-acb9f9735bc1
x-envoy-upstream-service-time
9
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
fa056502-05b3-4034-93d0-acb9f9735bc1
server
cloudflare
access-control-max-age
180
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin
https://paytolet.com
x-evy-trace-virtual-host
all
content-type
application/json;charset=utf-8
cache-control
max-age=0
x-evy-trace-served-by-pod
iad02/app-td/envoy-proxy-57ff77fcd-x5fmx
x-robots-tag
none
access-control-allow-headers
*
cf-ray
7df649bfcd735b44-FRA
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=a2zUHwIdOr7ikqrkHcnlKl&lm=0&ts=1688126835344&dn=TI&iso=0&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 30 Jun 2023 12:07:17 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2TJIJ9D3fmxnHdMIaTzQbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-2TJIJ9D3fmxnHdMIaTzQbw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paytolet.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
4ab8aa0c-854c-411d-88a1-388030d3f47b
https://paytolet.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://paytolet.com/4ab8aa0c-854c-411d-88a1-388030d3f47b
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
aad92584-f663-4ac5-902b-d3a47de3f6e4
https://paytolet.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://paytolet.com/aad92584-f663-4ac5-902b-d3a47de3f6e4
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
/
content.hotjar.io/ 		56 B
161 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://content.hotjar.io/?gzip=1
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.b7e89cfe73c8ba46aa49.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.48.50.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-50-177.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
20318aa0918ec06ac3223fc88fe2476775ef4266a5e75799d99b40a695172369

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 30 Jun 2023 12:07:17 GMT
content-length
56
vary
Origin
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=4237356803044113&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=7&adks=1754540039&didk=3512041317&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D4803436408596716%26eid%3D4803436408596716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpaytolet_com-edge-2-4803436408596716%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZq-i30YDkai5h6GoKYbjHLaqnFjA&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126837825&lmt=1688126837&dlt=1688126834513&idt=860&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYpKPN4ZAxSABSAghqEhcKCHJ0YmhvdXNlGMiVzeGQMUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSGQoKdWlkYXBpLmNvbRjJlc3hkDFIAFICCGQSFAoFb3BlbngYyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGo.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c2c4975eeaa95b52c3e06e58a0801eb158495be608ed8a947c7f506988cb240
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
444
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 2593 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Fri, 30 Jun 2023 12:07:17 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
api.louassist.com/v1/assistant/public/company-subscription-check/289340402156/ 		72 B
384 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.louassist.com/v1/assistant/public/company-subscription-check/289340402156/
Requested by
Host: cdn.louassist.com
URL: https://cdn.louassist.com/viewer/script/v2.11.34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68748b387aaadd545a0bb1c563aa0588a1b87cb7502e8062bbecc53aa354bc6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
x-frame-options
DENY
vary
Accept, Origin, Cookie
content-type
application/json
access-control-allow-origin
https://paytolet.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q1NGHh0pqmRhX3IlmmvtWXKlx6B68vixqc%2FIBaRyWatJ9pT1bBAqEwZKgqbtAWSK8lCdMb7mxf%2FJGG%2B4JuXTpLAPqibSOf%2Bu2KVpA35kL5ot1vmrNPWQV%2B%2BJCLzhDGnLjnGWgo%2BQ94EIBXLorJC%2FEA%3D%3D"}],"group":"cf-nel","max_age":604800}
allow
GET, OPTIONS
access-control-allow-credentials
true
cf-ray
7df649c0cd443764-FRA
2c121332-d6ab-4328-b329-5de1f3f047b4
https://challenges.cloudflare.com/ Frame F289 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/2c121332-d6ab-4328-b329-5de1f3f047b4
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:07:18 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
8353b96b-66f2-445b-981f-f8cc73b832d6
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
8353b96b-66f2-445b-981f-f8cc73b832d6
Server
cloudflare
X-Trace
2B6A5BBF5E516EB97E1CDB31D25D8A5CD930BE8028000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-llkhw
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7df649c12b6439da-FRA
font-hotjar_5.65042d.woff2
script.hotjar.com/ 		2 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/font-hotjar_5.65042d.woff2
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.154.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-154-84.muc50.r.cloudfront.net
Software
/
Resource Hash
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://paytolet.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 20 Jun 2023 07:59:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 ac174bd7948c4e669be0382ce2c052e8.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
878846
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Mon, 19 Jun 2023 07:27:09 GMT
etag
"c9fb9163f8b7be37023ebe649688bebf"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31536000
x-robots-tag
none
x-amz-cf-id
qLgdcpUKbIfpzRAiDKlmeksj-6_PlhkQnrRboml483aXk8u5Y5ECAg==
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=a2zUHwIdOr7ikqrkHcnlKl&lm=0&ts=1688126835344&dn=TI&iso=0&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 30 Jun 2023 12:07:18 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
json
gum.criteo.com/sid/ Frame 4D83 		438 B
556 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=paytolet.com&sn=ChromeSyncframe&so=0&topUrl=paytolet.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paytolet.com&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6458c2ff0120420f7d979d65d04a1d41f8a7c6a08ea1e877717c62bdd786439b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=paytolet.com&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1022074
expires
0
5419b6a8b0d04a076446a9ad
widget.trustpilot.com/trustbox-data/ Frame A82E 		1 KB
958 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/trustbox-data/5419b6a8b0d04a076446a9ad?businessUnitId=636bea1d08d05ff86ad01723&locale=en-US
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-42.muc50.r.cloudfront.net
Software
Kestrel /
Resource Hash
5458ade10c4a5bbf648688464b0efc0a76d9dbb2818b9ccb2eed0a8f3d1244dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=636bea1d08d05ff86ad01723
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 30 Jun 2023 12:07:18 GMT
via
1.1 09f78fab17e561a78ea60bb6223c4962.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
MUC50-P4
age
650
etag
"8071a40583f13d3b7b56378b8f3bd95a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json; charset=utf-8
cache-control
public,max-age=1800
x-amz-cf-id
vYP5iYTwLooOWex8N0ALeT9HB0bRLRY8LSEvq-y9I0Y_EQSGEZLI2g==
x-xss-protection
1; mode=block
TrustboxImpression
widget.trustpilot.com/stats/ Frame A82E 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://widget.trustpilot.com/stats/TrustboxImpression?locale=en-US&styleHeight=24px&styleWidth=100%25&theme=light&minReviewCount=10&withoutReviewsPreferredStringId=1&styleAlignment=center&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&referrer=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.198%20Safari%2F537.36&language=en-US&platform=Win32&nosettings=1&businessUnitId=636bea1d08d05ff86ad01723&widgetId=5419b6a8b0d04a076446a9ad
Requested by
Host: widget.trustpilot.com
URL: https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.187.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-187-42.muc50.r.cloudfront.net
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://widget.trustpilot.com/trustboxes/5419b6a8b0d04a076446a9ad/index.html?templateId=5419b6a8b0d04a076446a9ad&businessunitId=636bea1d08d05ff86ad01723
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 09f78fab17e561a78ea60bb6223c4962.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
MUC50-P4
x-cache
Miss from cloudfront
cache-control
no-store,no-cache
x-amz-cf-id
Az4qz3vF1wyROVh39fwmrPWx5LdXuqDqbWkOW2ArXTe8tz6vfQDZLQ==
x-xss-protection
1; mode=block
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=10050.X6QVogJiiuHdqgL3FYqfcQSl6A-yqS1fhZFMb8NG26-nSVe1fsyHTNS1Nt-HJtRB.gMxk6EDNx-c9jmdZopiNuZToN6U%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10050.V_zW4Kgm_ipQKgrct-WGX290Kkz2WAlkdThftMansdB573fx-X-R-Ai_zPZNejPyG5o_6dilwSgjjqAuV4pN28JQ4VUFkUr07ZL4yXMJet0%2C.hqIbyQ_5jZAjwBMSg...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10050.V_zW4Kgm_ipQKgrct-WGX290Kkz2WAlkdThftMansdB573fx-X-R-Ai_zPZNejPyG5o_6dilwSgjjqAuV4pN28JQ4VUFkUr07ZL4yXMJet0%2C.hqIbyQ_5jZAjwBMSg6QGIqZcb1Y%2C
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=10050.V_zW4Kgm_ipQKgrct-WGX290Kkz2WAlkdThftMansdB573fx-X-R-Ai_zPZNejPyG5o_6dilwSgjjqAuV4pN28JQ4VUFkUr07ZL4yXMJet0%2C.hqIbyQ_5jZAjwBMSg6QGIqZcb1Y%2C
date
Fri, 30 Jun 2023 12:07:18 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
be73c656997f045
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/171376440:1688123140:8e6SwgpHl273PObkHdOJ8JQ4de81lb98vQ7I9W3omZo/7df649b54db59957/ Frame F289 		200 KB
148 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/171376440:1688123140:8e6SwgpHl273PObkHdOJ8JQ4de81lb98vQ7I9W3omZo/7df649b54db59957/be73c656997f045
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df649b54db59957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c48431c56f2a175c984ab751f3b45800adf87e6b79f954dffd3be0fc1cefac

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
be73c656997f045
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
tgILr6zcMODqR1HstShRuzSQTFwR9rNbQfjgQ81+HuJ8k/fmYVZbTP951ExPZPECNeSlwd5MaEfRILzhC0k59YSqD5Bcg+c8Hk9ARTx82sYJWehULbr2Lf2JwMoyni0R3GRodhmVJaN78AqeWs4w9mX75aiY1zzf93RrOzy9Be6wfBexfmQTV1kvkoFdN6ZM7weK2eSZaXz/T282N7ZIQFPxp8MQLLzqQmBNwD+NPHE3V2ln310QurekpzB930zyrjM2P//Xw56yxXMi3Lc3AVUDOIhNQLTfVdc+myRJ4vL89VEJQVT78moum/wIF978z7fMkeocTleCfWI6GKccfGsNLkgnOerDglWKtcb/mncPyn1QdWGYv1rrnNbyHHvAi2qS0WWegQgVIREqaE9F1lCMo5aqPXZPgxT9li7B+nb1HdFxYrw0LE3rz4ZKEhevB59haHXaJc9VTDM0CNg3qpj+a33XOxe7cFzyyJbMGzh846e9iRwZfojpuQhrm94e$FwEHdgxviGtdsrDAIturfg==
date
Fri, 30 Jun 2023 12:07:18 GMT
content-encoding
br
server
cloudflare
cf-ray
7df649c1df9b9957-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:07:18 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
38
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQFt1NQkOI4zIkj%2FIw0b0RjxqEpAmzKwEs%2B6CzpCQTvuuxJ%2FPrzgWk0QYQ4IY%2Fp%2FK2iwbHC%2Fu6VFaWCJVXI%2BYKvonpmFq%2B5T0dCMYxMgJckl3fqItyykWeI3JDBqVKG7v84Qm3X0x%2F7WMitB"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7df649c20fb31e4c-FRA
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1304153140423865&ev=PageView&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rl=&if=false&ts=1688126838069&sw=1600&sh=1200&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688126838068.1303914129&it=1688126837518&coo=false&rqm=GET
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Jun 2023 12:07:18 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
container.html
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 39DF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:16 GMT
expires
Sat, 29 Jun 2024 12:07:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
paytolet.com/porpoiseant/ 		0
519 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODkzOTUwNjI5NDYxNTIwMCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJwYXl0b2xldF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjMyNDIifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWrkfs7YxK%2BrVOdsRSjlk0cvTEN22I7Gc%2FjgiU5TaW07jCLywEsRo0vxYvaOqqQGGeyMOZu01kUfoUQ0uv4EShC7TsSbn8BPJDRoZnc7zaCPnDUNbce6CyIwdBKaUGHyWP3xIAGvKUHfXbE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649c27e5d6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:17 GMT
nsrNhxfkjikFVcim_j1670023300375-bufoez_t1670023348.vtt
video-meta.humix.com/thumbnails/nsrNhxfkjikFVcim/ 		629 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-meta.humix.com/thumbnails/nsrNhxfkjikFVcim/nsrNhxfkjikFVcim_j1670023300375-bufoez_t1670023348.vtt
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8691274fd586e4f3572c2772303bdc2b1a95a398a396e592df5afd3db2c1c7fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
via
1.1 83d0137377604ae8e59d0712f3ef6fe2.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
CDG50-P4
age
85515
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
629
last-modified
Thu, 18 May 2023 18:34:32 GMT
server
cloudflare
etag
"31a82e87339b2aed978efe8577ed79d2"
vary
Origin, Accept-Encoding
access-control-allow-methods
GET
content-type
binary/octet-stream
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdwvcOWqmFvZTUoxMx37BmpEjVlj27jP%2F2OovCUlMLR2B5nCcC2EAyxUDS6mONl%2BJsEEe3n7vrEA9cADZUto8vIx%2FAt5Z1x89t7agYWO6V77XPT2xiMAD3Luc7aWh2IQTI4z8NWZCgkKXZkjGYNIaM4N2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7df649c35bb1bbc8-FRA
x-amz-cf-id
FSlEWVEAWjyCsVsnEGVEyzAQMu9TKlE5lkg2DNCorjNxXxn2wjFw2w==
0dc8134f926d50e853f317c202e2cbf0ad272b9256181b263c8a1312c162c0b3_PxaQaG.jpg
streaming.humix.com/poster/nsrNhxfkjikFVcim/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://streaming.humix.com/poster/nsrNhxfkjikFVcim/0dc8134f926d50e853f317c202e2cbf0ad272b9256181b263c8a1312c162c0b3_PxaQaG.jpg
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d99d92a52427fdd9aca61d3fc6b4edc29cd591617f1a1c225fc99056030c89f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"99cf91c48bde3463b0dadae5b2ac4f16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZTD7SiDDje0a7fXcL0Q3is013E6cRdsRUsORtU%2FWUJP0OMNWAXru%2BK82oVXC2Kdzln92KzE%2FSCO0pXd%2BXWXXl5TIs5XX%2BfuDExcGtoFnRzFahtpWlr6CzD7VZXRGZKVsJWNaEMzTuriPSVb5lMpngJO"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cf-ray
7df649c4bad23662-FRA
alt-svc
h3=":443"; ma=86400
content-length
44311
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ad6b4cd9fdd1156ea742d8806d7d22f787ac9570a365aaa3a4903e25fc820c6

Request headers

Referer
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
bridge3.578.0_de.html
imasdk.googleapis.com/js/core/ Frame CCEF 		709 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
915aad6b2dd28c934b5a8e6f632642c7993740dc419ba3b0fad29b34e4e2882a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
191343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231564
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 28 Jun 2023 06:58:15 GMT
expires
Thu, 27 Jun 2024 06:58:15 GMT
last-modified
Wed, 07 Jun 2023 16:35:26 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 30 Jun 2023 12:07:18 GMT
0dc8134f926d50e853f317c202e2cbf0ad272b9256181b263c8a1312c162c0b3.vtt
video-meta.humix.com/link/ 		152 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://video-meta.humix.com/link/0dc8134f926d50e853f317c202e2cbf0ad272b9256181b263c8a1312c162c0b3.vtt
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:55f9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a45210736b55c72db5121f3b0ba4ce4e03261f444785b17c4bfb321004d5e29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
152
last-modified
Thu, 18 May 2023 23:23:12 GMT
server
cloudflare
etag
"86ccaadae6a7afcc293b468a35c4fd1a"
vary
Origin
access-control-allow-methods
GET
content-type
text/vtt
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVjAIchx19h8zdB0Ruy9KaVCXHuc88dp9z%2Fo4G6tBanJqIfhoUQJIE%2FOz9xizvIY%2F0zV4QEiEjxY%2FuxXd63JbH9BhtzqRbIijuO3fonkmQLXxLgaO55CpTd53vM9drG5Sn7qz7toufUKt3dyDAqfWsaYqg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7df649c35bb5bbc8-FRA
x-amz-cf-id
pYIh1Ob673V4661T_cjNzvqF-js0jGjmitJ-Tb2f_nL8fpxJR0h7CQ==
vid.gif
paytolet.com/detroitchicago/ 		43 B
560 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/detroitchicago/vid.gif?e=%5B%7B%22domain_id%22%3A410164%2C%22url%22%3A%22https%3A%2F%2Fpaytolet.com%2Fpublic%2F%22%2C%22pageview_id%22%3A%22c2c3f7e1-3a16-4fad-421c-78a5c4d200de%22%2C%22visit_uuid%22%3A%22b16eeea4-a8ef-4771-77cd-6305a4a265ac%22%2C%22template_id%22%3A134%2C%22video_impression_id%22%3A%22a1fb5727-0dcf-4392-8886-761f0f7ae192%22%2C%22media_src%22%3A%22https%3A%2F%2Fstreaming.humix.com%2Fcontents%2FnsrNhxfkjikFVcim%2F1682919808%2Findex.mpd%22%2C%22player_type%22%3A%22HTML5%22%2C%22video_title%22%3A%22Sell%20your%20property%20in%20minutes%22%2C%22video_position_id%22%3A3998%2C%22is_autoplay%22%3A1%2C%22is_floating%22%3A1%2C%22floating_option%22%3A0%2C%22is_playlist_item%22%3A0%2C%22vab_test_id%22%3A%22mod58-c%22%2C%22is_preferred%22%3Afalse%2C%22video_length%22%3A53887%2C%22content_id%22%3A%220dc8134f926d50e853f317c202e2cbf0ad272b9256181b263c8a1312c162c0b3%22%2C%22width%22%3A854%2C%22height%22%3A480%2C%22pos_x%22%3A373%2C%22pos_y%22%3A1749%2C%22video_objects_count%22%3A1%2C%22video_objects_index%22%3A1%2C%22video_selection_type%22%3A9%2C%22video_match_score%22%3A79%2C%22is_blocker_on%22%3A0%2C%22video_source%22%3A%22upload%22%7D%5D
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KzPxgw%2Fml0XPcMQ4daZDEU%2B6yA6lYp9W%2FPOtOqHJ%2FOdCYL6XDgLmZVaVvKyPiTTa5VFvX4hjEGbGR%2FbJI54ZOXiLQ18qZaP0gdSuzZFcm59KVvijGE4xlyHBnpdasvM4S1cwoV3bF6oBaps%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
7df649c35f566969-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
priority
u=3,i
expires
Thu, 29 Jun 2023 12:07:20 GMT
/
viewer.louassist.com/ Frame A0CB 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/?folderId=null&companyId=289340402156
Requested by
Host: cdn.louassist.com
URL: https://cdn.louassist.com/viewer/script/v2.11.34
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d738cc2e63c9f8ed958fa47e693c0de07d747c15abdd41aa44525ff2d5982725

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
112365
cache-control
public, max-age=0, s-maxage=2, must-revalidate
content-encoding
gzip
content-type
text/html
date
Thu, 29 Jun 2023 04:54:34 GMT
etag
W/"ef4d8f376ff1f55234435d76ce6db374"
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-id
JMf5Eh15qDpZ6ZigkseNCk1AkLCZMi58x__zfP9Vhxrzenw4NRL4Pg==
x-amz-cf-pop
HIO50-C1 FRA60-P4
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
greenoaks.gif
paytolet.com/detroitchicago/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjM0MjcifV19XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chUo1mdqmev%2F0cz35o5594lQ4nsNYJgViLzyYkhqZJtB8FsCO7WnL81bUe3Hide%2FaFcBpA8Vl%2FTwX6KhZ1wKda3OCZP%2F21ZNJ6F%2BguUBUUzho6QsYKOXcpdSOQMkgz1EH6VDvzNEp0g5va8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649c3afa16969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:18 GMT
army.gif
paytolet.com/porpoiseant/ 		0
519 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODkzOTUwNjI5NDYxNTIwMCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJwYXl0b2xldF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4OTM5NTA2Mjk0NjE1MjAwIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6InBheXRvbGV0X2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiMzUzMGZjYjZiY2MxM2RjM2MxNzEyZWFlZjdkOTI3MDAifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5Mzk1MDYyOTQ2MTUyMDAiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoicGF5dG9sZXRfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5Mzk1MDYyOTQ2MTUyMDAiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoicGF5dG9sZXRfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODkzOTUwNjI5NDYxNTIwMCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJwYXl0b2xldF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVhKvFqwuTa6hDVIgqGSf8lb16rDVlVD6OA4nZoCWrL5v2oFV63czQ%2Bed8PxaeeX1P8vx08mx1HHsv2Iw0L%2B0CoA5zCPmWqqXDnXdny%2BcrPuGjAtyXIAVtgmcTCN8abQo62oG5514P8X6xc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649c3afa46969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:18 GMT
army.gif
paytolet.com/porpoiseant/ 		0
530 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODkzOTUwNjI5NDYxNTIwMCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJwYXl0b2xldF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDYtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXXIAW%2BCGE4FotXNYrYohwC804T%2BYF1lgwIUPPIfLsfhy9%2FjSssMOkLmjfu9EnFD%2BpD5uoE%2BNvk%2FWHCJMVVR32%2BvMt%2BFLjLXYRPORGNl27Vh5zjW9xN03s4JiaJgt11CU4F%2FGt7hSR6p1Ek%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649c3afa86969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:20 GMT
army.gif
paytolet.com/porpoiseant/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODkzOTUwNjI5NDYxNTIwMCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJwYXl0b2xldF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYXVjdGlvbl9lcG9jaCI6MTY4ODEyNjgzOCwiYWRfcG9zaXRpb24iOjk5OTksImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTYwLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTYwLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjoxMDE4LCJtdWx0aV9hZF91bml0IjpudWxsLCJtdWx0aV9hZF9jb3VudCI6bnVsbCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bVucKE89k3Sv2bDCgPF5K0l5QZI3bKOzo%2F%2Fh0x7MjFq7K9mcnxtJS57Gx5TcsdSoGdyONjUyCkThuHlbS2C2zrq5rxuuoicI7H9wOxlTtQQbmSrRqEiGM%2BBjwuTgrnVeXcb5W6%2FvnwqYdMo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649c3afa96969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:18 GMT
aad92584-f663-4ac5-902b-d3a47de3f6e4
https://paytolet.com/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://paytolet.com/aad92584-f663-4ac5-902b-d3a47de3f6e4
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
index.mpd
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/index.mpd
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.85.249 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3460c8dc80571967cec28fddfdafd61baa448d2ff6589376050981296d1aabdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"f986aacc6a62f80163df99545e7777eb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kCszB06ZT%2F5Nwp67OfLhXlBWnkrdri1ro9Xyhzi%2F3RA7MnejMBYEYfuggK2dr6lgsXj9ZV2zJQ%2F1yGH13IzV04nSsA26DKMcLJ7omBDGO7RZUacYJxSB0lC6vjs1N%2BSATh5mvYLu"}],"group":"cf-nel","max_age":604800}
content-type
application/xml
access-control-allow-origin
*
cf-ray
7df649c8ed522bbc-FRA
alt-svc
h3=":443"; ma=86400
vpp.gif
paytolet.com/detroitchicago/ 		43 B
553 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/detroitchicago/vpp.gif?e=%5B%7B%22url%22%3A%22https%3A%2F%2Fpaytolet.com%2Fpublic%2F%22%2C%22pageview_id%22%3A%22c2c3f7e1-3a16-4fad-421c-78a5c4d200de%22%2C%22template_id%22%3A134%2C%22player_name%22%3A%22ezoicvideo%22%2C%22domain_id%22%3A410164%2C%22media_src%22%3A%22blob%3Ahttps%3A%2F%2Fpaytolet.com%2F347bff5e-baeb-4daa-8ec4-fd1d38b118c5%22%7D%5D
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mBs7cpEeetopdA1S0j13gUBzswiE9M2BIFTkt5A3pcGWS2iMVvydrB685iNeaVQbCrZhCoUgUxb2VyGeMhWiWTqWZy2fOv%2BOa9Vtis%2F0umvFiEa%2BbAMidhfhGLGjK%2FzBetnigRmGkigGGU0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
7df649c70b406969-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
priority
u=3,i
expires
Thu, 29 Jun 2023 12:07:18 GMT
army.gif
paytolet.com/porpoiseant/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIzOTc4In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySox3%2FT4ObLbFUHriZcDhnBY%2Bro38TLNSLoqJafm%2BkKtz7AepCmQhZYleu%2BqvaWiBms3tEDzrFe279N7z1QlVEdEP3S1qHvCgBEPGW7rG4%2BG2tQQmRMQPpaBS0vs6dU6EN6y9UtbZWzvI5E%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649c71b4b6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:19 GMT
p
ic.tynt.com/b/ 		0
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=a2zUHwIdOr7ikqrkHcnlKl&lm=0&ts=1688126835344&dn=TI&iso=0&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
"Sat, 26 Jul 1997 05:00:00 GMT"
date
Fri, 30 Jun 2023 12:07:18 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
server
nginx/1.16.1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
css2
fonts.googleapis.com/ Frame 39DF 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 12:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 10:52:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jun 2023 12:07:18 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/ Frame 8381 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd3f24e49eae726ef1b1c45fbc9d347384aea9b23b23c8b555a1079dea976302
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
223554
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3319
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Jun 2023 22:01:24 GMT
expires
Wed, 26 Jun 2024 22:01:24 GMT
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 0E3B 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
10682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 09:09:16 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1354 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3046
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 11:16:32 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 0E3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 08:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
11503
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 08:55:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 0E3B 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
65819
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:19 GMT
l
www.google.com/ads/measurement/ Frame 0E3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTYMTHoV7Xnh85RThCQA1Ozg2hgVbMw5OoVbek_8m4dLOnc1y-YjOvfalc1lcfqXjSWUQEUL7Jy7sL2aMXxRc8C-6n1IA
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0E3B 		179 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:07:19 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/ Frame 39DF 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 18:24:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
63756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8602
x-xss-protection
0
server
cafe
etag
5099012690780875661
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 18:24:42 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 39DF 		205 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 16:16:18 GMT
x-content-type-options
nosniff
age
330660
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 21:28:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 25 Jun 2024 16:16:18 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 39DF 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:35:04 GMT
x-content-type-options
nosniff
age
171134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Sat, 24 Jun 2023 21:28:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 27 Jun 2024 12:35:04 GMT
e548206b-5799-49ff-a33d-9836c54c2c8c
https://challenges.cloudflare.com/ Frame F289 		539 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/e548206b-5799-49ff-a33d-9836c54c2c8c
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
539
Content-Type
text/javascript
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=*&eid=30&u=AgAAAAAAAAAAACA&h=Ag&z=0
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:07:19 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
747c4e6a-6b82-4f6a-8784-342c2cffca58
x-envoy-upstream-service-time
2
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
747c4e6a-6b82-4f6a-8784-342c2cffca58
Server
cloudflare
X-Trace
2BD47392F9C25E7CF61FC0741870792E585E4C3584000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7df649c9bd9439da-FRA
3df617dd0b749cb1.css
viewer.louassist.com/_next/static/css/ Frame A0CB 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/css/3df617dd0b749cb1.css
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0cdd6780a01ee62ad8b68f1be30f4edbf52248e8b4555755c2a6dc593df37bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
content-encoding
gzip
via
1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
W/"5cd53fc0a03349f50fb4ba8ab9c88b40"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
cache-control
public, max-age=0, immutable, s-maxage=2
x-amz-cf-id
mawloZgrn4ZZIcn5c2zI5lmAAUJl3k1t6q7OXxn7rcrTHwVGwVYv5A==
webpack-af0fc1fb1b57cb39.js
viewer.louassist.com/_next/static/chunks/ Frame A0CB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/chunks/webpack-af0fc1fb1b57cb39.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8793e374dab2ae48fafd92ebc35cddfa733d706e51a0afc4d15b406362f0e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
content-encoding
gzip
via
1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
W/"a1820ca3389cbdd7e75dabdcf95e85a1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
x-amz-cf-id
Tw6NIQ8oF29chKMTdmYeV6fOrhlkJ-2n05x_UlMSv1H0ADplIdBMwA==
framework-5f4595e5518b5600.js
viewer.louassist.com/_next/static/chunks/ Frame A0CB 		127 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/chunks/framework-5f4595e5518b5600.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
content-encoding
gzip
via
1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
W/"623da2092ab9e81400d81fad9017f0ba"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
x-amz-cf-id
0mHU_Sfdvn42-ZK3TNoOuyAZC2RfnnQswr2Q6O_ga1K2IPGIXGCXww==
main-f65e66e62fc5ca80.js
viewer.louassist.com/_next/static/chunks/ Frame A0CB 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/chunks/main-f65e66e62fc5ca80.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
793c305047c58eaf6adb9fd1f032fc2ba40bb5d33f036a8e31f06ab03c9d0e4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
content-encoding
gzip
via
1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
W/"3c19e429e8ad4a92fbc8bbb908cffa15"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
x-amz-cf-id
YgePst9wxvNTPeNqbneRI1Xge7arPRsr4IWbb2EC0AYiYwnN-4f7Pw==
_app-e28c37b611e7818a.js
viewer.louassist.com/_next/static/chunks/pages/ Frame A0CB 		1 MB
338 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/chunks/pages/_app-e28c37b611e7818a.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8611fd55fa961d77ac006552eb2eee14cb3af21234ea74cf63aea088070523e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
content-encoding
gzip
via
1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
W/"3286d05bba0f65efcde3de045f7746b3"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
x-amz-cf-id
13Vpu7If751zuvUDOMIwwrTGO4KPwDNh3wALUGGu2t89Mne15lC2kQ==
669-c2503e1f6ad811e7.js
viewer.louassist.com/_next/static/chunks/ Frame A0CB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/chunks/669-c2503e1f6ad811e7.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f925e856c238fd58acb1284b59475ffe2ef42d658ab179bd3c8da8384c47788

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
content-encoding
gzip
via
1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
W/"1c3e8fe12cb7a43679e3c70415ec9288"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
x-amz-cf-id
sjKWzGNiCJLtUPL83mzqT3chljVPNqSGZv5O5i_x-WxS_hSANKADAg==
726-a4bacd34632cb86d.js
viewer.louassist.com/_next/static/chunks/ Frame A0CB 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/chunks/726-a4bacd34632cb86d.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e68318fd50f741b3df01ad37103b6868a5b2060936fa2551af45a8585517a2ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
content-encoding
gzip
via
1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
W/"c100c3557406f9fe8b0b505bd3bf6792"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
x-amz-cf-id
pL8BFuUzFpKAh2tEIUjVN34tZG8uKxNZEF5vGAiCgrmVFUNn0uwQ7g==
index-c647fade9a00b57a.js
viewer.louassist.com/_next/static/chunks/pages/ Frame A0CB 		73 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/chunks/pages/index-c647fade9a00b57a.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6498a978ef476bde9fabbfe6cf6833ad7e2213d4f9d3263f62a8293f85381c2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
content-encoding
gzip
via
1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
W/"6ea30c593f26555e7ccdf925c4f13c0f"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
x-amz-cf-id
nz9JXaXYZqcZOxqStgKW-Drl_nGXHFyzSytuLhMBYtUiEpVC2FIGwA==
_buildManifest.js
viewer.louassist.com/_next/static/Z_NXw1ho5kIlrf9s0EZhK/ Frame A0CB 		478 B
952 B 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/Z_NXw1ho5kIlrf9s0EZhK/_buildManifest.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
69f36953d1340da5caa06c3c1083365223bb624888f7aaac3b91355f68b45ac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
via
1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963041
x-amz-server-side-encryption
AES256
etag
"24308add611ce36d916542fd9dbbf875"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
accept-ranges
bytes
content-length
478
x-amz-cf-id
x7YH9ry8nnGzEWYPhWm0pCXWu1jB_luOAca4p_4UV1KdhKPO5CGC6Q==
_ssgManifest.js
viewer.louassist.com/_next/static/Z_NXw1ho5kIlrf9s0EZhK/ Frame A0CB 		77 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/Z_NXw1ho5kIlrf9s0EZhK/_ssgManifest.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
via
1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
"b6652df95db52feb4daf4eca35380933"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
accept-ranges
bytes
content-length
77
x-amz-cf-id
_aaltbNaBRAEQaIw_lEMQdGFMaiU_qht75zE_2IyF1IUO3_O7L-bVw==
_middlewareManifest.js
viewer.louassist.com/_next/static/Z_NXw1ho5kIlrf9s0EZhK/ Frame A0CB 		92 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://viewer.louassist.com/_next/static/Z_NXw1ho5kIlrf9s0EZhK/_middlewareManifest.js
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8200:6:25cd:c280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/?folderId=null&companyId=289340402156
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 07 Jun 2023 18:49:58 GMT
via
1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Jun 2023 18:45:50 GMT
server
AmazonS3
x-amz-cf-pop
HIO50-C1, FRA60-P4
age
1963042
x-amz-server-side-encryption
AES256
etag
"7c3f7e060745668041278118c0bb3d6d"
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=0, immutable, s-maxage=2
accept-ranges
bytes
content-length
92
x-amz-cf-id
MwNpMlF_U1rSuKGIFxmA66t1DwQlMlQzCFzBr2xyv-ZprATtsyKN9Q==
css
fonts.googleapis.com/ Frame A0CB 		2 KB
482 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli:500,700&display=swap
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/?folderId=null&companyId=289340402156
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
17f9c0ff6edabbfac82cc9e23d5459ef40ead490d1615fbb4dfb38f9b7c38be0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://viewer.louassist.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 12:07:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jun 2023 12:07:19 GMT
7bfae5c5-f9cb-4de1-b1d5-82e1fc720635
https://paytolet.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://paytolet.com/7bfae5c5-f9cb-4de1-b1d5-82e1fc720635
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c12e54fac2a52a04d3c8b0c7af32ae3ddce2134dcbeeae215e2e1ec691dd9aab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
5497
Content-Type
application/javascript
7729925b-d2b4-426e-8bd0-9e9358486888
https://paytolet.com/ 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://paytolet.com/7729925b-d2b4-426e-8bd0-9e9358486888
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
79363
Content-Type
application/javascript
d8a07242-e8f6-422d-9ade-1b7b3d907b22
https://paytolet.com/ 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://paytolet.com/d8a07242-e8f6-422d-9ade-1b7b3d907b22
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
79363
Content-Type
application/javascript
si
capi.connatix.com/tr/ 		0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?token=dceed97a-951e-4c47-b565-c2794ffae817&cid=5f049401-746e-4449-8c27-b6b9d8e25882
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.204 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
7df649c85a149078-FRA
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=822756261170746&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-3%2Cpaytolet_com-medrectangle-4&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=250x250%2C320x50%7C336x280%7C728x90%7C468x60%7C120x240%7C180x150%7C125x125%7C234x60%7C300x250%7C320x50%7C250x250%7C320x100%7C200x200%7C970x90%7C970x250&fluid=0%2Cheight&ifi=8&adks=4258316528%2C3797908853&didk=2639644830~2639650275&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D6394153360637039%26eid%3D6394153360637039%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1909%26sap%3D1909%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-3-6394153360637039%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%7Ca%3D%257C0%257C%26iid1%3D3755511712643105%26eid%3D3755511712643105%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1110%26sap%3D1110%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D1%26at%3Dmbf%26adr%3D398%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D22%26al%3D1022%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-4-3755511712643105%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126839137&lmt=1688126839&dlt=1688126834513&idt=860&adxs=675%2C200&adys=2199%2C4114&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2&ucis=7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x250%7C1600x250&msz=250x250%7C1200x250&fws=0%2C0&ohw=0%2C0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYpKPN4ZAxSABSAghqEsIBCghydGJob3VzZRKsAU4rR1VjWHM0S3c2enIvOVZTVnBqRDluN2txbCtNM2ljMFZBV3NocUFDNGdzTTRrdkkvemtQY2Z1MWZURUlKUmZ4QVJJRUp3Si9kMXFlUTZBR2tnNEl0SVlXTGw0dkNwZGdDREQrUWFZMG80NGd1cU5mQUNnYjh6OHhMZnRMTWVhTUFYU29sbVFBbFBSUjV6TnlMUXd1Wkg3Nm1ZbEJIVVZsZ0tjNkdjK25uTT0Yo6nN4ZAxSAASHQoOZXNwLmNyaXRlby5jb20YyZXN4ZAxSABSAghkEhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVdrbFlaR0ZEZDFOU2VYVjZUa0kyVkVGeWRYTjRkejA5SW4wPRjqqM3hkDFIABIbCgxpZDUtc3luYy5jb20Y3afN4ZAxSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
07aee82f4b64e2bc1da39107f59b10f92d9c157d0927c1390bc80f1c107defb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
473
x-xss-protection
0
google-lineitem-id
-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
481 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=755706751674910&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&adks=3162661208&didk=2639643799&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D687389980650716%26eid%3D687389980650716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-2-687389980650716%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26asau%3D8408181829%26bv%3D18%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%26lb%3D120%26reqt%3D1688126839112&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126839146&lmt=1688126839&dlt=1688126834513&idt=860&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYpKPN4ZAxSABSAghqEsIBCghydGJob3VzZRKsAU4rR1VjWHM0S3c2enIvOVZTVnBqRDluN2txbCtNM2ljMFZBV3NocUFDNGdzTTRrdkkvemtQY2Z1MWZURUlKUmZ4QVJJRUp3Si9kMXFlUTZBR2tnNEl0SVlXTGw0dkNwZGdDREQrUWFZMG80NGd1cU5mQUNnYjh6OHhMZnRMTWVhTUFYU29sbVFBbFBSUjV6TnlMUXd1Wkg3Nm1ZbEJIVVZsZ0tjNkdjK25uTT0Yo6nN4ZAxSAASHQoOZXNwLmNyaXRlby5jb20YyZXN4ZAxSABSAghkEhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVdrbFlaR0ZEZDFOU2VYVjZUa0kyVkVGeWRYTjRkejA5SW4wPRjqqM3hkDFIABIbCgxpZDUtc3luYy5jb20Y3afN4ZAxSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c64e454e234c21df09f76bb3f7f9eb5265cc5e65ff433b74b620b6aee03ff5e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
451
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=1641474446192979&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=11&adks=1957513018&didk=3512010702&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D8292738108625282%26eid%3D8292738108625282%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpaytolet_com-edge-1-8292738108625282%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%26lb%3D100%26reqt%3D1688126839117&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126839152&lmt=1688126839&dlt=1688126834513&idt=860&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYpKPN4ZAxSABSAghqEsIBCghydGJob3VzZRKsAU4rR1VjWHM0S3c2enIvOVZTVnBqRDluN2txbCtNM2ljMFZBV3NocUFDNGdzTTRrdkkvemtQY2Z1MWZURUlKUmZ4QVJJRUp3Si9kMXFlUTZBR2tnNEl0SVlXTGw0dkNwZGdDREQrUWFZMG80NGd1cU5mQUNnYjh6OHhMZnRMTWVhTUFYU29sbVFBbFBSUjV6TnlMUXd1Wkg3Nm1ZbEJIVVZsZ0tjNkdjK25uTT0Yo6nN4ZAxSAASHQoOZXNwLmNyaXRlby5jb20YyZXN4ZAxSABSAghkEhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVdrbFlaR0ZEZDFOU2VYVjZUa0kyVkVGeWRYTjRkejA5SW4wPRjqqM3hkDFIABIbCgxpZDUtc3luYy5jb20Y3afN4ZAxSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91895e846479fe4ffb793d7e5055327b7bddb14670cca3fde95d24fedae4847f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=234440064974345&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=12&adks=3730846524&didk=1533033682&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D7536534294636650%26eid%3D7536534294636650%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1900%26sap%3D1900%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dpaytolet_com-box-2-7536534294636650%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2610%2C2688%2C3045%26lb%3D140%26reqt%3D1688126839107&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126839157&lmt=1688126839&dlt=1688126834513&idt=860&adxs=436&adys=157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1600x90&msz=728x90&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYpKPN4ZAxSABSAghqEsIBCghydGJob3VzZRKsAU4rR1VjWHM0S3c2enIvOVZTVnBqRDluN2txbCtNM2ljMFZBV3NocUFDNGdzTTRrdkkvemtQY2Z1MWZURUlKUmZ4QVJJRUp3Si9kMXFlUTZBR2tnNEl0SVlXTGw0dkNwZGdDREQrUWFZMG80NGd1cU5mQUNnYjh6OHhMZnRMTWVhTUFYU29sbVFBbFBSUjV6TnlMUXd1Wkg3Nm1ZbEJIVVZsZ0tjNkdjK25uTT0Yo6nN4ZAxSAASHQoOZXNwLmNyaXRlby5jb20YyZXN4ZAxSABSAghkEhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVdrbFlaR0ZEZDFOU2VYVjZUa0kyVkVGeWRYTjRkejA5SW4wPRjqqM3hkDFIABIbCgxpZDUtc3luYy5jb20Y3afN4ZAxSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b97c727a9b701f3379168e040c96509123597595d760c49eb80feeba6acd2e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
444
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=2331621269136887&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=13&adks=1754540039&didk=3512041317&sfv=1-0-40&ris=1&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D4803436408596716%26eid%3D4803436408596716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpaytolet_com-edge-2-4803436408596716%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2610%2C2688%2C3045%26lb%3D140%26reqt%3D1688126839120&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126839163&lmt=1688126839&dlt=1688126834513&idt=860&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYpKPN4ZAxSABSAghqEsIBCghydGJob3VzZRKsAU4rR1VjWHM0S3c2enIvOVZTVnBqRDluN2txbCtNM2ljMFZBV3NocUFDNGdzTTRrdkkvemtQY2Z1MWZURUlKUmZ4QVJJRUp3Si9kMXFlUTZBR2tnNEl0SVlXTGw0dkNwZGdDREQrUWFZMG80NGd1cU5mQUNnYjh6OHhMZnRMTWVhTUFYU29sbVFBbFBSUjV6TnlMUXd1Wkg3Nm1ZbEJIVVZsZ0tjNkdjK25uTT0Yo6nN4ZAxSAASHQoOZXNwLmNyaXRlby5jb20YyZXN4ZAxSABSAghkEhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVdrbFlaR0ZEZDFOU2VYVjZUa0kyVkVGeWRYTjRkejA5SW4wPRjqqM3hkDFIABIbCgxpZDUtc3luYy5jb20Y3afN4ZAxSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93d8d0bc82b680223764c49bf2fb322af217b450c011a6397b2957008583133a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=939159117123907&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ifi=14&adks=2888625247&didk=1533032731&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D32787398583637%26eid%3D32787398583637%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpaytolet_com-box-3-32787398583637%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%26lb%3D120%26reqt%3D1688126839101&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126839169&lmt=1688126839&dlt=1688126834513&idt=860&adxs=566&adys=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x60&msz=468x60&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYyZXN4ZAxSABSAghkEhkKCnB1YmNpZC5vcmcYpKPN4ZAxSABSAghqEsIBCghydGJob3VzZRKsAU4rR1VjWHM0S3c2enIvOVZTVnBqRDluN2txbCtNM2ljMFZBV3NocUFDNGdzTTRrdkkvemtQY2Z1MWZURUlKUmZ4QVJJRUp3Si9kMXFlUTZBR2tnNEl0SVlXTGw0dkNwZGdDREQrUWFZMG80NGd1cU5mQUNnYjh6OHhMZnRMTWVhTUFYU29sbVFBbFBSUjV6TnlMUXd1Wkg3Nm1ZbEJIVVZsZ0tjNkdjK25uTT0Yo6nN4ZAxSAASHQoOZXNwLmNyaXRlby5jb20YyZXN4ZAxSABSAghkEhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEj4KBW9wZW54EixleUpwSWpvaVdrbFlaR0ZEZDFOU2VYVjZUa0kyVkVGeWRYTjRkejA5SW4wPRjqqM3hkDFIABIbCgxpZDUtc3luYy5jb20Y3afN4ZAxSABSAghq
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69159bd81eedf89aee248415f0ac556d8b25cf84ae76901fb976da6da63e5814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
443
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 715B 		0
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://paytolet.com
Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://paytolet.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:19 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8381 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 21:21:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
53167
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 30 Jun 2023 21:21:12 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8381 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 08:10:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 01 Jul 2023 08:10:22 GMT
aa029635397687a8d1fa8fb5c6a619b3.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/ Frame 8381 		84 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/aa029635397687a8d1fa8fb5c6a619b3.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aed7790ebfd265538055f5acdc5261c5e79f4e1c36424fd214f970a348534d10
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 10:34:49 GMT
age
178350
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24782
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 10:34:49 GMT
truncated
/ 		152 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a45210736b55c72db5121f3b0ba4ce4e03261f444785b17c4bfb321004d5e29

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
text/vtt
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1354
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:19 GMT
expires
Fri, 30 Jun 2023 12:07:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:19 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
610d3cdf-43bc-4a99-a38d-93c52ed19944
https://challenges.cloudflare.com/ Frame F289 		99 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/610d3cdf-43bc-4a99-a38d-93c52ed19944
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
728x90above_
fundingchoicesmessages.google.com/f/AGSKWxW4K03815-FS9O25SPvwr97bl12pyhshC2i9PJH7uF82HGc413YwKfWx0Fp_hvwcHjmQLGveVrwSVtvdTgVVN67FOgS16MMPuqufLNC_fs_FYD7RRc71LYN_YGqaYMPXOZDHB3gvOIwlEvUfO-07euZ4UojY... 		54 B
298 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxW4K03815-FS9O25SPvwr97bl12pyhshC2i9PJH7uF82HGc413YwKfWx0Fp_hvwcHjmQLGveVrwSVtvdTgVVN67FOgS16MMPuqufLNC_fs_FYD7RRc71LYN_YGqaYMPXOZDHB3gvOIwlEvUfO-07euZ4UojY2KREeCQtvuN1kZIuEqiGorTJa2p0NzE/_.adresult._advertising_header._160-600./html/ads_/ads/728x90above_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e1e1dbf9fbf77090daf000b819c73634600624988eb105bc3c8c75d4abab40eb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hDgEMUgFXwfRd-PsWhy61Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-security-policy
script-src 'report-sample' 'nonce-hDgEMUgFXwfRd-PsWhy61Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		48 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d3850772f5b859e1ebab3e19c59cdac81d8c954809c3736c022737477353626e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:51:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
976
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16479
x-xss-protection
0
server
cafe
etag
1426790597581365494
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:51:03 GMT
AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-azXtDGpawV7hGbsBQQ-0IA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:19 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-azXtDGpawV7hGbsBQQ-0IA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://paytolet.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
40dac5881300a12e7b87bfc7574fdfde.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/ Frame 8381 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/40dac5881300a12e7b87bfc7574fdfde.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0591142e1d6fe8b8a6016efa44de77deb81fa362bf09b28b3c9dcdab346ab38
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Jun 2023 22:19:56 GMT
age
222443
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1020
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 26 Jun 2024 22:19:56 GMT
ab4cb2a7a0bb83dc3cbd065a013b9f14.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/ Frame 8381 		2 KB
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/ab4cb2a7a0bb83dc3cbd065a013b9f14.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1d1ea3bb21e6ac680c043f8455a2479aa88b49b3e723ecd7720901e87ea7bcd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 12:15:57 GMT
age
172282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
770
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 12:15:57 GMT
d5ab4b9fcec592857bf49949a41b5ec4.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/ Frame 8381 		2 KB
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/d5ab4b9fcec592857bf49949a41b5ec4.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a40050ede26264290dfc1db40ed40ed7fc66691a935c84cd22e6470eedc26181
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 23:49:31 GMT
age
562668
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
769
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 23:49:31 GMT
49df81fef3da9fec4410a7c28851bc49.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/ Frame 8381 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/49df81fef3da9fec4410a7c28851bc49.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e630ef5639956102bcb819655a6a4e7f949b953ddcf4e225b991bd5d4966524
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 22:07:23 GMT
age
568796
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1246
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 22:07:23 GMT
b07650a3b49a8d35b5c75c7011b75e11.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/ Frame 8381 		10 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/b07650a3b49a8d35b5c75c7011b75e11.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0abe67bae454de9cd5d4fc27e9ea799d4080e85117dbffdf1b91e9699857c003
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 02:41:11 GMT
age
206768
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3111
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 02:41:11 GMT
97291b9e0e686e5ed60064a7d3de3ae1.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/ Frame 8381 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/97291b9e0e686e5ed60064a7d3de3ae1.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ec9a3aad16263d804cabc6da6e5229c32cc87f7e7bd12d8580eca223447cb3b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 10:34:49 GMT
age
178350
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1405
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 10:34:49 GMT
158fea90027de6aca180d972dec4355b.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/ Frame 8381 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/media/158fea90027de6aca180d972dec4355b.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7441985601152547353/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e455b202cb808e146c24fb917e7a77706d08597a415cb97e1e8b1ded9abc3dc5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 28 Jun 2023 12:15:57 GMT
x-content-type-options
nosniff
age
172282
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40463
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 12:24:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 12:15:57 GMT
7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ Frame A0CB 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:500,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://viewer.louassist.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 19:34:33 GMT
x-content-type-options
nosniff
age
491566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31196
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:43:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 19:34:33 GMT
army.gif
paytolet.com/porpoiseant/ 		0
525 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjM5NDE1MzM2MDYzNzAzOSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTA5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjUxNjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyRPXflZWyqwCd6UHq7Z36t953j6QyLNIrEzlmoru%2FdRv6UZCVjSeCox7iq3Ywl0Igdk9EPUa%2B5TdF6rYDbpyLYkWHLKIp07GmyGPFwaMxfNEFCkL%2FgJz%2FqEImV%2Bnn1C52C5C7ds5dyp3jY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649ce7cb56969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:19 GMT
army.gif
paytolet.com/porpoiseant/ 		0
527 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzc1NTUxMTcxMjY0MzEwNSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTEwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjUxNjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=51DSl9M3IbIc4BPgULsumKt1rvCdU9JapAzmGq%2Fy0fL%2BYR9sEJU8CwbO%2BkFGo8g6%2F4W5e6gz6QjNftpm0%2BvhXqokItOXbxrEHjeN%2BwGLpE%2B%2BV5kcCnI3TiFpLtsg2Zf7ezL9unevUNPU8AE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649ce7cbb6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:18 GMT
army.gif
paytolet.com/porpoiseant/ 		0
529 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODkzOTUwNjI5NDYxNTIwMCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJwYXl0b2xldF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzE2MDAsMTIwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg5Mzk1MDYyOTQ2MTUyMDAiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoicGF5dG9sZXRfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODkzOTUwNjI5NDYxNTIwMCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJwYXl0b2xldF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViZ9xV7B%2FtDuNqDZhovS5CT5gudITR%2FGRI4vG2UHI%2B3JO%2FJ%2F92KixDRDdaza0EyrsG3tMHWyxtvbhz3YCtkU5Wy%2F1NKRCt0jbsUx3ohA%2BZF744y%2FhL%2FYvleHOQkZcGvkhfPn7Rrzzib8y84%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649cf1d616969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:20 GMT
t1670023299_03_640x360p_30Hz_800Kbps_init.mp4
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		844 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_init.mp4
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.85.249 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b785a1faae290046ec03886ff49d7f5e73ea9cf997b58d01cf56dfc2bd4733d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"436ff4809d79f258a4834966b1953077"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pV1kHW%2FYJKvw58h3Mr2jFm%2FOPlGUJJPrzbGEfCorKqh4HS45CBWPm7lhYLWe2p5NGURmQz4ajDFlL4oyaoxFGbqmuTm56o5jshC%2BwOCxtd7AyMO%2FUAoVcYT8HQM0k6EfsuhVmgtF"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
cf-ray
7df649cf2d9b2bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
844
t1670023299_03_640x360p_30Hz_800Kbps_001.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		45 KB
45 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_001.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.85.249 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
571022a6a2f46088a7bf28e19b7743b0e371adf6594ac7746282a35804ac52d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"23746d281a8375e8cbe2d4e24490f4aa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmQEqdJHEnFZnX5yInJpE29LtLcDH8rL9Noqo1d1xW%2FqFyd4wefi8hLBnYPQ4yg%2BMUYnYcQMwMB9mohkNSchEteRC1FSm8Fmc%2BFl%2Fm0yo7D1mlx1XaDIwmAwN34lTXwxDWc3gfJI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649cf2d9d2bbc-FRA
alt-svc
h3=":443"; ma=86400
content-length
45977
AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CbUueFMGJjTiYaaxgrXMtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-CbUueFMGJjTiYaaxgrXMtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paytolet.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
x.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytolet.com
Date
Fri, 30 Jun 2023 12:07:20 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
/
api.louassist.com/v1/assistant/public/session-user/create/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.louassist.com/v1/assistant/public/session-user/create/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://viewer.louassist.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, x-xsrf-token
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://viewer.louassist.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7df649cf991f3764-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 30 Jun 2023 12:07:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRNQ1GG52iBwIfduL6AGFdfCFQ9f%2BnSR2dXhoZoGlgPiT0xWUKyyoU1t%2BDgG661y%2F%2BcvyF9qs5hCMRyfPfH0tUoCOB0rsGZVy7j7BxnlBhentJnUoR%2BJeFV%2FDMxWEmPe9Htk6XujZKxkiH0Ah%2B%2Bgjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin
x-content-type-options
nosniff
/
api.louassist.com/v1/assistant/public/session-user/create/ Frame A0CB 		395 B
983 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.louassist.com/v1/assistant/public/session-user/create/
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/_next/static/chunks/pages/_app-e28c37b611e7818a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c548a2e763b5e91f4490ebc0ddbff76e8e0347e1f7e51f898d59b64654c3adc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://viewer.louassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
395
referrer-policy
same-origin
server
cloudflare
x-frame-options
DENY
vary
Accept, Origin, Cookie
content-type
application/json
access-control-allow-origin
https://viewer.louassist.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SYJ0an%2B190WSpAizw%2BFcSyYN4Cr9hGzR6ngjZzWw1oSn%2FBaXAwBs8ZxF8j13p1J%2BJ6XbhaR4ix2HdYrRn%2B89F2U4JnljSXbrnN1kiV5%2BF1Fl2XQMLmDuPUvUGFNxBJBAzNv1PhMOJepEgF461jpGPA%3D%3D"}],"group":"cf-nel","max_age":604800}
allow
POST, OPTIONS
access-control-allow-credentials
true
cf-ray
7df649d07f7d1daa-FRA
AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
fundingchoicesmessages.google.com/el/ 		0
201 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Vx7cnNFyWagDYqSzUHaS-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Vx7cnNFyWagDYqSzUHaS-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://paytolet.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
fundingchoicesmessages.google.com/el/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxV_m5UvOj-JA-IZqtNetemgK3SRbTVgR6SfKVhN5pEEfH-HVWnBXkEZX3WPLFE4Xdo5Cx_6oaC0PtORpXIuBrGEonh6_nc83taJeigr6DP18b453-uueh6VNEROD35NQsyXB2mPBg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9OejcUtCL-JpW7s7MBb0Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-security-policy
script-src 'report-sample' 'nonce-9OejcUtCL-JpW7s7MBb0Eg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paytolet.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUS1oSNKTY6DRINg5ANJ0478RYGEZv-X-Iv3sYm2oyfJSjiScizS3IXFl6REOuHLCBG-jdHnFBNCb2ZlDw5PJ9Yh6fy3-DitzyxS4dN2j2pPNgyp9okubxJhefzNX0oQONYNDu7yw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUS1oSNKTY6DRINg5ANJ0478RYGEZv-X-Iv3sYm2oyfJSjiScizS3IXFl6REOuHLCBG-jdHnFBNCb2ZlDw5PJ9Yh6fy3-DitzyxS4dN2j2pPNgyp9okubxJhefzNX0oQONYNDu7yw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg4MTI2ODQwLDI4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vcGF5dG9sZXQuY29tL3B1YmxpYy8iLG51bGwsW1s4LCJ1MkN6QTdHeWs0ZyJdLFs5LCJkZSJdLFsxNiwiWzEsMSwxXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
286a6b80b9db922659cea617d11c9dd855b55291c9b0e845ec6171566565f4ff
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Vs6rlFOjT_GuQUhVQ3Vvmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Vs6rlFOjT_GuQUhVQ3Vvmw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=2272910845898559&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=15&adks=4258316528&didk=2639644830&sfv=1-0-40&ris=1&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D6394153360637039%26eid%3D6394153360637039%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1909%26sap%3D1909%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D2%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-3-6394153360637039%26eb_br%3Dc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%26lb%3D120%26reqt%3D1688126840227&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126840299&lmt=1688126840&dlt=1688126834513&idt=860&adxs=675&adys=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x250&msz=250x250&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd23cf4baab2e3415ef0aff32eae32d6131424a582db8ae082bd16798187b48f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
450
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=3398125059820294&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=16&adks=3730846524&didk=1533033682&sfv=1-0-40&ris=1&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D7536534294636650%26eid%3D7536534294636650%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1900%26sap%3D1900%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dpaytolet_com-box-2-7536534294636650%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D50%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%26lb%3D70%26reqt%3D1688126840221&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126840305&lmt=1688126840&dlt=1688126834513&idt=860&adxs=436&adys=157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1600x90&msz=728x90&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77380c7b232eebf5b6b451848bf8531168deb0f579089d2774d2ae5af56b0ba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
444
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=989862126282970&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ifi=17&adks=2888625247&didk=1533032731&sfv=1-0-40&ris=1&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D32787398583637%26eid%3D32787398583637%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpaytolet_com-box-3-32787398583637%26eb_br%3D947f1d5169cc7d0f997560e34838fb04%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D42%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%26lb%3D60%26reqt%3D1688126840289&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126840311&lmt=1688126840&dlt=1688126834513&idt=860&adxs=566&adys=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x60&msz=468x60&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0324766d1d65bc9edea9583b7de3c64ed784234f0e4abd566ae94a2f4b11a8f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
443
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=2058545319071267&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=18&adks=3162661208&didk=2639643799&sfv=1-0-40&ris=1&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D687389980650716%26eid%3D687389980650716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-2-687389980650716%26eb_br%3D947f1d5169cc7d0f997560e34838fb04%26eba%3D1%26asau%3D8408181829%26bv%3D18%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D42%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%26lb%3D60%26reqt%3D1688126840236&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126840315&lmt=1688126840&dlt=1688126834513&idt=860&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2f372e39f91816bc7182f009db910d7a200baf53282bc416af7aca6aa89ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
450
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_init.mp4
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		826 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_init.mp4
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d19c630e5fb5a45be9e0c1d262baf87b86143bd4d04352f328c05e06bbc9d454

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"250ed3a014deeebf920cf4f9d78f9d7e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJoc%2FaCdPGHDaSThwHs5XuIRxGUS1FSYPe%2FB2NmRYMSsaNrEoy1LunGpIUqmsQD03ZoqIWj2ueyARd3WB3nK8Ho1yiSWQgMW4LKTd922%2F%2B5ySDjS6ArmCZA%2BRExCV%2B0Uie6NVfhnYmL%2Fj%2FY08JARs8h0"}],"group":"cf-nel","max_age":604800}
content-type
video/mp4
access-control-allow-origin
*
cf-ray
7df649d00ab41989-FRA
alt-svc
h3=":443"; ma=86400
content-length
826
audio_001.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		41 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_001.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
885bbff6750a9a8ae2133f6971bbf5d997b7c767596ae3055e50b8bb6775c461

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"20ff89b4dc37a6c1f13eba30f5466ebd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hjrEYa9oUEjJw3PGboVjBAz7nBEZDGkt6XGpSlFj1X7Whzc1tTegZKoN8B%2BFEh1SaJo8pf6eMTiNRUJ2nByXdBVMuEyCCDpKn9BlmR8wHUTntMoLKTjLQ5Uya6SU%2B9mi7vL%2FVftGJsOs0GbGqeUHncq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649d00ab61989-FRA
alt-svc
h3=":443"; ma=86400
content-length
41881
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 8381 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 20:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
54798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jun 2024 20:54:02 GMT
AGSKWxWdhXD5RUeyq1GrJ1j9wsrlaiUQzVAamMZXVl5ZlgsrIsOBf5HxahUVndBs8-aYLScVCkERaoXIA4Y3ITIX2bb8TtJCmB00HYtmp29pge8jZs7e0MAgeNp4N-okWKbmpGLn854R4w==
fundingchoicesmessages.google.com/el/ 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWdhXD5RUeyq1GrJ1j9wsrlaiUQzVAamMZXVl5ZlgsrIsOBf5HxahUVndBs8-aYLScVCkERaoXIA4Y3ITIX2bb8TtJCmB00HYtmp29pge8jZs7e0MAgeNp4N-okWKbmpGLn854R4w==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.u2CzA7Gyk4g.es5.O/d=1/rs=AJlcJMznCcVeRD0HZ6JHWF9rLaTFeQPI7g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6Z-8LwPT72wqUAQ4P0yQyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6Z-8LwPT72wqUAQ4P0yQyQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://paytolet.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
track.php
t.adline.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.adline.com/track.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f9:6a:18ae::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.30
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paytolet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Jun 2023 12:07:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.30
X-XSS-Protection
1; mode=block
track.php
t.adline.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://t.adline.com/track.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f9:6a:18ae::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.30
Resource Hash
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://paytolet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 30 Jun 2023 12:07:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Powered-By
PHP/7.4.30
X-XSS-Protection
1; mode=block
greenoaks.gif
paytolet.com/detroitchicago/ 		0
517 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoiaXNfYWRfYmxvY2tlZCIsInZhbCI6ImZhbHNlIn1dfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fq86CVDsf2Rw3jgSbXLstItZQgVWjWLbMwpfw9pwebvd2ectI624H265xWhyZAsQlPmzGhxJTpI6ZyjhIOMTqaCzJ5A9yFAR5imGk%2B2LGjqtCsOKm5kqt4wDfmol4sLfmWjGy2BkTl72Vow%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649d04e986969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:20 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=A999AE30A2064AD3A5569C2901E2E9DE&RedC=c.clarity.ms&MXFR=1CD170DAB627607E01C2639AB2276EF9
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A999AE30A2064AD3A5569C2901E2E9DE&MUID=1C29AC446E666A481DE4BF046F666B96
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A999AE30A2064AD3A5569C2901E2E9DE&MUID=1C29AC446E666A481DE4BF046F666B96
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:19 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:20 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B522DA0CAE764CC780F5ABBBAEB96567 Ref B: FRAEDGE1915 Ref C: 2023-06-30T12:07:20Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=A999AE30A2064AD3A5569C2901E2E9DE&MUID=1C29AC446E666A481DE4BF046F666B96
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306270101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b3a5919eb1fbb5c8be98ef552cc142a246ac357ad166129fd76b73f6f6d2b44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11188
x-xss-protection
0
track.php
t.adline.com/ 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.adline.com/track.php
Requested by
Host: prod.api.adline.com
URL: https://prod.api.adline.com/api/cpa?key=UID-tfkdnEFrHfZMEYSK7RV8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f9:6a:18ae::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/json

Response headers

Date
Fri, 30 Jun 2023 12:07:20 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
PHP/7.4.30
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
X-XSS-Protection
1; mode=block
track.php
t.adline.com/ 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.adline.com/track.php
Requested by
Host: prod.api.adline.com
URL: https://prod.api.adline.com/api/cpa?key=UID-tfkdnEFrHfZMEYSK7RV8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f9:6a:18ae::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) / PHP/7.4.30
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-type
application/json

Response headers

Date
Fri, 30 Jun 2023 12:07:20 GMT
Content-Encoding
gzip
Server
nginx/1.18.0 (Ubuntu)
X-Powered-By
PHP/7.4.30
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
*
X-XSS-Protection
1; mode=block
1606502636363580
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1606502636363580?v=2.9.110&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
93234d434a08c48282913495505bb97a3f304122fb9432e528d0da9069718675
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 30 Jun 2023 12:07:20 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
NrISqRNuftnJa8kumT2aP3i0RskWYKBcogsySMk4N278Kik8Sa4ll3zFro/IfjcJxBLZqRwAAJycqVW4mB43JQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
__ptq.gif
track.hubspot.com/ 		45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2241961375&v=1.1&a=21342073&rcu=https%3A%2F%2Fpaytolet.com%2Fpublic&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&t=PaytoLet+-+Search+Engine+For+Real+Estate&cts=1688126840382&vi=cb7cef7282af4d66b3b63186f9c3bac1&nc=false&u=243081629.cb7cef7282af4d66b3b63186f9c3bac1.1688126835997.1688126835997.1688126835997.1&b=243081629.2.1688126835997&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.154.83 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name
envoyset-translator
x-hubspot-correlation-id
bb8bb94f-16e9-4ceb-8b04-aee400713b06
p3p
CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time
4
alt-svc
h3=":443"; ma=86400
content-length
45
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
bb8bb94f-16e9-4ceb-8b04-aee400713b06
server
cloudflare
vary
origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5DGt7UQU%2Bh11w%2BVlIV1bnbnI%2F4t1%2Bn28KZAdzsfax35huKkPIxR4dy%2BfqwFhUhniLxO25U0l8A2dxYS8hMxYOjBylFQmIfsKmMNbZoIXah7KZ3TYZjMK7r6GFz5yFdJwdrN"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-evy-trace-served-by-pod
iad02/analytics-tracking-td/envoy-proxy-5f6448c676-kn6mk
x-evy-trace-virtual-host
all
cache-control
no-cache, no-store, no-transform
access-control-allow-credentials
false
cf-ray
7df649d07acc9a12-FRA
x-robots-tag
none
rum
paytolet.com/cdn-cgi/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paytolet.com/public/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://paytolet.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7df649d09ef66969-FRA
rum
paytolet.com/cdn-cgi/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paytolet.com/public/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type
application/json

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://paytolet.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
7df649d09ef96969-FRA
RQ1d9JbU5xk969Y
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7df649b54db59957/1688126838075/ Frame F289 		61 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7df649b54db59957/1688126838075/RQ1d9JbU5xk969Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
573c36d7ad452885cbda19890e57dc7438cfa4ba7ff1d42f34f2750fb31a323d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
server
cloudflare
cf-ray
7df649d13cc59957-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 30 Jun 2023 12:07:20 GMT
6bZqN8E7z5X4tLI
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df649b54db59957/1688126838075/474b7329e4e2261578ead35a58f35a510eaeb0f05aa60502b8e8ea1ca86c6007/ Frame F289 		1 B
556 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df649b54db59957/1688126838075/474b7329e4e2261578ead35a58f35a510eaeb0f05aa60502b8e8ea1ca86c6007/6bZqN8E7z5X4tLI
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df649b54db59957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gR0tzKeTiJhV46tNaWPNaUQ6usPBapgUCuOjqHKhsYAcAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA0bRUcGKklfQeNNxvLFfJ4GD9tdPPxSZwJ3XYP4G2zG8DKRLBpv9Kj6N67az3XmlVlx2R0rqjt4_1YNpJnMYvq8Tp2DUxYs4U3kFA6Rbb5cTRT5nIFp10SdDKx5oEUlr5_2lhwjOJ7UX343zafxxxRigli14tfc_MdARtiZxdmy5Dm9rRf5nwlBmsWaAX3v0Uhsdw1FWqbl23kbspqAsOrzkVf57FQWXyec-WMgVpWqs6qqDPPZHzvx68neq0a7QsWfGKjfhMa9dgQCoTvz166RVORThwNko0-5Z2XOaYQhFc0ojy9K4Ht4LY-qcayfQ4DfX7RfkQ4SUsGK-uOfhA7wIDAQAB, max-age=20
server
cloudflare
cf-ray
7df649d1bd819957-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1606502636363580&ev=Lead&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rl=&if=false&ts=1688126840603&sw=1600&sh=1200&ud[external_id]=cb7cef7282af4d66b3b63186f9c3bac1&v=2.9.110&r=stable&ec=1&o=30&fbp=fb.1.1688126838068.1303914129&cs_est=true&est_source=359118539547220&it=1688126837518&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Jun 2023 12:07:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1606502636363580&ev=PageView&dl=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rl=&if=false&ts=1688126840604&sw=1600&sh=1200&ud[external_id]=cb7cef7282af4d66b3b63186f9c3bac1&v=2.9.110&r=stable&ec=0&o=30&fbp=fb.1.1688126838068.1303914129&cs_est=true&it=1688126837518&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 30 Jun 2023 12:07:20 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3EDA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
10428
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 09:13:32 GMT
expires
Sat, 29 Jun 2024 09:13:32 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CAB7 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
631fedeea37eaceb5603d242236c244723cdf602035eefb5a638ebd73cc57235
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LQmYPoFesXJXZR2FBDWISA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-LQmYPoFesXJXZR2FBDWISA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:20 GMT
expires
Fri, 30 Jun 2023 12:07:20 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame CAB7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306270101&jk=2148447624948998&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 3EDA 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 20:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
54798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jun 2024 20:54:02 GMT
audio_002.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_002.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dc2d7913ab3437dcff658079a24f0dc2e0a9c890b8e5d80d7a9d9dded24da25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6bae75f16b883844aa0c475bcd1d458e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KcP78oKY8iYaMZD%2F1Ig0DRc5I%2BA%2FutjYOwELVNF%2BHRDWIQeinob5bYnz18p6Q7uNLU%2FbSdYnVadb5vQqE3kYTtXjYm1ef5h2Q69krBx6eiacJf%2FgOvbE99CwdbGwci6huttNv1tnIo0nQUkuFxemrUFu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649d30e261989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40656
/
api.louassist.com/v1/assistant/public/company/289340402156/workflows/ Frame A0CB 		274 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.louassist.com/v1/assistant/public/company/289340402156/workflows/?location=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&referrer=null&hostname=paytolet.com&environment=undefined&tracked_user_id=251606601495853418732343&window_width=1600
Requested by
Host: viewer.louassist.com
URL: https://viewer.louassist.com/_next/static/chunks/pages/_app-e28c37b611e7818a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:22b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9afa865b85cdddc7c4abb660b1578f8eeb1fa66c0594c56b93af2df63f6bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://viewer.louassist.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
referrer-policy
same-origin
server
cloudflare
x-frame-options
DENY
vary
Accept, Origin, Cookie
content-type
application/json
access-control-allow-origin
https://viewer.louassist.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBE8m1cd2xXD6g9WFsbHuV%2BYvn23NdUTnvgvXiRExpQVE2ACg9QEvEqzst2DoWFVyhdzhFjK%2BBEB8wlvCZ28ovwQ9dGq2GTnsxDOgBhSEEBN1FdXdrw2oN4Rwvvy%2FYY%2BG2%2FK0YmB4gcuh20h%2BLvLvg%3D%3D"}],"group":"cf-nel","max_age":604800}
allow
GET, HEAD, OPTIONS
access-control-allow-credentials
true
cf-ray
7df649d39e953764-FRA
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=G-EZWW9JQPLY&v=3&t=t&pid=1962829956&cv=1&rv=36s0&tc=11&es=1&e=gtm.load&eid=31&u=AgAAAAAAAAAAACA&h=Ag&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:20 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 3EDA 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?e3y1Nw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaytolet.com%2F&domain=paytolet.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://paytolet.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 30 Jun 2023 12:07:20 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
192282
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/ 		66 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://paytolet.com/public/&tl=https://paytolet.com/public/&nf=0&rt=true&v=7.46.0&av=2.0&vg=epbjs&us_privacy=1---&am=null&gdpr=0&gdpr_consent=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62011d9efe150848f9c48be56a7e3e2046690df06b050d33afaf5ceb39a6a3f2

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJk2wVJg07sSCpuvTGHUIXA9YMCW1wjwbqbW8u%2BiqtkxZBroQ21blitSrs%2BKM1qym4U8%2B%2FNIwcz9XqHAsWwHYAOLxRX3P6KgdCYYtp6hijzw17QqxC%2FtPj3FUKW3%2BF2o7zj0xb3YwBIKAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://paytolet.com
access-control-allow-credentials
true
cf-ray
7df649d4ffe55bf1-FRA
alt-svc
h3=":443"; ma=86400
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpaytolet.com%2F&domain=paytolet.com&cw=1&pbt=1&lsw=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:20 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
162655
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		141 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=524&_it=prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7df649d4ea7f03ec-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/ 		135 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ 		43 B
313 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id?us_privacy=1---
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.229.177 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-229-177.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:21 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://paytolet.com
cache-control
no-cache
x-server
10.45.9.192
access-control-allow-credentials
true
content-length
43
expires
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
counters.gif
forms.hsforms.com/embed/v3/ 		35 B
983 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=1
Requested by
Host: js.hscollectedforms.net
URL: https://js.hscollectedforms.net/collectedforms.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:d2f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:07:21 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
CF-Cache-Status
DYNAMIC
x-evy-trace-route-service-name
envoyset-translator
X-HubSpot-Correlation-Id
2d0fad69-c787-4b8f-8a75-d69afd1075cc
x-envoy-upstream-service-time
1
Connection
keep-alive
alt-svc
h3=":443"; ma=86400
Content-Length
35
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-listener
listener_https
x-request-id
2d0fad69-c787-4b8f-8a75-d69afd1075cc
Server
cloudflare
X-Trace
2B799ECFD209C0842F3306B8C380B7E5EC26D16468000000000000000000
Vary
origin
Content-Type
image/gif
x-evy-trace-virtual-host
all
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-759c64d45c-cxrpn
Access-Control-Expose-Headers
X-Origin-Hublet
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
false
X-Robots-Tag
none
CF-RAY
7df649d6ff5739da-FRA
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.118 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533569.ip-162-19-138.eu
Software
/
Resource Hash
a09795df538fb1604a052b02322e57199ad9e5faee6b3539d1963bd72fe2a474
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
/
www.facebook.com/tr/ Frame 99D0 		0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://paytolet.com
Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://paytolet.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:21 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
677 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=674173503077194&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D72c13a89ac876aaffdde39253459460b%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126841171&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td6_tt1_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_003.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		39 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_003.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
296a4a9067e880f8e4901d242623d6347999bd08eedec9ae2e815666e62a7132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d1b601fe544655eb9310de7dffdb7568"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UuitZuKqi9UqHtckk3qbaLShsVDa0dLuV0EgK9joFUP8i5Zaah4Vw6%2FbYj8vXYKXWXDtrUendsJwgvp6%2BOJPpedo%2BtW87ymFGo%2Fnq37oZ8EyNCBWvW1Kzrk9z2vE%2FfnIF1Nf4mQB4Xcjt3z%2BwqeSIo%2FS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649d569001989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40225
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=1364898464331558&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=19&adks=1957513018&didk=3512010702&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D8292738108625282%26eid%3D8292738108625282%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpaytolet_com-edge-1-8292738108625282%26eb_br%3D8c5ffefb122f59a66a8b7672d4452af2%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D36%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D50%26reqt%3D1688126840164&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126841194&lmt=1688126841&dlt=1688126834513&idt=860&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a2f58d55fe473470743407188141b593fcbc6ef25cd0063c95b5a7674d724b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
445
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
457.json
id5-sync.com/g/v2/ 		241 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-3-57
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
2c7260005e7957be930ec46d8833e473936e9bcf8c2df8e58ecade54cee0e147
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://paytolet.com
date
Fri, 30 Jun 2023 12:07:21 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=586315454794675&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=20&adks=1754540039&didk=3512041317&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D4803436408596716%26eid%3D4803436408596716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpaytolet_com-edge-2-4803436408596716%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%26lb%3D70%26reqt%3D1688126840213&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126841277&lmt=1688126841&dlt=1688126834513&idt=860&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31bda9ed720673d9ea21b02158c24dc1b303d498916a31d7d454a174dbb016a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
447
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_002.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		39 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_002.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5326b5e0caa2f53e51b1d785547b5a7df55ae7cd8f3cc5983c183ea2c99a5cf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"175333dd9deb65a3b5798f4e73b7c2ca"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbUoM%2FDHOI%2BvCen7XjQOwVy6DFqk%2B1rUQLLw%2FpCMb78WUs%2F1AQMe2H0c9VoYhl63Ntk%2BKTVgnMeYMRuyvMV39U1BP3%2BxGJUTunTo6r4vnBrEqCnaoXYTyDBOf5ypJgdGCJDzTUquT6iNXamErs8xziH3"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649d629e61989-FRA
alt-svc
h3=":443"; ma=86400
content-length
39592
collect
x.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytolet.com
Date
Fri, 30 Jun 2023 12:07:21 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
audio_004.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_004.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9a9abcd021d8b513bbee748d48743abaeef94ab5aeb85c5c7b8062220cf3db0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d6a26718ade6d9407db54e551dcefb64"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNXxcI2NHb3ev36Cr6F%2FexJvP8RS7QRhDTNF8o3%2BRUvCkGtsC%2BMo93iAepa9Qy5HzUdMrMXavB8MwTCFKuK%2FtImbqYi1EKCI%2BP1xAj2dkVsTsnsYasCfHqN9E4o489cIZ7OWvFXiGUOYGcuHVgAk2waO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649d73b621989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40749
be73c656997f045
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/171376440:1688123140:8e6SwgpHl273PObkHdOJ8JQ4de81lb98vQ7I9W3omZo/7df649b54db59957/ Frame F289 		928 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/171376440:1688123140:8e6SwgpHl273PObkHdOJ8JQ4de81lb98vQ7I9W3omZo/7df649b54db59957/be73c656997f045
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df649b54db59957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8163443f02fe88dcf2d1b83494e641519f786f5f1a839b80234b54b1541f9d80

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
be73c656997f045
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
XkI8MWK4QHYm9Fpb2eQY8NgqRRschnqcdrOnW4v8HV/FEmBIPH6eHvlFcXiF2giSxAsSWOEpd1wWVOcdGEq4XhSTg6RE/Z7pET0cVBLZ8BI=$OUXzE7L5R0yIHnoRlZAaVg==
cf-chl-out-s
qw965C3EXip3WPnbmiuX7dbHYMfB6TC54gE/enDpS5tTa9FH4ugGYemE//QI2IMAamgdBCVJZ5ob1GtE4o1DTM9ftxt5vAZON+5KCg25brUCI+O3IOnioCbzPYfLLb9J4cpNJEWYltcAtpzUHyGF/TU9QVNJphAfqBh3mysjiYeVxP6aQ0jvV+tuBJGRi8kjI/WRmjZx95HbmxKTcVp17BtQe3Y1cxo8+cMff4j2Nsc7r1SJYOyIlcHLcVtgRXDqkPr5woZfRRbmnFXTVFYIa8vx2USsrrzp/Vaie0VwnSuLqkkMXLiwa45dbB3SInUp7wuXCxczPePKKkYlT8tZ8W/ow8P5gifqtleM7i/Zg2/27qSqUSHmwcmBQiraiHfT/q/mQQZdvIQWZjEF0vrJBLeR5wdu+ONIHYQCvyz3aFJsJE8ko+He5+LBRW6YjqNSm+wz1rCd6HclDW6PVp3UxUxM4gIFvWMzH9Mtm7oDLgbepbgaDF8yafqpwGalsIuIKKSOS379O6oFYL5jcp5S3J3FTTz2V+DANbbZPFVS8xQ=$KJDAAhnPl4k6yas5zK8f1A==
date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7df649d81e259957-FRA
alt-svc
h3=":443"; ma=86400
t1670023299_03_640x360p_30Hz_800Kbps_003.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		28 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_003.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
071fc5fc583c012026313105447a6c64b94850365d8c2df56c72403ca4906401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"85c60ec32a5c5040591476a542348b24"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd%2F5acOQ%2BEhgD%2BC6sK%2F%2BbsaOw9CKulVMYlYpa5qUH3jWj1ywDLgLf1zsOavYyOoSzP2PKh6oCTydAPSfH8gxXztC%2FM%2BwxYWh7zuJHT2E2qfux1mpELyNemQVa9LIj%2FUn8bJYH8a5mybHRtWz4iFIeLMD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649d85c6d1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
28551
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306270101&jk=2148447624948998&bg=!np2lncnNAAb90kgr3dI7ADkAdvg8Wof5jjkmyjQOxbyosHbPLA3WRWAJro1PKBwXU8eqMiud8MbTj9SuoyZA_SAcoxo4QUB8WzQCAAABBVIAAAADaAEHmQKj1qeTjsQsP9zMjPPIJ5PdD8SRzKJwxp1lj_Gi2PX5spblEsWat6AjwgLLg2d34ZVtR6b21YkJwt5FTCh3wHKVPBIEf8ITr8PKZyMbmO_By_kLswJQMTFEohCVSxDQJgJ-fKYlTcqsKY_qH43T99tdeCDFUo8ICYKwS8nsMf4IQTMytPl3_GYDjxvVIaZs1d6lP3uClMvFKZ_NnwYjd3EoyzmUdx5ERrb3SSo0qhbbtoZp1Evvtp9cY1FbSAHxX-IFH34U28vPOxLTr5gELHyEi2IBGpFr7LyW6HYEvF_5t7nBP-iCkVojSVX8Bdk7YgcjY8Z2ewkKFT6XtX_syRuhweqFr4tTxSmAgAZxmIZqj5Gx41pCPfZreoxi26Gp2br52Afn-9KW0qWnLjHdN2akBxY5szWuDK2NFMAnMGwPZddtUfJo77Ir8KwkaXo_IZlGsBMXhqeEq-vMpBpmyLPfUzvdUXACCoiZ5SvMpZWBsNHlOefgqTFKg1MFHuwV5UgsB7_wm75iTZkTCAF72u9NVu2Y6l5lis79B9p0Ed7F6jrYiOEAGdikbBDQm4uwJxRoGEWnm_pttzRnd3KLf41K6YAY2YphsdVWXmB2PDHdezn4UNFNJSmyo3U9PRyk7Yn8B6OQb1FDtjxWBfy55581t1b7ZIAgaFeAWvkVkyO648N3lC02SzzU27p8nYAK-x71ZtFwQquL9Fm-IF_pmx74pRzSDo95jl_Di8I2eKVWjuFJNVdT4Y5_cbzogBfis3iz30Wx48TQWBq-pABCI-IOtvOfR6rlspx-oESoKiWeD0No1vMHUWA5o5K6YuSXFIEcY5BTjqNDZl15vpgP1_tOANQoZ13NI8JHXanAnRxWaTUGvn_BBitP-wzTwrca-xF29X0c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame CCEF 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ljij4th3&c=7638486182389&slotId=3819243091194.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::78 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=674173503077194&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D04b5efc3207e2390972f099a6a3c4757%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126841774&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td7_tt2_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=590586006862585&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=21&adks=1957513018&didk=3512010702&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D8292738108625282%26eid%3D8292738108625282%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D4%26at%3Dmbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpaytolet_com-edge-1-8292738108625282%26eb_br%3D1e913e99b80640fd5b86a539e5b97c94%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D22%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D36%26reqt%3D1688126841779&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126841786&lmt=1688126841&dlt=1688126834513&idt=860&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55aced9202fd7bfdbb7205ce2d4332e6e6cbc461d286ecef6e72144296bcede9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
447
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=2933619802563713&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=22&adks=1754540039&didk=3512041317&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D4803436408596716%26eid%3D4803436408596716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D4%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpaytolet_com-edge-2-4803436408596716%26eb_br%3D54d0fa6d5f6aabe7623cb24faa42a441%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D30%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%2C19%2C2610%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D50%26reqt%3D1688126841806&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126841813&lmt=1688126841&dlt=1688126834513&idt=860&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22d56d68f472c6bfa4fe7d320e054f1c15bd450427e6bb9ccafa6d5600b8404c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
444
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=2034799005800797&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=23&adks=4258316528&didk=2639644830&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D6394153360637039%26eid%3D6394153360637039%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1909%26sap%3D1909%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D3%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-3-6394153360637039%26eb_br%3D947f1d5169cc7d0f997560e34838fb04%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D42%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%26lb%3D60%26reqt%3D1688126840810&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126841835&lmt=1688126841&dlt=1688126834513&idt=860&adxs=675&adys=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x250&msz=250x250&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
764daba9d077be1ec3afc89a7570452b53db831586cf5b3d384b98627fcead3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
450
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
474 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=636316891669666&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ifi=24&adks=2888625247&didk=1533032731&sfv=1-0-40&ris=2&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D32787398583637%26eid%3D32787398583637%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D4%26at%3Dmbf%26adr%3D398%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpaytolet_com-box-3-32787398583637%26eb_br%3Dbf9a045b836005b6c23b7b0749249612%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D26%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D42%26reqt%3D1688126840830&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126841851&lmt=1688126841&dlt=1688126834513&idt=860&adxs=566&adys=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x60&msz=468x60&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0ca0f63e3aeeca7a7540839800817fcb6297056f8e9d749ae6d08c1d31aac62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
444
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		124 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=3051100904246609&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=25&adks=3162661208&didk=2639643799&sfv=1-0-40&ris=2&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D687389980650716%26eid%3D687389980650716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D4%26at%3Dmbf%26adr%3D398%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-2-687389980650716%26eb_br%3Dbf9a045b836005b6c23b7b0749249612%26eba%3D1%26asau%3D8408181829%26bv%3D18%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D26%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D42%26reqt%3D1688126840831&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126841855&lmt=1688126841&dlt=1688126834513&idt=860&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
420c9aa5ba3f2310b18861dbde9ebbe4ec968d0d412cea8d588b96c558796ae3
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPHz_8X66v8CFYwEBgAdULoCGQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16346139938887045070/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPHz_8X66v8CFYwEBgAdULoCGQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/16346139938887045070/index.html
date
Fri, 30 Jun 2023 12:07:22 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47071
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		128 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=3480428835641307&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=26&adks=3730846524&didk=1533033682&sfv=1-0-40&ris=2&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D7536534294636650%26eid%3D7536534294636650%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1900%26sap%3D1900%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D4%26at%3Dmbf%26adr%3D398%26ezosn%3D8%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dpaytolet_com-box-2-7536534294636650%26eb_br%3D54d0fa6d5f6aabe7623cb24faa42a441%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D30%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%2C19%2C2610%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D50%26reqt%3D1688126840829&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126841858&lmt=1688126841&dlt=1688126834513&idt=860&adxs=436&adys=157&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1600x90&msz=728x90&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b7d7eac540f5ebaf57dfca4ab6f72e3ff91d2fd6d7b0077d89524609d16bb6ce
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvT_sX66v8CFZLhUQod0-UH-w&gqi=&layout=/sadbundle/%24csp%253Der3%24/16346139938887045070/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COvT_sX66v8CFZLhUQod0-UH-w&gqi=&layout=/sadbundle/%24csp%253Der3%24/16346139938887045070/index.html
date
Fri, 30 Jun 2023 12:07:22 GMT
x-content-type-options
nosniff
content-encoding
br
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48114
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_005.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_005.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78514976870261c76f300b603d0c51689f2c79bb86f2b4021ab0e2161e7bc7de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f0e409a820e1a1f84a21d692739b3383"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SdsSXGKQ%2Bz16xTc1gDLvxj1dJVSH3hF8U%2Blyp51kIdpjLbvFiAmVSWC0QO761YsDGGC55IY6acUW9%2Fv1K9PRqPtG6rMekKrDC1gsp0k1RIb4GfeE8kmUbolN%2BFYI0LOS1ivaJzQNP7kv39S32Tjcm9rY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649d9be311989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40808
grapefruit.gif
paytolet.com/detroitchicago/ 		0
517 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/grapefruit.gif?orig=0&v=W3sidHlwZSI6InZpZGVvIiwidmlkZW9faW1wcmVzc2lvbl9pZCI6ImExZmI1NzI3LTBkY2YtNDM5Mi04ODg2LTc2MWYwZjdhZTE5MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImRhdGEiOlt7Im5hbWUiOiJ2aWRlb19zdGFydCIsInZhbCI6IjIwMjMtMDYtMzAgMTI6MDc6MTkifV19LHsidHlwZSI6InZpZGVvIiwidmlkZW9faW1wcmVzc2lvbl9pZCI6ImExZmI1NzI3LTBkY2YtNDM5Mi04ODg2LTc2MWYwZjdhZTE5MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWRfc3RhcnQiLCJ2YWwiOiIxIn1dfSx7InR5cGUiOiJ2aWRlbyIsInZpZGVvX2ltcHJlc3Npb25faWQiOiJhMWZiNTcyNy0wZGNmLTQzOTItODg4Ni03NjFmMGY3YWUxOTIiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoiaGVhcmRfc3RhcnQiLCJ2YWwiOiIwIn1dfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:21 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x09fbKWg9BhKFcDdY9Rroetyr9fOxsO8qbkOM8sfqFM08yUUTjuje7duZxH%2Fg%2BOrgLfWUH9bE2I4r79gOefR7h7FqrVoV0T758%2FnwbSHp0xdKH9ox7Y5IIpy8sVHaas7sJsAa5sGg8lPiAo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649d9c9716969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:22 GMT
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=2&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=856537338&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126842%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120722%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126842&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:22 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:22 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:22 GMT
csi
csi.gstatic.com/ Frame CCEF 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ljij4vid&c=7638486182389&slotId=3819243091194.5&ghmsh_eids=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::78 , Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:22 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=674173503077194&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D736e09a0771285737509ab8954c475a7%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126842275&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td7_tt2_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_004.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		21 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_004.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fb318fe9b32965452a18821046f66dc35ae13d2ed6f7a5ecd7b8a4063cb61fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"dd2474ffb04c32ca17a02465b3c035c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z99yBi7glqs8vHqAPqcSquUJpYYhyWDEfKeOUugpedmw7iZP0Na%2FUeFZzD9NGXaZjhPi8LJpBJsfDAJtIJZf9XDKhgr5lSqciGwagF7BOb%2BH0f6lnrvJwjLSd36vUAc4HgtoQV%2BVQtsYs%2FQUn74K%2Bn58"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649dc39a31989-FRA
alt-svc
h3=":443"; ma=86400
content-length
21907
container.html
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 42F9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:16 GMT
expires
Sat, 29 Jun 2024 12:07:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B46 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:16 GMT
expires
Sat, 29 Jun 2024 12:07:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
paytolet.com/porpoiseant/ 		0
529 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY4NzM4OTk4MDY1MDcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImJmOWEwNDViODM2MDA1YjZjMjNiN2IwNzQ5MjQ5NjEyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2ODczODk5ODA2NTA3MTYiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDI2LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMjYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDQyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ0ODMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY4NzM4OTk4MDY1MDcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FMGu7Ezw20b6lyPqsWx4jWtDCjZo4%2FDTTxTDj6eCbB%2BE1%2B8V9o8a3d27ftFpGK3%2FxrpUUjdJSE4anUUvvlMA6vYR%2BLRM9G9%2F2LHp2%2FSR71esPxxGaTrhL21hqHqj7onSGqKPeWp%2FcCM4GYc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649dc9d356969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:22 GMT
army.gif
paytolet.com/porpoiseant/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wNi0zMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjEyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjUifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7cfDocjVNNJsQnLrJi%2BrxWFUgSnLgh35fjQ5yS9s9khDl1i5kObYozRWRemyAIP7EuFQHX439yP1%2FL7bnxsfey8XQGMSJpAt45IjE%2F48lQr49z5OT4wxdHvULDVoq3M8RCGHcqIRULqQj4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649dc9d3b6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:22 GMT
army.gif
paytolet.com/porpoiseant/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhdWN0aW9uX2Vwb2NoIjoxNjg4MTI2ODQyLCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImJpZF9mbG9vcl9pbml0aWFsIjoxMjAsImJpZF9mbG9vcl9wcmV2Ijo0MiwiYmlkX2Zsb29yX2ZpbGxlZCI6MjYsImF1Y3Rpb25fY291bnQiOjQsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjQ1NSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjoyODY4NzI3NH1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDjdtmzRBzyAVj3T1npmaeltZtrWlfylOhu1WC6svsx4wI3mYboFHfhQGwexXKMzVSnlMWwOZEU9Ow2LPQ4jIUCxr0V5f3v42ApFwDVge%2B57hjpU%2B1mbQj42VTSyVr%2Fb%2BsDPoCht3hlJE5c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649dcad416969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:22 GMT
army.gif
paytolet.com/porpoiseant/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTM2NTM0Mjk0NjM2NjUwIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiNTRkMGZhNmQ1ZjZhYWJlNzYyM2NiMjRmYWE0MmE0NDEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijc1MzY1MzQyOTQ2MzY2NTAiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDMsImFkX3Bvc2l0aW9uIjoxOTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAzLCJiaWRfZmxvb3JfcHJldiI6MC4wMDA1LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTg4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3NTM2NTM0Mjk0NjM2NjUwIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTkwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T8QqgH14yhMhfzzcaNX1HHV6TaWMQT0%2FkjnoTJVLc6tErQMr1rHHYkKYi1ODYxXpJBIcgZ3Sn3LDr%2FBbHxNLVux20EtSQdbz4jarjI5188zSA5IaxoGzvun4%2F%2FtkEkUKOcxwf5Ukg0Vk3HQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649dcad586969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:23 GMT
army.gif
paytolet.com/porpoiseant/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDYtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27tZ0XBCiII%2FYQX8tPu8fIvPdm4N5JFAF4eX4jAeD%2F2h%2FlepEvQqTUgPxWrXvqKgyiEfLhveHK440xsnFtUIGzJS7co6ifgE1xgC3JcFHUVlCvgjuNdvBnQ0c3TNWUYH9hpawIqG2%2Boc20s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649dcad5a6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:20 GMT
army.gif
paytolet.com/porpoiseant/ 		0
520 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYXVjdGlvbl9lcG9jaCI6MTY4ODEyNjg0MiwiYWRfcG9zaXRpb24iOjE5MDAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTQwLCJiaWRfZmxvb3JfcHJldiI6NTAsImJpZF9mbG9vcl9maWxsZWQiOjMwLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0NjQsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QDNiTPTmbUCUnyCqrH40y%2Bh43ELiecsNmEX9lLbLaK1RwMMPftihqPpHSpSEXXh51EtYJkifjnCJltc5n2DKZhyidFmJZKwc9qyG31qWMK%2FMe%2BOYG3fx85CJ4mslQSrqmnVcvH69JgKBwvs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649dcad5c6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:22 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		151 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0bbeea353baa206119b544cd5ef1972b620a3ebb99fc0253adc27e19d6bab9c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
508842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21880
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Jun 2023 14:46:40 GMT
expires
Sun, 23 Jun 2024 14:46:40 GMT
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 42F9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CabTFecWeZLHTOYyJmLAP0PSKyAH_j6Kcce6k2JumEK_I2q6VDhABIPT5xiVgleqzgsAHoAGl4IzcA8gBCakC2FikVXE8sj7gAgCoAwHIA0iqBIICT9DWtHM97cRLKvNNIozihXaESU4HhONwN8Qb5uUrt_M2VcNpKqPRoVrJkaeoNLGkyCTpBtJ3ivWDnGvUe25Tlcxcn8iKJREDZh3RVuDzx4tISCQBo0T4zAamPpSXtBj_nU9BhTlqs-DafhVl4GgCDOUon13zNaerZdgR2eAqzy-YiAxTZwAO7S5R2-OVBBl7A9Jqm48vSD45NSqJPPr1JPcMbBNzULTgDv1h5gz6lu296CF5I-B5-SwMryYC_I0Gk2Dio7mqREe5JHrnnReO8Zr0fueVKKq7QPP7w1URh-nhYjZMMitOqBcRFCrAG71-Te8O0mkiDBhFMMp7ebPWC9TKwASQwIbtoATgBAGSBQQIBBgBkgUECAUYBKAGLoAHs5GrKKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIf3D9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItMTk2NjcyMTE5MjcwOTYwNhi-yQc&sigh=G6l61XIkYDo&uach_m=[UACH]&cid=CAQSOwBygQiDnvpbwFgbRgFZsSlYODs6ms_fTUDstRVjiWyRtQU_Ym0iP74sc5pQqvisNmFoEDH22L0jCuR6GAE&template_id=419
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 42F9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
10686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 09:09:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 42F9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 08:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
11507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 08:55:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 42F9 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
65823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:19 GMT
audio_006.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_006.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48df8f6ca7724a16d80580e872f3a9a87e224326e179770b10bf3613a6874763

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"428a43ae9d69740da3ed9b1b871b153f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s4mvA6dcEuNraGmtLPktFlaTWGsLQWG03u5LcUBi8PNleGUruqkcUTu12kM7BGwh%2Bgnw9wJu420larop7BiQcYlHCd8tFWVtBTjvXdMl1HOlF6dCRWTuGwzH17i%2B0IEdx%2BmalQZRWIDx5F%2Bvn%2BWOChAJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649dd2ad71989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40659
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		151 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0bbeea353baa206119b544cd5ef1972b620a3ebb99fc0253adc27e19d6bab9c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
508842
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
21880
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Jun 2023 14:46:40 GMT
expires
Sun, 23 Jun 2024 14:46:40 GMT
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 5B46 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
10686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 09:09:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5B46 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 08:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
11507
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 08:55:35 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 5B46 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
65823
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:19 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 26C7 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
2822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 01 Jul 2023 11:20:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 26C7 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 08:10:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 01 Jul 2023 08:10:22 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A8D9 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 11:20:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
2822
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 01 Jul 2023 11:20:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A8D9 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 08:10:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
14220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 01 Jul 2023 08:10:22 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=3525133570327672&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=27&adks=4258316528&didk=2639644830&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D6394153360637039%26eid%3D6394153360637039%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1909%26sap%3D1909%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D4%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-3-6394153360637039%26eb_br%3Dbf9a045b836005b6c23b7b0749249612%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D26%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D42%26reqt%3D1688126842443&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126842482&lmt=1688126842&dlt=1688126834513&idt=860&adxs=675&adys=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x250&msz=250x250&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41145f32972823e794695b4f85eed4ce06b2cb5171d9f27d1ea1adf42d7d304b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
449
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		138 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=2297722903734652&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ifi=28&adks=2888625247&didk=1533032731&sfv=1-0-40&ris=1&rcs=4&prev_scp=a%3D%257C0%257C%26iid1%3D32787398583637%26eid%3D32787398583637%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1901%26sap%3D1901%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D5%26at%3Dmbf%26adr%3D398%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Dpaytolet_com-box-3-32787398583637%26eb_br%3Dad0061a38dd7c6f7bcb692aee88dfda4%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D14%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D26%26reqt%3D1688126842449&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126842486&lmt=1688126842&dlt=1688126834513&idt=860&adxs=566&adys=1175&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x60&msz=468x60&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
221237c5d791df2429162702989a45f13bd1f421441b139b957be5b76375d1af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40559
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 42F9 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:07:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5B46 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:07:22 GMT
truncated
/ Frame 42F9 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee769ce6e2cd6af225a0c599cf736aaf4f2df0476c6dab7d899830453db72573

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5B46 		220 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0044ab64bc2c317a7b41f0c4e729962dc3e439565c1ee6ac1513a4b6a8f8f92

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 26C7 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 20:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
54800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jun 2024 20:54:02 GMT
logo_klein.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_klein.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58e045f5cc886898a55d4450daffaa78bc91f481333bd7d8ccf5c806e1ac6e62
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 07:59:40 GMT
age
187662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2963
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 07:59:40 GMT
logo_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_01.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7ca1d475d75b95f330757ed1eef0d5e2a0a63372d968c31c9ffe3159f29b141
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:55 GMT
age
482367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3091
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:55 GMT
logo_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_02.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3349f90f1da5e8e9c8234aaa9b932f3157e8dc2ac7c67852d2c531fa9e80f082
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:55 GMT
age
482367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3091
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:55 GMT
cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/cta.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e1780fcf095277e5932ebe4308ba7c209a0ffd929e80fa1dac9de7efaacb043
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 23:14:41 GMT
age
564761
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2056
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 23:14:41 GMT
logo_subline_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_subline_02.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976df8c6fc830abbcba51b76b07f7b795fbc02d466ddd4530861161464f14dd3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:13 GMT
age
482409
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1543
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:13 GMT
logo_subline_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_subline_01.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd7fcadf77947aedfa9df2220b7b33ae98b978e617e5c1100c1dd422d31a5fda
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:55 GMT
age
482367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4209
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:55 GMT
widget_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_01.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9518f4b66ec416aaf33168598d4f4dc33186f8daa2476c70a4a330342813bb3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 23:24:39 GMT
age
477763
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5538
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 23:24:39 GMT
widget_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_02.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26c30f9f6dcdf84d05a4bc923ba8b51306d18f165c1bf7d8f8c802d5e3d70be
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 14:56:16 GMT
age
508266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3871
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 14:56:16 GMT
widget_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_03.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d37eea3a77597d079cccca5118edc840165fc85a98d0c278729975099a074eb0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:13 GMT
age
482409
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4654
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:13 GMT
widget_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_04.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0ffa651cec5c4c05bc751cd2e56792bd4aa449762ca625dfa51280c5e2278bf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 01:50:52 GMT
age
555390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4362
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 01:50:52 GMT
widget_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_05.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f97e21f3eec9e3e533d436de3a395dd755e1a309ed6e05282c16fe0c11f523e6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 05:29:08 GMT
age
542294
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5282
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 05:29:08 GMT
widget_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_06.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42560ef9cd88b29d780c7b1b9dfacd9ebcce9d6a786377f06ac4c85ecbffac33
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 14:44:03 GMT
age
508999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5815
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 14:44:03 GMT
form.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		791 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/form.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Jun 2023 22:08:57 GMT
age
223105
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
527
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 26 Jun 2024 22:08:57 GMT
color_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		851 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_01.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b30aaaa21366d52f75323f59949ba8520cfec50fa89ef9aa9a165687348aa5d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 14:59:23 GMT
age
508079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 14:59:23 GMT
color_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		761 B
595 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_02.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22f418c33faa6c31cfe76fab61c5fe1bb9c5031dc4fe5602ef8fd802581aff30
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 22:08:11 GMT
age
568751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
482
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 22:08:11 GMT
color_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		797 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_03.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
387a63e314f5fdb0a7ec0a0e38d457e8c86b46e76a866dc112e823ca53cf3392
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 03:21:19 GMT
age
204363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 03:21:19 GMT
color_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		856 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_04.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7251f253a7f14b9f7946a59d2003dc87be21baab047d4394e3cf2802d6d01e1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Jun 2023 22:08:57 GMT
age
223105
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 26 Jun 2024 22:08:57 GMT
color_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		692 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_05.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a52397ac20d14b7063c608f61261318da8ecb23fe996f92803563b060ba13ce0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 22:04:39 GMT
age
568963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
454
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 22:04:39 GMT
color_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame 26C7 		692 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_06.svg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1e9c5ee6f84f7f34f2ba8fd2f01fa7574343afd0e09e64691245ce1745528f6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 15:04:07 GMT
age
507795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
455
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 15:04:07 GMT
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame A8D9 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 20:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
54800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jun 2024 20:54:02 GMT
logo_klein.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_klein.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58e045f5cc886898a55d4450daffaa78bc91f481333bd7d8ccf5c806e1ac6e62
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 07:59:40 GMT
age
187662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2963
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 07:59:40 GMT
logo_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_01.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7ca1d475d75b95f330757ed1eef0d5e2a0a63372d968c31c9ffe3159f29b141
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:55 GMT
age
482367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3091
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:55 GMT
logo_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_02.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3349f90f1da5e8e9c8234aaa9b932f3157e8dc2ac7c67852d2c531fa9e80f082
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:55 GMT
age
482367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3091
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:55 GMT
cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/cta.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e1780fcf095277e5932ebe4308ba7c209a0ffd929e80fa1dac9de7efaacb043
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 23:14:41 GMT
age
564761
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2056
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 23:14:41 GMT
logo_subline_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_subline_02.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
976df8c6fc830abbcba51b76b07f7b795fbc02d466ddd4530861161464f14dd3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:13 GMT
age
482409
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1543
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:13 GMT
logo_subline_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/logo_subline_01.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd7fcadf77947aedfa9df2220b7b33ae98b978e617e5c1100c1dd422d31a5fda
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:55 GMT
age
482367
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4209
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:55 GMT
widget_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		16 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_01.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9518f4b66ec416aaf33168598d4f4dc33186f8daa2476c70a4a330342813bb3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 23:24:39 GMT
age
477763
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5538
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 23:24:39 GMT
widget_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_02.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a26c30f9f6dcdf84d05a4bc923ba8b51306d18f165c1bf7d8f8c802d5e3d70be
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 14:56:16 GMT
age
508266
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3871
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 14:56:16 GMT
widget_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_03.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d37eea3a77597d079cccca5118edc840165fc85a98d0c278729975099a074eb0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 22:07:13 GMT
age
482409
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4654
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 22:07:13 GMT
widget_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_04.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c0ffa651cec5c4c05bc751cd2e56792bd4aa449762ca625dfa51280c5e2278bf
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 01:50:52 GMT
age
555390
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4362
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 01:50:52 GMT
widget_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		18 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_05.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f97e21f3eec9e3e533d436de3a395dd755e1a309ed6e05282c16fe0c11f523e6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 05:29:08 GMT
age
542294
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5282
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 05:29:08 GMT
widget_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/widget_06.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42560ef9cd88b29d780c7b1b9dfacd9ebcce9d6a786377f06ac4c85ecbffac33
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 14:44:03 GMT
age
508999
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5815
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 14:44:03 GMT
form.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		791 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/form.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Jun 2023 22:08:57 GMT
age
223105
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
527
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 26 Jun 2024 22:08:57 GMT
color_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		851 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_01.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b30aaaa21366d52f75323f59949ba8520cfec50fa89ef9aa9a165687348aa5d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 14:59:23 GMT
age
508079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 14:59:23 GMT
color_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		761 B
562 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_02.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22f418c33faa6c31cfe76fab61c5fe1bb9c5031dc4fe5602ef8fd802581aff30
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 22:08:11 GMT
age
568751
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
482
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 22:08:11 GMT
color_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		797 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_03.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
387a63e314f5fdb0a7ec0a0e38d457e8c86b46e76a866dc112e823ca53cf3392
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 28 Jun 2023 03:21:19 GMT
age
204363
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
479
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 03:21:19 GMT
color_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		856 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_04.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7251f253a7f14b9f7946a59d2003dc87be21baab047d4394e3cf2802d6d01e1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Jun 2023 22:08:57 GMT
age
223105
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 26 Jun 2024 22:08:57 GMT
color_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		692 B
534 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_05.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a52397ac20d14b7063c608f61261318da8ecb23fe996f92803563b060ba13ce0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Jun 2023 22:04:39 GMT
age
568963
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
454
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 22 Jun 2024 22:04:39 GMT
color_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/ Frame A8D9 		692 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/color_06.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16346139938887045070/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1e9c5ee6f84f7f34f2ba8fd2f01fa7574343afd0e09e64691245ce1745528f6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 24 Jun 2023 15:04:07 GMT
age
507795
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
455
x-xss-protection
0
last-modified
Thu, 28 Jul 2022 12:41:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 23 Jun 2024 15:04:07 GMT
greenoaks.gif
paytolet.com/detroitchicago/ 		0
520 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjE1NTkifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjIwNjAifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjE0In0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjE0MzgifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiIxNTA1In0seyJuYW1lIjoicGVyZl9jb21wbGV0ZSIsInZhbCI6IjU4MzEifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfcGFpbnQiLCJ2YWwiOiIyNTAyIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiIyNTAyIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fK5XVt%2FYgYRwVBtZjq1%2FTWGQSaB72OPrvd7cYuMA1Ywjp3ZhAiXY6GrP8JGF4lxyU0QpnbP2gse1x5vzwmuRoWjWRWlB94wheuXH3irXIDfhw24HR2wn8lKo04zTUzLPZ%2FtmBe52SnV2hEI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e059706969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:22 GMT
greenoaks.gif
paytolet.com/detroitchicago/ 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImRhdGEiOlt7Im5hbWUiOiJkaXNwbGF5X2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMjY5MjIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjUifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX3B4IiwidmFsIjoiNzEzNjIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiI3In0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX2NvdW50IiwidmFsIjoiMCJ9LHsibmFtZSI6InZpZXdwb3J0X3NpemUiLCJ2YWwiOiIxNjAweDEyMDAifSx7Im5hbWUiOiJ2aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMDAifSx7Im5hbWUiOiJkb2NfcHgiLCJ2YWwiOiIxNDE4NzIwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiI4ODY3In1dfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7b6985WwxmNOAN%2FP%2FWhwPhWg0pOYe081JQelF2w0ZchLIXS6kkSMRUxvZwHw%2FrNrZU0HfBO6DcMzeS%2BTUqeWXbH%2FtGA5g6n6L0bokfL8wLadbX4Mg7ZnjeSKQ9GH1fjGejNUkWRW9SD2akE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e059726969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:23 GMT
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=1&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=874317177&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126843%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120722%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126843&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:22 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:22 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:22 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 5B46 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CveCNecWeZKuzOJLDxwLTy5_YD_-Popxx7qTYm6YQr8jarpUOEAEg9PnGJWCV6rOCwAegAaXgjNwDyAEJqQLYWKRVcTyyPuACAKgDAcgDSKoEggJP0AwyyrbBF4W7a1cWJvAyE29anns92o0Q4AERVbj_CI2do-rVJ_TTbpAWQ-NeRaBRLDf2pvXRx3T17hOvl9ME72DcjbOu8pN1nqbIg2i1HJUrhxkzcnkExGntgY1UoMqU46sREb_jNEvsAOb8BEznujrzVgXR8cDAOUQvyQNMM17ilwxGnJeRg_JPpDx9P0HH3CNuwhaU-dhce3PaYaywbW9XLcava51AjTGotBV9VUymuuZUU_sQPWR6JNqRQiBwih2itQ0o8VPKY2kymfCqNCiWcwv6OyAFAgIoW4x_ZeGwtKh2NJf486MOkglApiirEPR33H7K0n0sXvXn6V4HxcvABJDAhu2gBOAEAZIFBAgEGAGSBQQIBRgEoAYugAezkasoqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQyK8S0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi0xOTY2NzIxMTkyNzA5NjA2GL7JBw&sigh=AhC3ntxO7ZM&uach_m=[UACH]&cid=CAQSOwBygQiDqIX_QEgoE6us8JZZlqIeoDCx8KX9Ywpz8cRGLAGYWfewilYA-rLmaWqC7AYE3YRP1nZACqpjGAE&template_id=419&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
container.html
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1DF8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:16 GMT
expires
Sat, 29 Jun 2024 12:07:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
paytolet.com/porpoiseant/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODMsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiJhZDAwNjFhMzhkZDdjNmY3YmNiNjkyYWVlODhkZmRhNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDE0LCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTQsImJpZF9mbG9vcl9wcmV2IjowLjAwMDI2LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODMsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDQ4MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODMsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zspmBl4ShjwzGZBfFAviIKRNnxlk8BI%2F%2BI4PmaP3fTA8FvvSrVavwC5nj9hVyQ4h50csU4IrQ1TgzUoIz0jW2hhXLQaOnOvHnBeNqpT3SCbnUu6MhzRR%2FWMeuMe2z6zWh36kqPxj6u4N16I%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e11a8e6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
army.gif
paytolet.com/porpoiseant/ 		0
527 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODMsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA2LTMwIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrKCHFIwph6BzHWNzN7i03v322pjNKcJA%2BKKc2uU13Ua7yAyN%2FvW7t3dCRHp%2F2RW7yGT1HW%2FL5wMTClJQuEYWRHoL0OQz%2BMqqlfcSTUsHEUmNGMzRd7T78kbL14Eh2RR%2Fjk%2FGtQxiIxOqFI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e11a926969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:23 GMT
army.gif
paytolet.com/porpoiseant/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImF1Y3Rpb25fZXBvY2giOjE2ODgxMjY4NDMsImFkX3Bvc2l0aW9uIjoxOTAxLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEyMCwiYmlkX2Zsb29yX3ByZXYiOjI2LCJiaWRfZmxvb3JfZmlsbGVkIjoxNCwiYXVjdGlvbl9jb3VudCI6NSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NTM5LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggsGPNBns7LhFwdDwC%2Ba2cUXDP414pQjz1F5iUpyv0ynbIgRHrf%2B24dERaeYhkby4YFlT8Jw6YfXws6Ew6N%2FsddoSvrXgS2DFZDyBsgSVQ9KM%2F6OOYKubqwLA6oSw9MIYVkpWNYX8yyRIG8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e11a956969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:23 GMT
t1670023299_03_640x360p_30Hz_800Kbps_005.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_005.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a33a9294810cb9dce4d45a07c4dc30f198d8314af6d71c288a86fb1e4fbb1e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6ae8dd458cb7698f02e3b23395325e58"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajTMbTJaiskoK3LdwMzuJM7cjfG58JSvKsUmIBRe43r%2F80ga4359SQrMKuvRwIk3mqbJ2iv%2FnrCigay1JqGGJjgCWtqHAMiWrDKF6NFCwucqYeeuKAy0KBikQ4n3vAT0bzB%2Fx0vNXat1Fw1KCngqoy2I"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649e118741989-FRA
alt-svc
h3=":443"; ma=86400
content-length
18432
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=674173503077194&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3Dc5429b6ddd929d0bc40a832a87789a7c%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126843060&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td8_tt3_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
greenoaks.gif
paytolet.com/detroitchicago/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjUzODQ0MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIxMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjAifSx7Im5hbWUiOiJuYXRpdmVfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfcHgiLCJ2YWwiOiIxNDI3MjQwIn0seyJuYW1lIjoiZGlzcGxheV9hZF9kb2NfY291bnQiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiMTQxODcyMDAifSx7Im5hbWUiOiJkb2NfaGVpZ2h0IiwidmFsIjoiODg2NyJ9XX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9mQ7m7tfi9gG5oTrBzoCshSAK2F797Ib%2FbryKnIZ8m%2F2u7OiWt63CIejaEYE4uNDuF84wfWWsTUy0iHNMwZcBs%2Bx6rsKUjlfNsD%2FDpXUDw1Mg2UR8xLVwKWv6of9DqV8CNN76%2FrAoBgEYY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e12aa86969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:21 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1DF8 		2 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
65824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1DF8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6mdSesWeZNPGIvGNmLAP-P-MwAOnl5bvcIH-oM3EEbHr9_W5LhABIPT5xiVgleqzgsAHoAHRiOvbA8gBCakCdov-aBVtkD7gAgCoAwHIA8sEqgSAAk_QTDSmUIfEWADgBxoEReDDp4Mrs8yr9lgTvEuGRp5BcjiGkXqxWmEACVnX54cjPuv12LD_gjAcFXtJa78kmXdzYGLgRS_11Dgs5gd87mCaIheBbbkvvT6CscOJW0DuManOCFSB9VsTUFHu844mPv2VwTNSFXqxpcAMvZ-Y4bPZ1N3QWISnK5THbs5ZlhBCESni9MbhhaMtiPXVZ7zLQB6gyuYDX42hN3lDbSvdVg_RNkk1aeVpLIX5IHdNQAD7boFg8saUHUp596KgRDyuq2EcX1uP1Nfnm5DY9dmV_Zv598yV1mCCKqeEk79WQEve095LS6w7PNpVnNGvdzleZqrABOX9gdzzA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeX95QkqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcA8gcEEMjNCNIIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwHYEwqIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItMTk2NjcyMTE5MjcwOTYwNhi-yQc&sigh=vxbw-tDNFT4&uach_m=[UACH]&cid=CAQSOwBygQiDJafWTFoWF9BX8DSixzL9ukttaEP-Yw-at5izoI0Pmpe4QgGRiyE8urs2_BsD7j1uyWUZl5olGAE&template_id=494
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/ Frame 1DF8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/abg_lite_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 09:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
10687
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9104
x-xss-protection
0
server
cafe
etag
12939045362079141464
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 09:09:16 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1DF8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/window_focus_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 08:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
11508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 14 Jul 2023 08:55:35 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F090 		1 KB
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
75781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 29 Jun 2023 15:04:22 GMT
etag
48472445140208031
expires
Fri, 30 Jun 2023 15:04:22 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/ Frame 1DF8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230627/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 17:50:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
65824
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8312
x-xss-protection
0
server
cafe
etag
5477749917372345267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 13 Jul 2023 17:50:19 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1DF8 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57260
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1687952195399670"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Jun 2023 12:07:23 GMT
77005c67fa3fd636ca667830ce382e45.js
www.gstatic.com/mysidia/ Frame 1DF8 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/77005c67fa3fd636ca667830ce382e45.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 23:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
305423
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14190
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 23:04:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 24 Sep 2023 23:17:00 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 1DF8 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSVaDM0DRvKdDPzfd_VE0j5cgDHHhZMJXvanW1haHkfU08XuzM6HLzRTkiA1A&usqp=CAI
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
037115d01bdf1b21c604cf6ea9c8ad8f9ec733c17c4d0f1077d782b56ab81bf9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 02:30:13 GMT
x-content-type-options
nosniff
age
34630
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27680
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:06:58 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 29 Jun 2024 02:30:13 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1DF8 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcROcujyGf9Bvb-rjb3xo73xEWmdbJIMiebPLKrrhfA3v6V9-VyhwTVOgoXJy10&usqp=CAI
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f605b7b593df7e4ed6540535983dc897057bd484a503abf38ac921424b492ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:43:56 GMT
x-content-type-options
nosniff
age
30207
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21356
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 10:53:23 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 29 Jun 2024 03:43:56 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 1DF8 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTsTqCTIk1C5yFEQQyeBonbGFrdIicfH9rNKzBVjC4NxTPmZv1ECfaon_D_BpQ&usqp=CAI
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a02e2f23fc028a9083215ee4957209628dbd8c178033284f3ed4d696f7e7a25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 03:09:03 GMT
x-content-type-options
nosniff
age
32300
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22059
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:40:17 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 29 Jun 2024 03:09:03 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1DF8 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS-VUb4RyaxTwo0sJhrHY3jyczY4iqnAh4qqiXW9OzPU_q8hYrr2hziH3sj_Qw&usqp=CAI
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
34378a5dfdcdf85a5c769671fd75e9d2311b149fcf281df9d4d87bf1c9095db1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 00:37:38 GMT
x-content-type-options
nosniff
age
559785
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16370
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 05:08:14 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sun, 23 Jun 2024 00:37:38 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1DF8 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQTceQaJUaYqtneplneqWDvX-v71871dysLYmfH96OTLfCu9dnFQIbmVoAdHQ&usqp=CAI
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9430ca926cf9c65517177172afbb7c9fb4dda416385558220ee06abfb0930a33
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 07:11:16 GMT
x-content-type-options
nosniff
age
17767
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23600
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 10:53:09 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 29 Jun 2024 07:11:16 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1DF8 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSrUuRlIM-vTu2LJIs_UiutYd2-67_t5qI7PcVzj4xZhb0vmEvYFrnBMhobi5A&usqp=CAI
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f311c10956d2d9d21f2ccd8e63a075ebb69a961cde3c0b8554a54002385fce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 12:42:38 GMT
x-content-type-options
nosniff
age
170685
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21238
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 08:07:26 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 27 Jun 2024 12:42:38 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 1DF8 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTJ0WIvjOjOAh99Isg6BWy2Z2bn6a4K7lSTxgNxL3zN-hYcziHlkIJ6iD-Euw&usqp=CAI
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f14.1e100.net
Software
sffe /
Resource Hash
fff0091f27cd5a1eb1509aaf822b596c24f6662c265d51a63f11e677ceb2301c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 04:34:57 GMT
x-content-type-options
nosniff
age
27146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21714
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 13:32:37 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 29 Jun 2024 04:34:57 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 1DF8 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQAx19MGz8LXdCb7sNDJPDmb0ix7tiFgxCigIz0o8snUThYrfctOC0FjetEV3U&usqp=CAI
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87beae45e2a48f9a38e1f249918560143ef97db43a562f2970ca3e240d3ce6b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 14:11:17 GMT
x-content-type-options
nosniff
age
165366
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20476
x-xss-protection
0
last-modified
Mon, 31 Jul 2023 07:03:55 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Thu, 27 Jun 2024 14:11:17 GMT
7277659859941093506
tpc.googlesyndication.com/simgad/ Frame 1DF8
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKD_ooumEBCEBxiEBzIIP3Yfw9-gWnI
  • https://tpc.googlesyndication.com/simgad/7277659859941093506
172 KB
173 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7277659859941093506
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41ae31f327204464f360773c2dc723d27f82c2ca1f724fde0a482704f290db16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 25 Jun 2023 22:07:48 GMT
x-content-type-options
nosniff
age
395975
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176620
x-xss-protection
0
last-modified
Thu, 29 Jul 2021 10:06:30 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 24 Jun 2024 22:07:48 GMT

Redirect headers

date
Fri, 30 Jun 2023 08:37:11 GMT
x-content-type-options
nosniff
server
cafe
age
12612
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/7277659859941093506
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sun, 30 Jul 2023 08:37:11 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame F090 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKrSrKH6rvGKsbl7Ypgg3c8&google_cver=1&google_push=AaAOQGEGGPr2v4NhFbiY7fgwIn8X1JPZildWHlh1dl57PWw0kQ2hJ9cpTfEsy49N96iM52GsATNDTqo-Pvc53TfLBEutGvku__h0
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2040 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame F090
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENiEztaUYPK-WaFuybbPWVc&google_cver=1&google_push=AaAOQGFWiXQ3HjUw0XjVlt5ZrBBFdn5d1fPgPQ4OrEv3eNezyBa322wmzZc3jpPr_NAlbaAy6YrqXNcT...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENiEztaUYPK-WaFuybbPWVc&google_cver=1&google_push=AaAOQGFWiXQ3HjUw0XjVlt5ZrBBFdn5d1fPgPQ4OrEv3eNezyBa322wmzZc3jpPr_NAlbaAy6Yr...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUyMDQxMTg2NzI2OTcwMDAxNQ&google_push=AaAOQGFWiXQ3HjUw0XjVlt5ZrBBFdn5d1fPgPQ4OrEv3eNezyBa322wmzZc3jpPr_NAlbaAy6YrqXN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUyMDQxMTg2NzI2OTcwMDAxNQ&google_push=AaAOQGFWiXQ3HjUw0XjVlt5ZrBBFdn5d1fPgPQ4OrEv3eNezyBa322wmzZc3jpPr_NAlbaAy6YrqXNcTNSNOcxnP5jR7QnYZWj5SLw
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUyMDQxMTg2NzI2OTcwMDAxNQ&google_push=AaAOQGFWiXQ3HjUw0XjVlt5ZrBBFdn5d1fPgPQ4OrEv3eNezyBa322wmzZc3jpPr_NAlbaAy6YrqXNcTNSNOcxnP5jR7QnYZWj5SLw
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame F090
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF4aRJc1mPtUiriaPkVGIqI&google_cver=1&google_push=AaAOQGEoCeuXRWO7rl_sRJumgzHKlt2RVSZvjlE3RrTeCMyPM2froTgjaJlSIVQ2NfEMFMoMSUP4UqOH-APM4ld6...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEoCeuXRWO7rl_sRJumgzHKlt2RVSZvjlE3RrTeCMyPM2froTgjaJlSIVQ2NfEMFMoMSUP4UqOH-APM4ld6A5z9eEUO2D4hjw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEoCeuXRWO7rl_sRJumgzHKlt2RVSZvjlE3RrTeCMyPM2froTgjaJlSIVQ2NfEMFMoMSUP4UqOH-APM4ld6A5z9eEUO2D4hjw
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 30 Jun 2023 12:07:23 GMT
via
1.1 cdf03e675736c21829fede7b370fd99a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
MUC50-P2
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AaAOQGEoCeuXRWO7rl_sRJumgzHKlt2RVSZvjlE3RrTeCMyPM2froTgjaJlSIVQ2NfEMFMoMSUP4UqOH-APM4ld6A5z9eEUO2D4hjw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
2W76cKq9Qrb3ghI5LdhjpdiN6NKq4xKYG-O-3epcTkRm7lsdUuN2XQ==
pixel
cm.g.doubleclick.net/ Frame F090
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEC0kDEToVEGFQ7ZeC-OGhc4&google_cver=1&google_push=AaAOQGERIapCMqFlJu8GVaqyRDdiktbZFfmc9V4l09IiE0mEnjEcsNmvjlVcMNYCKvoeiqOoCxK5Rka5ZNrk...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGERIapCMqFlJu8GVaqyRDdiktbZFfmc9V4l09IiE0mEnjEcsNmvjlVcMNYCKvoeiqOoCxK5Rka5ZNrkhSTSnTY6B7AiXE_9wQ
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGERIapCMqFlJu8GVaqyRDdiktbZFfmc9V4l09IiE0mEnjEcsNmvjlVcMNYCKvoeiqOoCxK5Rka5ZNrkhSTSnTY6B7AiXE_9wQ
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGERIapCMqFlJu8GVaqyRDdiktbZFfmc9V4l09IiE0mEnjEcsNmvjlVcMNYCKvoeiqOoCxK5Rka5ZNrkhSTSnTY6B7AiXE_9wQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame F090
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEFymyGqiHEpLNr4zNAH1kvg&google_cver=1&google_push=AaAOQGGqD_9uCeOf-etuuSGwarfqXhqN49okmLFddDNmAOL7-WXWsM1urx_uptgrwAHIJtMKU2qVg3xoRG_bNJZKmhS3ARFgNDVNtA
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGGqD_9uCeOf-etuuSGwarfqXhqN49okmLFddDNmAOL7-WXWsM1urx_uptgrwAHIJtMKU2qVg3xoRG_bNJZKmhS3ARFgNDVNtA&google_hm=ZzdmZTAxOTkyMWU1NT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGGqD_9uCeOf-etuuSGwarfqXhqN49okmLFddDNmAOL7-WXWsM1urx_uptgrwAHIJtMKU2qVg3xoRG_bNJZKmhS3ARFgNDVNtA&google_hm=ZzdmZTAxOTkyMWU1NTEzNTljZGM=
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AaAOQGGqD_9uCeOf-etuuSGwarfqXhqN49okmLFddDNmAOL7-WXWsM1urx_uptgrwAHIJtMKU2qVg3xoRG_bNJZKmhS3ARFgNDVNtA&google_hm=ZzdmZTAxOTkyMWU1NTEzNTljZGM=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame F090
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGXn7E0UDhvxEYEihZFmJS0&google_cver=1&google_push=AaAOQGHMXmy3EnqKc2WROCvjFuGCBr1G3uz923uD2tcRtGPZo8kAedDw0ZCiv11VOuhbECVMWmVKvmXEi2YbeeBjieOauPzfAd...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGHMXmy3EnqKc2WROCvjFuGCBr1G3uz923uD2tcRtGPZo8kAedDw0ZCiv11VOuhbECVMWmVKvmXEi2YbeeBjieOauPzfAd3...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODk4Njc3MjQ2MTY4MjIzMDkwODA0&google_push=AaAOQGHMXmy3EnqKc2WROCvjFuGCBr1G3uz923uD2tcRtGPZo8kAedDw0ZCiv11V...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODk4Njc3MjQ2MTY4MjIzMDkwODA0&google_push=AaAOQGHMXmy3EnqKc2WROCvjFuGCBr1G3uz923uD2tcRtGPZo8kAedDw0ZCiv11VOuhbECVMWmVKvmXEi2YbeeBjieOauPzfAd3XRg
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODk4Njc3MjQ2MTY4MjIzMDkwODA0&google_push=AaAOQGHMXmy3EnqKc2WROCvjFuGCBr1G3uz923uD2tcRtGPZo8kAedDw0ZCiv11VOuhbECVMWmVKvmXEi2YbeeBjieOauPzfAd3XRg
date
Fri, 30 Jun 2023 12:07:23 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame F090 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEL37b_cu_GsK-MrvvCkYy3A&google_cver=1&google_push=AaAOQGH-IicAwN9umuO_vGjTvQAdp5jI_mL3hdFhpSMD-Y-8LduzO31Fz2iPmgCeU4xa4okfQT8Azc7gSoA-4H__xU8CgJc6PULW
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.152 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame F090 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IBQqIT2sWKaOFNhy8fec8uhIBKDE0ceHPYP_YwspNMHJ6LW1-lCd-zRF4w3kql9tFIrF6p
Requested by
Host: 17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=3&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=465546194&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126843%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120723%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126843&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:23 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:23 GMT
truncated
/ Frame 1DF8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e27003eefc208a5f6f480dc86bb391d3417ed2e5d32951631706e1bd17df0ee2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=1&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=541786382&wv-type=3&browser-info=we%3A1%3Aet%3A1688126843%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120723%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126843&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:23 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:23 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=2321672585817690&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=29&adks=1957513018&didk=3512010702&sfv=1-0-40&ris=2&rcs=4&prev_scp=a%3D%257C0%257C%26iid1%3D8292738108625282%26eid%3D8292738108625282%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D5%26at%3Dmbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpaytolet_com-edge-1-8292738108625282%26eb_br%3D14e8a85d4c42ff1db8790cbef9e33493%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D12%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D22%26reqt%3D1688126842329&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126843366&lmt=1688126843&dlt=1688126834513&idt=860&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3573952c314df834c78d9dfa217dd798e4c99336e24cfff2c626de46b127f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126843%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120723%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126843&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:23 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:23 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=1440685448253248&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=30&adks=1754540039&didk=3512041317&sfv=1-0-40&ris=2&rcs=4&prev_scp=a%3D%257C0%257C%26iid1%3D4803436408596716%26eid%3D4803436408596716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D5%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpaytolet_com-edge-2-4803436408596716%26eb_br%3De29f69dd468d31a5514dc9b5587ce757%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D16%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%2C19%2C2610%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2610%2C2688%2C2693%2C3045%2C3052%2C3053%2C4276%26lb%3D30%26reqt%3D1688126842371&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126843422&lmt=1688126843&dlt=1688126834513&idt=860&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44c4ed2469ac5b98f3a4bad8d49487de2d86df073206ad383198b6339460aa16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=674173503077194&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3Ddc3573d5dc41abdf97751be02f53537f%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126843457&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td8_tt3_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_006.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		18 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_006.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6ee2ed2681b830ee910ad42d23faecf0794bcd1092b9afa0e55ff57cf829f63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"dec0637310fba67722ab062c02154242"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YocloZ4G9u%2FPO6TPP2vXt2g98NZb3PqmOcR32XRyielPTBprAyO7XPI65pB1g0fMrjTJ9V9dEIkdAEQtZ4Yv4tMz%2FmUYfPMu9dzYeSPPN2zCk52KqJw4XE3F9S4nQKx2oye8dMFHrVVseY77M4TLyeEV"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649e3fbd11989-FRA
alt-svc
h3=":443"; ma=86400
content-length
18038
AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
pagead2.googlesyndication.com/bg/ Frame 33C5 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/AOiihYbjk7GyPSPexE3PorOKRXoofTPF8NjvkAglc4c.js
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 29 Jun 2023 20:54:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
54801
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14768
x-xss-protection
0
last-modified
Mon, 26 Jun 2023 15:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 28 Jun 2024 20:54:02 GMT
audio_007.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		39 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_007.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b329ad9d492bb0f1e0ca20c34769f67b8f12e64009d11375a5cde1481b493e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e79db71ce8a73bb801fd623c3cf33715"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhHY4iZO1expip5naZKLgAflnB7BXHjjQoPs%2BHElZrayqjFQvYssCRjOKnPqMA9MK6nV0sdLYciy0q%2FsDon1KSQ4FXBCxIkMkESjPiU6otZPif9j4ZhcC1M%2BRDmA%2FXj52olH%2FVNvMb7ajdy0vFUVbYYa"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649e41c061989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40102
90663950
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/90663950?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126844%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120723%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126844&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:23 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:23 GMT
t1670023299_03_640x360p_30Hz_800Kbps_007.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		58 KB
59 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_007.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5190dda380ac1a3e58c735adda29e97b3676b0ea3d4d705af7d204505b17d3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"75f4c1df1367e80472fc297159ddd6c5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5GfvgmA1tZqnvBGS2MQUw2vk1paCmNkl7sMW%2FjwoAW8NzgExWwpvvnL43rLsA6u5zaOKEJAQlLQZOthlwQ7nd0O1h%2FtHRVlfHRqThGKUqq%2BFoqMTGVMuHLW%2BW%2FCcfkykSz1UYmqkl8SKcwGLsNRWjw0S"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649e59e1c1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
59680
activeview
pagead2.googlesyndication.com/pcs/ Frame 42F9 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZ-geWTkRWYMmK93s0sakXky-Qu75yY1oCLH-ihZqQJa7yY1TuhGauej7xDqDULHWDpY0eanxMWL6h4gwxH8hT3-0RKLZMXW8BXmyMM_OEDXGFDGftIC4hz-_3k_3c976QOZBN9Uabs9b-&sai=AMfl-YRIgaVf2Ux1MffWvO1igM_o4V9cYalbJzN0quxZiPRm5zHtyE0MC0rLxRlC6k_z5FLSMxiqasJEbSkkL_mMu7qQWEBWIZEd3G1QHPV9U5Qfu8FzIXRcIVyhxvM&sig=Cg0ArKJSzHxDeOaGOFoeEAE&cid=CAQSOwBygQiDnvpbwFgbRgFZsSlYODs6ms_fTUDstRVjiWyRtQU_Ym0iP74sc5pQqvisNmFoEDH22L0jCuR6GAE&id=lidar2&mcvt=1010&p=1110,436,1200,1164&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3162661208&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688126842301&rpt=444&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
paytolet.com/porpoiseant/ 		0
525 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY4NzM4OTk4MDY1MDcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B69X%2FXevfazc4SpBk8lLQ1YH0dl01n5%2FuEkArZzE2mcXeGBXQ8hFuGAEv%2BoKj8DRceN4%2FhDp6Rdf7vkDyY99%2BVFoXx7deFZetqzFhOLSkIftC3I%2F9tTxFsbRgxjclu8mY2GjtPl5s2%2ByjFI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e608136969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
army.gif
paytolet.com/porpoiseant/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzcyOCw5MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijc1MzY1MzQyOTQ2MzY2NTAiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eH%2FwQ53ce0FGHTOrJrLACnyZL6EL8GNMOv%2FOcZXL3pefvVE7uiiiQoQPnfQFGJ1r5bPUWEGZ919GIX8KOs6lsw%2FVGyDFRmWN%2Bs6OxGVoK4dxVbhAVVyyvH6Wtb97Qd7G5tm5Qowp23deAIM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e628256969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=674173503077194&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D45a351e981f435b4c20fafca8a5d741c%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126843894&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td9_tt4_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=1324982486310940&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=31&adks=1957513018&didk=3512010702&sfv=1-0-40&ris=1&rcs=5&prev_scp=a%3D%257C0%257C%26iid1%3D8292738108625282%26eid%3D8292738108625282%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D6%26at%3Dmbf%26adr%3D398%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dpaytolet_com-edge-1-8292738108625282%26eb_br%3D9c3e4ee8eae7f1433cb2fe69b1326605%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D4%26br2%3D50%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D12%26reqt%3D1688126843880&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126843928&lmt=1688126843&dlt=1688126834513&idt=860&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57051489e78b16d6ad50951642c742a87b2471c03bbb700227e2a6181c04a322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14049
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_008.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_008.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31a524c8b76ef7ddce5204dd66d96bebf0422da860115773eb287b44228cb10d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a53a7d759c1610f390c134cb8e089ed6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gynASlWEE%2F7HXjIDv0e4uHttAJIqu%2FLGOVxOfGQSD9ZUw7nKw2lXmXC%2FrAGR%2BknMnp9knJAT7tWjtk3Gh9kTC1LAUTwVPIeh7esWtk%2F3NpHaGdRQzuaADfb%2FUYnyDaxI8M5BAo3XVLg5CrYXO6h3xdTd"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649e69f761989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40682
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=1676093539405215&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=32&adks=1754540039&didk=3512041317&sfv=1-0-40&ris=1&rcs=5&prev_scp=a%3D%257C0%257C%26iid1%3D4803436408596716%26eid%3D4803436408596716%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D6%26at%3Dmbf%26adr%3D398%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dpaytolet_com-edge-2-4803436408596716%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%2C19%2C2610%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2610%2C2688%2C2693%2C3045%2C3052%2C3053%2C4276%2C18%2C19%2C1428%2C2610%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D16%26reqt%3D1688126843956&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126844000&lmt=1688126844&dlt=1688126834513&idt=860&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a9344d21711f63294dded98fc9832b38c7edae2f81929d533c9c86fba0021a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14082
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5B46 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstTX4KGfpABbnn_JLqhRmtIXhrNggZ4klqewEPseTjFas66t7vF7qF-fWMRoQpFm9e-vyX3hhVr3v_sqZgHgUQXkN4H3vmcerGR1breTJbSXHBw9XojQEMeat6COJ0Z4mccD_yk1Gdf9A1g&sai=AMfl-YRS5E9qoDk_q0aK-vFQRuwQJowKA59w1RmgxkSdiE5Dbv_WhHS_q7kV-aNvpmMVRinuPgNwcojOf_cvoOLHWJJqBYqID5J2D2_AnAy4plU0oidJ7x_PCBPnZGs&sig=Cg0ArKJSzHS481fwye1VEAE&cid=CAQSOwBygQiDqIX_QEgoE6us8JZZlqIeoDCx8KX9Ywpz8cRGLAGYWfewilYA-rLmaWqC7AYE3YRP1nZACqpjGAE&id=lidar2&mcvt=1047&p=157,436,247,1164&mtos=1047,1047,1047,1047,1047&tos=1047,0,0,0,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3730846524&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688126842317&rpt=597&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
paytolet.com/porpoiseant/ 		0
526 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFf8QLr6oOah7atrRnBGhJFI4YIC%2FWBLcBNv5KKqRsc5c%2BOdLp6HcoB7MTNBydhxWAhS7hEqs%2BJOLQsfFsnLRUMxJi2tyvcfZvIuk9TOi0M%2BN%2B%2BztHZu5OEUQ%2F3WyO1ZttL0WyDf9IZdEbM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e749326969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:23 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=2549307054525260&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=33&adks=4258316528&didk=2639644830&sfv=1-0-40&ris=2&rcs=4&prev_scp=a%3D%257C0%257C%26iid1%3D6394153360637039%26eid%3D6394153360637039%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1909%26sap%3D1909%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D5%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-3-6394153360637039%26eb_br%3Dad0061a38dd7c6f7bcb692aee88dfda4%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D14%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D26%26reqt%3D1688126843040&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126844081&lmt=1688126844&dlt=1688126834513&idt=860&adxs=675&adys=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x250&msz=250x250&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ%2CABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2312d736cdefe0ae4e7072c129ad037c2b8c6167308da50048011bda58b8da35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
450
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
paytolet.com/porpoiseant/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsPI%2BoBOSitdOmZ3htvby7aNW16%2FFso2RMFkvwbBeXw2gg9YDrohEEXDBcTEIn4iTx2SpHm%2FRuxd8nCe%2F3Zj6Yo7qbQNyF9Cjw9LBuEBVDjUrG7QB0IFwhZtxPS61V1Kl5F9IZ%2F2zik7oW4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649e799a66969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:23 GMT
t1670023299_03_640x360p_30Hz_800Kbps_008.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		27 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_008.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ae370ed9cdec054930682752ee0d43b6dd68d936fcbc9e574f86db902282800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4b3f6ba5ba834e092277615a40a5ec4f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKhTsMdyJ7dpKULR1UQPGpqzgz%2Bk%2BNwItF3C%2Bta%2FoKb1%2FnbYT2hieiD9SGEeZJyc%2FCzIUXRgrUEVDn9dYqI2gDOYzv%2FFMonTEWa2OGIF5SlPVWb58YKuFu6MiV%2B83UrhS7h4PxhbtdKvmmayXQz2tYFY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649e798b81989-FRA
alt-svc
h3=":443"; ma=86400
content-length
27959
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=4&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=298461673&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126844%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120724%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126844&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:24 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:24 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:24 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=674173503077194&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D76163170a8636ae5b88417f095893e08%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126844206&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td9_tt4_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_009.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_009.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52af94ed26cdf0765a0354ae4ec7804860361f5a9a0cd2c7ce5a42419d18a0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e8a477f0b308b017504c007b155f7728"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctm7iQ%2F6BBZiz2BC2MuE%2F7TCDX8zpLgDsYnM0v80AqtNJgpKYbN4ae87OqXXKlOPOL1XGmgIvkhH1qvZ%2BLltBF%2FauRlmCjpZzacThB5mGqbXPl%2BNIfo60lzY9MtyMeqRfwNl4YSl%2BMx6Tx5guR%2FFM9kC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649e879f81989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40666
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126844%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120724%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126844&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:24 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:24 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:24 GMT
t1670023299_03_640x360p_30Hz_800Kbps_009.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		63 KB
63 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_009.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51565a1b3c02c98ed2829b0004f7bb1f6c12e777b1843c0b4f0ba8ee88a85757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"31fd9a203f44a6bf0f515f168681b656"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN1z5%2FxFrr08X2O2evxitDJPhBFfXWwhgATFt8nRb3GIRE60Fk0%2Fa0C0r4jLPZChrL9FVh%2B5TBmmtaNOY68ngtxMNFj1oEYNs%2BV245l0cz0ZPHXzmeDtM82JAG%2BuWHg7nykwm%2FLwzuP5KVm1QEpL%2B6Ki"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649e96b5a1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
64443
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306200257000/ Frame D6FD 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61862
x-xss-protection
0
server
sffe
etag
"bf95dc6813023782"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame D6FD 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
server
sffe
etag
"b6c1e0819a00bf67"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame D6FD 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28873
x-xss-protection
0
server
sffe
etag
"75041cf86819093a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame D6FD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5f86339daf79d63d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame D6FD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"bf1167c9eaa58b59"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
css
fonts.googleapis.com/ Frame D6FD 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 10:50:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jun 2023 12:07:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6FD 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:29 GMT
x-content-type-options
nosniff
server
cafe
age
5275
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6FD 		295 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:27 GMT
x-content-type-options
nosniff
server
cafe
age
5277
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:27 GMT
l
www.google.com/ads/measurement/ Frame D6FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQh8CisZLAR7-pBHZKo9wgxHTsThGKms35dDpyDTCEejruewU5HqMuxXpYLrZvglbFxbUBEUP5wKCw4wmLb0x_Y7dwdnA
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
ai.aspx
m.exactag.com/ Frame D6FD 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=76203-gaw&extLi=19706922684&rnd=407071490
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:07:24 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Fr, 30 Jun 2023 12:07:24 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1785
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame D6FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRKxGfMWeZPL0BNSz1wayp5-4BOCrr5Bxyen0s5wRwuPS4LIBEAEg9PnGJWCV6rOCwAegAcT3x-oDyAEJqQLYWKRVcTyyPuACAKgDAcgDCqoEgAJP0CYMcf-mmurJhukzRxtIlvTH7ExcLi67MCNL8QkwcKsPzpSDeWg8E3UrZ561zT0snrWaEmaOdmhTBQcNkKvssMeTa2ISl-ahjhlTqfR2a4hNa4o-oKlvb-rA6qx9wlP8hwXEuMGAZnnev6x1l5b5oe_xq5CTfsQtIpJRxFO-g0zLmtx9SSkERrhNIAy9McmSAl13KRlp6eSQ2_ey9DIPcW2LHa2kN-ojt30Q4rhcXxU6lF1tlViRQx63_UX9GC3sX5in4loBYr6Tm2T3R-LsYPPqiYHfYD_6YAWljeTiWH_OaJ6mV8pQlIQBLSnl4UeGGlPcQA6UGKN-aO12GIv6wATtycLumgTgBAGSBQQIBBgBkgUECAUYBKAGLoAHpIi4FagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMfcA9IIFgiA4YAQEAEYHTICqgI6AoBASL39wTqACgPICwG4E-QD2BMN0BUBgBcBshceChwIABIUcHViLTE5NjY3MjExOTI3MDk2MDYYvskH&sigh=l-yVfe5WcCA&uach_m=[UACH]&cid=CAQSOwBygQiDOCORaqcrpYN-bGBnWPT80IhqcLnXvE4OjyI2QAXLIIIKawQElQKYer_95UWThRCOvXuvVXIeGAE&template_id=484
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306200257000/ Frame F05F 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61862
x-xss-protection
0
server
sffe
etag
"bf95dc6813023782"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame F05F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
server
sffe
etag
"b6c1e0819a00bf67"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame F05F 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28873
x-xss-protection
0
server
sffe
etag
"75041cf86819093a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame F05F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5f86339daf79d63d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame F05F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327238
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"bf1167c9eaa58b59"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
css
fonts.googleapis.com/ Frame F05F 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 10:48:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jun 2023 12:07:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F05F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:29 GMT
x-content-type-options
nosniff
server
cafe
age
5275
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F05F 		295 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:27 GMT
x-content-type-options
nosniff
server
cafe
age
5277
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:27 GMT
l
www.google.com/ads/measurement/ Frame F05F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyUnVkekhF-Zh6EiHPe7tIT-jt2xqLapzJ9aQ03D9g3VUD31aY9FitbvQ92xwnwvMjfiS3pJy1ojGVcTaYYHvHVVZ4Ww
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
ai.aspx
m.exactag.com/ Frame F05F 		60 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=76203-gaw&extLi=19706922684&rnd=504812036
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.72 Mülheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Fri, 30 Jun 2023 12:07:23 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Fr, 30 Jun 2023 12:07:24 GMT
X-ET-Code
0
Content-Type
image/gif
Cache-Control
max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-ET-Camp
1785
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F05F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cdf8pfMWeZKYdk5rHAqrOr8gO4KuvkHHJ6fSznBHC49LgsgEQASD0-cYlYJXqs4LAB6ABxPfH6gPIAQmpAthYpFVxPLI-4AIAqAMByAMKqgSAAk_Q1TywOnJqbZupirYC4jC5uLmlac4gmhZV4-MIxk-CFEg-VylYWBcqcAwZ7fpb2mbMi1stxrv8nLMqhGwqT9H2xzHCzWqlKAqDAJtyfHczQrfIZhc83oJb08RdOZGvJvLWY0gjP7ZibSNboI-R9sNWxO9l6lC7uNVcYQYJVv5K8O52Dz68QrJ8WLzEyaGQoRjYjrOccD9qbD3cu1zbsxwXuyGukXRanKkioCBBD1n1vmSBrDAVnYOeIuQ6kUuq3E-LpHAGY8BybPoMHgQv-y4vK87FMHw1qWcZcO4XUbm--m_tJubqfZMKGRFn1bYP6abv0pvQOuTPL3BE53XOOirABO3Jwu6aBOAEAZIFBAgEGAGSBQQIBRgEoAYugAekiLgVqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQp8AC0ggWCIDhgBAQARgdMgKqAjoCgEBIvf3BOoAKA8gLAbgT5APYEw3QFQGAFwGyFx4KHAgAEhRwdWItMTk2NjcyMTE5MjcwOTYwNhi-yQc&sigh=I3c28cbV90o&uach_m=[UACH]&cid=CAQSOwBygQiD05kVM9NwVk2-ibsUuH4XAmnWYl2MtURJs2LDKUKhcinH3p9jShHGkVvodekET0TI5fqNnNguGAE&template_id=484
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/9435663170226596128/ Frame D6FD 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9435663170226596128/14763004658117789537?w=195&h=102
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a3eb0d412ebad4b5a1071598a588656fc3bb83d4d1879f2dde4abd040248caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:39:37 GMT
x-content-type-options
nosniff
age
152867
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6738
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 11:28:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 17:39:37 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1371662540957626475/ Frame D6FD 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1371662540957626475/14763004658117789537?w=100&h=100
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4181150e69e0477c7789c92ec35ab64b29c101fde750a851c1068dab6d2c83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 12:25:31 GMT
x-content-type-options
nosniff
age
344513
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2473
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 12:06:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 25 Jun 2024 12:25:31 GMT
truncated
/ Frame D6FD 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame D6FD 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e5b43b0227a540afdeaaea7ad68db76b69833e6b27584db42374f8a3d11e0f5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/9435663170226596128/ Frame F05F 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9435663170226596128/14763004658117789537?w=195&h=102
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a3eb0d412ebad4b5a1071598a588656fc3bb83d4d1879f2dde4abd040248caf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 28 Jun 2023 17:39:37 GMT
x-content-type-options
nosniff
age
152867
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6738
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 11:28:38 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 27 Jun 2024 17:39:37 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1371662540957626475/ Frame F05F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1371662540957626475/14763004658117789537?w=100&h=100
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4181150e69e0477c7789c92ec35ab64b29c101fde750a851c1068dab6d2c83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 12:25:31 GMT
x-content-type-options
nosniff
age
344513
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2473
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 12:06:55 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 25 Jun 2024 12:25:31 GMT
truncated
/ Frame F05F 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F05F 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c8f3cc31dcfcb5b75194e0e775d43538872366b5cbd8cd54b7d3afb7c50a13aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
army.gif
paytolet.com/porpoiseant/ 		0
518 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIzM2RkNTIzZjhlNGRkYTE1OGYwYWE5OTY4NmRkYTdmMiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA2LCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDYsImJpZF9mbG9vcl9wcmV2IjowLjAwMDE2LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTg4LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDQxNjk4OCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWnINjKAPJZlDJ35o3r4Rj8DoqWaGqzxxs5mAOViuI54ZoRIDEK7AdZb%2BBz7vFhc72n87veAHEUevqtXhw%2F1djC22Qy6xjOItxgkSIQ8bBgcAWwDF7h0RG1oF6S9brjGAfnKspkPOZg6O0s%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649ea7ca16969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
army.gif
paytolet.com/porpoiseant/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA2LTMwIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OegzIvbtfoYpqlGK%2Bg6I9E%2B7WPDk6ysRS8v4mcSSRrpToJC4XTKEjx9mau2fyYiaNcff2BzPTQOLiVUldl4DmfYKWIORVDTIgCYEIfikb05OnI9MMhaPY5BhYQGmM%2BeFMKA4KoFBkFPHqTw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649ea7ca56969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
army.gif
paytolet.com/porpoiseant/ 		0
526 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImF1Y3Rpb25fZXBvY2giOjE2ODgxMjY4NDQsImFkX3Bvc2l0aW9uIjoxOTc2LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiYmlkX2Zsb29yX2luaXRpYWwiOjE0MCwiYmlkX2Zsb29yX3ByZXYiOjE2LCJiaWRfZmxvb3JfZmlsbGVkIjo2LCJhdWN0aW9uX2NvdW50Ijo2LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo0NzgsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s0cmKBeSeyHZDkb9Q1K7NdyqH3%2BWUPFuHoDJWywVmHuAlX63GuWFyINL%2Bgq8gjcyEuHKk4nwzkYPy4RoPDg%2BtpR5ZYHonY1qfJ5%2B36uYyfq3KH5HoCURPk2n%2BKdLUi1BavqVuv%2B0P8dtTTU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649ea8cc16969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:25 GMT
army.gif
paytolet.com/porpoiseant/ 		0
520 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI5YzNlNGVlOGVhZTdmMTQzM2NiMmZlNjliMTMyNjYwNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDA0LCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDQsImJpZF9mbG9vcl9wcmV2IjowLjAwMDEyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTkxLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDAzNDU5MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOK4YjpUjOmSy63rAmbUnaApPHPYzlQaI%2BuXALdCN0ENiZN0Yl%2BTeKC3Ae862pOD3EgBnbEUU3mJuGKwRJ2gYQ3ixWiM%2Fei3fOB1cJ96iMnCmJkIeUC0vxyTrZJztJotaQ2EDgGbQYvHTkI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649ea8cc76969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:23 GMT
army.gif
paytolet.com/porpoiseant/ 		0
520 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA2LTMwIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwi7RzrT8Vjxl0F56WRdDo3wwTGR%2BLhK9RXzFnKmMv0zs7yt4FyPOG78SID5dwjl%2BkwEgEBL3v0pcgPwrP01Hf3RCB%2FliKgKH44BrkEid1LkI30B5KCofZRmTK1VipkamJuqpkq364Exx1g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649ea8cc86969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
army.gif
paytolet.com/porpoiseant/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImF1Y3Rpb25fZXBvY2giOjE2ODgxMjY4NDUsImFkX3Bvc2l0aW9uIjoxOTc1LCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiYmlkX2Zsb29yX2luaXRpYWwiOjEwMCwiYmlkX2Zsb29yX3ByZXYiOjEyLCJiaWRfZmxvb3JfZmlsbGVkIjo0LCJhdWN0aW9uX2NvdW50Ijo2LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1NzgsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2B4J%2F0m68Pd4eiY9FeMaC8WiImTubUeTy3bkBYGm7ke2C23DOsPZPAccJ3crImiL%2BY89spRnjWjMBOg3QpRsKQvQPPX%2B%2BAHzhp0uP4SbrJam3P0idB0x9xgWtRlEjz98pSZUmOHvieRzKAY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649ea9cce6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D6FD 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 17:04:15 GMT
x-content-type-options
nosniff
age
500589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 17:04:15 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D6FD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 15:24:53 GMT
x-content-type-options
nosniff
age
506551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 15:24:53 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F05F 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 17:04:15 GMT
x-content-type-options
nosniff
age
500589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 17:04:15 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F05F 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 15:24:53 GMT
x-content-type-options
nosniff
age
506551
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 15:24:53 GMT
army.gif
paytolet.com/porpoiseant/ 		0
526 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODMsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils0NjgsNjBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMjc4NzM5ODU4MzYzNyIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMjc4NzM5ODU4MzYzNyIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiI3MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5OWLqQOQUU%2FWUdQqhs5yFtjBwgswGTLvoRA%2B6RgdY9SWTzUX%2FYeedt%2FOuyM6qWZfTc8Cv8NXx%2BcqppnoGmJMyudMbvDjhJGCesV61OvFqFHk8UQ3%2B3EzdfzY8kcP3XHlRRlqBivnJ241ToQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649eabd036969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=3962082692610429&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=34&adks=4258316528&didk=2639644830&sfv=1-0-40&ris=1&rcs=5&prev_scp=a%3D%257C0%257C%26iid1%3D6394153360637039%26eid%3D6394153360637039%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1909%26sap%3D1909%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D6%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-3-6394153360637039%26eb_br%3D33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D14%26reqt%3D1688126844613&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126844648&lmt=1688126844&dlt=1688126834513&idt=860&adxs=675&adys=2199&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x250&msz=250x250&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1a6192a041b913fba0bcd7d7872b0c89bd87cc32da52e1119754aeb70df21680
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:24 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
450
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126844734&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td10_tt5_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
90663950
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/90663950?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126845%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120724%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126845&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:24 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:24 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:24 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6FD 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:29 GMT
x-content-type-options
nosniff
server
cafe
age
5275
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame D6FD 		295 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:27 GMT
x-content-type-options
nosniff
server
cafe
age
5277
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F05F 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:29 GMT
x-content-type-options
nosniff
server
cafe
age
5275
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F05F 		295 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:27 GMT
x-content-type-options
nosniff
server
cafe
age
5277
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:27 GMT
audio_010.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_010.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c8fbb0a47bc73826d4dafbf1f595038571c7542aea9cd3bf7d672988a6f4dec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"606e7fae549f3ee25a85a4d2c9664d26"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ml5oEyYPuLjTck4KaAfPgItnJS6XkiLnBgt6ylPlaU0V8hoU%2BcOfor9O5zyNHNyc5D8X60oazRgA7fl2o4Wp4KVI%2BrEUAcJgaSfZEroW1%2BzDFHWJclL5ofdKdvhLmSEg3PTZbj59h5GNkS6OLprHX2TD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649ec2ef71989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40870
t1670023299_03_640x360p_30Hz_800Kbps_010.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		70 KB
71 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_010.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f428af85f42adbeaa00e96bf538e7e4c2cfb42865802f438210913b759216eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f86cc3798d56c0f6f096e018d498503f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6DpqFZ4li3%2BE2WOUaFhDTf9lLATzwxzOaKXxG4xuT3OJ6FOs5c%2Fhp8Pbn%2FqU%2B%2BnS%2FswDMhsYdFBeFhAh%2FDx0Uvf0di7C94R0kILfKB5PFd96FdsnCC8Afh%2BD3p78TsR8L6qRw1VOBa9mbjBQ3AITLl93"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649ecdfc11989-FRA
alt-svc
h3=":443"; ma=86400
content-length
72153
audio_011.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		39 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_011.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04f3852deee31c7a361d9e3399c0ba60163fcf56a0dc8d92fd1ff867d362b14a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"0140f001f51271812e5b1a660ad64e19"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b45RUEBV%2FAkMct1wrI8CNwUoLARM1l7OjoRApjRxGdheTgSb9DYXVrzk2eYTsl%2FSEUV2%2F7MAJYn5hdxRs%2BJULVKDaN70MtopYCwIcR5TonvshlhGljYB8PhB1T48gm3OFqPqtXRxooyy474CTfzs4bRh"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649ede8f01989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40206
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=51000&min_ad_duration=4500&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=preroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26ft%3D0%26ic%3D1%26iid1%3D248372558641397%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-248372558641397&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=3861343777&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126845152&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td10_tt5_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_011.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		47 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_011.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b8708d5e3043d822cdcdc633069af59b0e8b12458a5fe2e4ae43b4272aaa33e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d96a4dd8a38adafcbb321951d10245ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XVevTAsxNdqQgLtDKojfV%2Fz%2FH%2FFVL3TTP4gmrdN4sDqtOfyWBpZ0U54WpbDNnovX87JiuOVGjrgsl5eYIlbZVYlbrOmOHmDmDsZ2LO66ld607ZEyOY6UXhOwlICgkJyfbDPV9nPtE36fMx0zDHe4G7uN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649eeb9e91989-FRA
alt-svc
h3=":443"; ma=86400
content-length
47782
army.gif
paytolet.com/porpoiseant/ 		0
525 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjI4In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMjc4NzM5ODU4MzYzNyIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTExIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4MjkyNzM4MTA4NjI1MjgyIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU5MSwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjQ3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0ODAzNDM2NDA4NTk2NzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjQ3In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vE598wr5F4xlkFri5K805prYZ38fZaRfIxGaHJ1xX9KCcuGaabGbvpO%2BA%2F3WWJQP%2B%2FGNtrBpa0hgeUfI2QdNv6rRqTCPZ6GJp2UZNokPPiMm4Jlug%2Fr5AN64Rq6MFA4UYbdzjNTWLzAI%2B4%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649efeae06969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:25 GMT
army.gif
paytolet.com/porpoiseant/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjM5NDE1MzM2MDYzNzAzOSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjI1MiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzc1NTUxMTcxMjY0MzEwNSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjExMTAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjQ2MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IToNmh26OVrxRl4DpTBgRG0eRsctMatVAtd5GOTt%2Fdub98CazFJ3lFqVH%2B57%2BNPZW0Um2HN%2FaFdsbXgrL0nDJw5K2mLrURpKHAEBrF21J21RiR7UCIk0An2FMkPgnLBE%2BeL1xl0TeGITIVQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649efeae26969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:25 GMT
army.gif
paytolet.com/porpoiseant/ 		0
527 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzUzNjUzNDI5NDYzNjY1MCIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiNDM2In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxNDEifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIzMjc4NzM5ODU4MzYzNyIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1ib3gtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4MywiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiNTY2In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTU5In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjg3Mzg5OTgwNjUwNzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDgzLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTA0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4MjkyNzM4MTA4NjI1MjgyIiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDU5MSwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0ODAzNDM2NDA4NTk2NzE2IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk4OCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTQ0MCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMzAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=apt%2BH6WbcJYU6XMUsk7BG%2FZaMl0%2FG7swUdDfz46tzARAbxlsifn91UpXM9X%2FJhsqtgpuSjiQuJrSxFF%2FLSXZBflUFW18vqkb1ZhBc%2BJYBqcbHgKEHRZuuH6%2FR4lzRLlir4iSLFKWf4mVEVE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649effaeb6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
army.gif
paytolet.com/porpoiseant/ 		0
518 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjM5NDE1MzM2MDYzNzAzOSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiNjc1In0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIyMTgzIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzc1NTUxMTcxMjY0MzEwNSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtNC0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjExMTAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMjAwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI0MDk4In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SO0Notm60HKQv5P42cnAuwH27%2FOxf4QEnr2sb6tRLdVHwwoEKSROEBwN1jRg4kq3J7G9yyvnsTuLEk550OTT6IIeZ3IWw6eC5QWDZsQ4KHaOqHpIbnxXWFHHTMzk93ddB2nVIWAftHZ0krU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649effaed6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:25 GMT
collect
x.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytolet.com
Date
Fri, 30 Jun 2023 12:07:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=5&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=422902125&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126846%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120725%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126846&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:25 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:25 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:25 GMT
audio_012.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_012.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c8c21270426c132b755f12eefbecf851e2faad5d40824b33a279b7ab1afd92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"14d52a93878f3c924b2cc365b5b329f9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YCnwvIwzFDOfbpyLYtuuavHo2h60WLpJ5P2ZsOyUPA9299AfK%2Bfks1qyByKRY7vjGoHHStqxNIam0GenTBBO4UshlqCidbswhqkdA9S%2FBVdGt40lHVqPBrOCzVHL1sd51oHp0WlGJ2YauWx1DlskSQcs"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649f1bec91989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40625
vad.gif
paytolet.com/porpoiseant/ 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/porpoiseant/vad.gif?e=%7B%22ad_filled%22%3A0%2C%22error_message%22%3A%22AdError%201009%3A%20The%20VAST%20response%20document%20is%20empty.%22%2C%22url%22%3A%22https%3A%2F%2Fpaytolet.com%2Fpublic%2F%22%2C%22pageview_id%22%3A%22c2c3f7e1-3a16-4fad-421c-78a5c4d200de%22%2C%22visit_uuid%22%3A%22b16eeea4-a8ef-4771-77cd-6305a4a265ac%22%2C%22template_id%22%3A134%2C%22domain_id%22%3A410164%2C%22vab_test_id%22%3A%22mod58-c%22%2C%22video_ad_impression_id%22%3A%22f6c1ca25-5363-489f-9b2e-bc18e339f7f3%22%2C%22uuid%22%3A%22f6c1ca25-5363-489f-9b2e-bc18e339f7f3%22%2C%22play_cnt%22%3A0%2C%22pause_cnt%22%3A0%2C%22completed%22%3Afalse%2C%22errored%22%3Afalse%2C%22skipped%22%3Afalse%2C%22clicked%22%3Afalse%2C%22viewable%22%3Afalse%2C%22ad_position%22%3A%22start%22%2C%22video_impression_id%22%3A%22a1fb5727-0dcf-4392-8886-761f0f7ae192%22%2C%22ad_client%22%3A%22Google%20IMA%22%2C%22ad_system%22%3A%22Google%20Ad%20Manager%22%2C%22ad_index%22%3A1%2C%22player_name%22%3A%22ezvideojs%22%2C%22is_outstream%22%3Afalse%2C%22impression_id%22%3A248372558641397%2C%22ad_unit%22%3A%22paytolet_com-video-1%22%2C%22ad_src%22%3A%22https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fcorrelator%3D91549695884%26description_url%3Dhttps%253A%252F%252Fpaytolet.com%252Fpublic%252F%26env%3Dvp%26gdfp_req%3D1%26output%3Dxml_vast4%26sz%3D400x300%257C640x480%257C640x360%257C300x168%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fpaytolet.com%252Fpublic%252F%26ad_type%3Dvideo%26hl%3Dde%26impl%3Ds%26max_ad_duration%3D51000%26min_ad_duration%3D4500%26npa%3D0%26tfcd%3D0%26vad_type%3Dlinear%26vpmute%3D1%26vpos%3Dpreroll%26iu%3D%2F1254144%2C22852681713%2Fpaytolet_com-video-1%26vid_d%3D53%26vid_kw%3DPay%2Bto%2Blet%252Creal%2Bestate%252Cproperty%2Bfor%2Bsale%252Cproperty%2Blistings%252Chome%26vid_t%3DSell%2Byour%2Bproperty%2Bin%2Bminutes%26vpa%3Dauto%26cust_params%3Dap%253D1%2526d%253D410164%2526eb_br%253D60474211daf1dfd4d90000ea01f56c30%2526ft%253D0%2526ic%253D1%2526iid1%253D248372558641397%2526plat%253D1%2526t%253D134%2526tap%253Dpaytolet_com-video-1-248372558641397%22%2C%22param_gen%22%3A%22ParamPositionOptimizationExperiment-V1%22%2C%22position_gen%22%3A%22FrontLoad%22%2C%22vad_type%22%3A%22linear%22%2C%22skippable%22%3Atrue%2C%22min_ad_length%22%3A4500%2C%22max_ad_length%22%3A51000%2C%22ad_type%22%3A%22video%22%2C%22allowed_ad_sizes%22%3A%22400x300%7C640x480%7C640x360%7C300x168%22%2C%22t_pageview_time%22%3A1688126834%2C%22bidders%22%3A%22%5B%5D%22%2C%22received_bidders%22%3A%22%5B%5D%22%2C%22video_position_id%22%3A3998%2C%22auction_retry_count%22%3A8%2C%22fallback_type%22%3A%22drop7%22%2C%22bid_floor_gen%22%3A%22defaultVideoAdBidFloor%22%2C%22multiplier%22%3A3.5%2C%22winning_bid_floor%22%3A0%2C%22max_hb_bid%22%3A0%2C%22bid_floor_type%22%3A0%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ufbMMJpxH2sZswfR93kWwcANMa3mnolhbiVPUFND8OjahpzvwW8kkTW06YJbVB8lm9c3jU2k04pCAiO0VUEY7DOJcOH3BUHOXJm9USdewwNCXpIN%2FlRCCDh6UC99hG3l8sn07q508LYV97s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
7df649f1ccd26969-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
priority
u=3,i
expires
Thu, 29 Jun 2023 12:07:25 GMT
army.gif
paytolet.com/porpoiseant/ 		0
519 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pJ8wnTUliyKOG901rzXnPcHtMYNtNVQedtTVGrLv8cN0i63nXBN8IVAA2MmmjLv6ESIedut9%2BaCUDTQSwif%2BDX5s6P5aHkU6vfiV5Y1kOpoaqJkglK3TzzhzWM0t%2BI6wYL8Lpq3aoTbxd7M%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649f1ccd56969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:26 GMT
army.gif
paytolet.com/porpoiseant/ 		0
523 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvIpVuIUbD3zfM6Q7ap3j40C1KZvFQBFS%2FgTuEYNEm8bHwly1rAdFSQOAgeDs%2FeAr9LqvGS1NjQ73jjnpmdoJ9LMY27fbI4bllvtakk9A2VE4TAZNOC%2FY0pstOrHnP%2B%2FrEsZEJRqyReCIGA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649f1ccd66969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:26 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
t1670023299_03_640x360p_30Hz_800Kbps_012.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		37 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_012.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0036cfc357eb4e1da31490b95a1c4e5cf14af233b500b53eabb03700a0f5f0d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1b641aa6e5853b931c98fa7ac251fbfd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OiCWRqmN8h1iNEPs%2BrLHpXqiwxRAuLJH0o%2Fx6vBR6g%2Fb8gXSvBNENib%2FhpYT9w7Sy3%2BaKwDj4XmIdUh43mgh6yEIagwQzvtblVgkdGe5r6SsXkUwUcwKP9ocr1N8KCndxboc8pQius17Mkh5M5hbw%2FC8"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649f1ef2b1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
38043
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D736e09a0771285737509ab8954c475a7%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126845748&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td11_tt6_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D6FD 		42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstU5OK4ESPmCo0qwzPuSxZYl-SVPochYjHxrOYKj_2BmyXDmv3KAJIIAEAyZwqxUkhSi4POlFqyiOFFqvIs0dR9N-sWt6eILIItbmWbFsVVZ54jLR8bUvoYVpa6XPexBNYAy5Qm3mpdaSxcLiGqQ1RyiVPNHg2WH--oS32e3t8&sai=AMfl-YQvqyw7bfIevI_0VpJQFOSf7Oia7DTGxie9DgsSiRF2SZhZOGtBUoVHL4yA5MtujXwq0O_lIQlGdqNrzMK2lMpuOWbK2VN6SmUUNkTtnZ4EVW6JqXw_G4PeCSQ&sig=Cg0ArKJSzE1FsOr8I60_EAE&cid=CAQSOwBygQiDOCORaqcrpYN-bGBnWPT80IhqcLnXvE4OjyI2QAXLIIIKawQElQKYer_95UWThRCOvXuvVXIeGAE&id=ampim&o=1440,302&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=471&tls=1483&g=100&h=100&tt=1483&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F05F 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTcFKYW9XzYf1R67TJ4fmZYszUCVPIRXQenk44sbJLVO7uDMpwnOuRldW3cJRl4_03P6IAC2BgpaW1GtOWLXijCMCOZoRvtRGGoLMyvu5eQcT2nEL-Rm0mltz1gYmRQAithTOcbNPQfN9kmIh3zpygE-0KZmu-oPq4UPHVR9s&sai=AMfl-YShbzAKBrHBsNsdPt_fM8gp3JAdG7nl6mD1d6TKy8OcAhxZ1x7ayrJmbU4vq29YkwUZb5HNLLFl-naTMHE5vUb4QcMJNwEU6JJdgxSJOtpJfpNqhs76K13gMi0&sig=Cg0ArKJSzLai_GdLMW6GEAE&cid=CAQSOwBygQiD05kVM9NwVk2-ibsUuH4XAmnWYl2MtURJs2LDKUKhcinH3p9jShHGkVvodekET0TI5fqNnNguGAE&id=ampim&o=0,302&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=450&tls=1462&g=100&h=100&tt=1463&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
paytolet.com/porpoiseant/ 		0
525 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAsNjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDgwMzQzNjQwODU5NjcxNiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5ODgsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZS4QaNAVW5qrSQnCBOzXkTdSV%2F35i3ewzznXlYq%2BnAngXZO5sOMcrhRVpXl%2BWx6RYYHfVocbMhG1W2pbkmJGCYyZMZ6evI1ZvnjJCYDG%2FcsvgGshL78DB8H%2Fe91xGTll1ikumIjG8JzlQQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649f36ecb6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1DF8 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZM6IEyio7xREZ9_JmL1WSaBauY_WLS0a-KPlKUY93u_jw5N2ebmrD0xSvMRGDGsiGOcYhS-7rm3AKuoKFreJLWZzDtXLktF6P_2bHBoW8Hc_JQ_DgWzs1mJCyv3QzPFnSIH3wckp_rCzw&sai=AMfl-YTX4Bsa3s4UBoc2PNlNpU8R_-duEO1PzTs_Qm-gXIo-ZimYjpcHFL2ku9E5fKKKyiCSHOoAL8mFfR2FUylx_l1I3hYKjf65M8h9P3kAO9IxVlopQmSfJY1m8ao&sig=Cg0ArKJSzCcbHEbj6abxEAE&cid=CAQSOwBygQiDJafWTFoWF9BX8DSixzL9ukttaEP-Yw-at5izoI0Pmpe4QgGRiyE8urs2_BsD7j1uyWUZl5olGAE&id=lidar2&mcvt=1003&p=1175,566,1235,1034&mtos=0,0,1003,2476,2476&tos=0,0,1003,1473,0&v=20230628&bin=7&avms=nio&bs=0,0&mc=0.68&if=1&vu=1&app=0&itpl=22&adk=2888625247&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1688126843011&rpt=492&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
paytolet.com/porpoiseant/ 		0
521 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMzI3ODczOTg1ODM2MzciLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tYm94LTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTkwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODMsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c09KlCkNIihRS4jfn93dWGlij8tmyO%2BDUxq8F%2B3pwqcxGXTGbXy2u30RsvQccy4GeQE0Pwbc95bpk6AeDPq74dxeVNbHP%2BGEEYNYLiCrvVef9b9DV60tcTBhz9VjjnoperHGVAK%2FDjBNy8U%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649f3af096969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:26 GMT
army.gif
paytolet.com/porpoiseant/ 		0
519 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlsxNjAsNjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODI5MjczODEwODYyNTI4MiIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1OTEsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BDfjGiiMagdVaBfvcltT00l8Bhpdhil8aMve%2BthgOr3irjU84ZmxN6mZ%2F0q8s1h4yoU4BY9%2BMaAeXWZBywReQWtioI7Wn%2F29lraFNHDRh2ArAJac2ku7Fh41TtL6pmzkS3aaybRIdwJcXY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649f3af0b6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:24 GMT
audio_013.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_013.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f36c2f4279c3e47b70d9b91e7f7b740ffbcd58aebd11a23113e06d1519146556

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"bfcc2c84f17183ab5d51f5a439b795a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fRMnCU5Tiw8zi9rRV6kZ5DRdgajadXVyJufxoQ80%2BLW9F5pa4PMStG4jWg2KLbCX%2Fp9xrXBOrZ78S1K%2BppVPTduJty6hMa%2FmtOfrjuPEkjrIdeyJc1vMSOI58lmLLu69XAa8k%2B2CQH7bD2JKxFlWBPe5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649f46a371989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40689
t1670023299_03_640x360p_30Hz_800Kbps_013.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		43 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_013.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16795058639bd67daebbddddbf61cc655fd0b0f9768accc663d7dbb2e3d08f4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f84cf09074e0fc998bf95cd80c0d32d4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vjt5a7N0D1m6EoW%2BNN3Y8b9yG3e1CpNhqao0SLrPHq6Ms85jaNyr%2FtgYalm7QPgOxkMDh5lwfi5gN1HlfAR4GmueCNb75u1CAh5Auga9ApcGG%2BxNRzHAhJlIPMbbzGJ6MfY4DEB%2BeqazGycJJFFmhg%2FA"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649f46a391989-FRA
alt-svc
h3=":443"; ma=86400
content-length
43586
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		55 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2148447624948998&correlator=245942656701667&eid=31068366&output=ldjh&gdfp_req=1&vrg=202306270101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=1254144%3A22852681713%2Cpaytolet_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250&ifi=35&adks=4258316528&didk=2639644830&sfv=1-0-40&ris=2&rcs=6&prev_scp=a%3D%257C0%257C%26iid1%3D6394153360637039%26eid%3D6394153360637039%26t%3D134%26d%3D410164%26t1%3D134%26pvc%3D0%26ap%3D1909%26sap%3D1909%26as%3Drevenue%26plat%3D1%26bra%3Dmod58-c%26ic%3D7%26at%3Dmbf%26adr%3D398%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Dpaytolet_com-medrectangle-3-6394153360637039%26eb_br%3Db6c98a8bb15764f1c4ee331dcb724178%26eba%3D1%26asau%3D8408181829%26bv%3D3%26bvm%3D0%26bvr%3D8%26avc%3D4%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D2%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C19%2C2688%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C4276%2C19%2C2688%2C2693%2C3045%2C3053%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D6%26reqt%3D1688126845160&eri=1&sc=1&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&abxe=1&dt=1688126846209&lmt=1688126846&dlt=1688126834513&idt=860&adxs=675&adys=2183&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&frm=20&vis=1&psz=1410x250&msz=250x250&fws=0&ohw=0&psts=ABnkTfBy0XFcFshnkgY_LYb-WJLQ&ga_vid=1136948999.1688126835&ga_sid=1688126836&ga_hid=1663611148&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b9a13423c09a7c3974066c077f75c392399814c71e806f9538244544b529f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12653
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://paytolet.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3Dc5429b6ddd929d0bc40a832a87789a7c%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126846249&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td11_tt6_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_014.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		81 KB
82 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_014.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c3c5dc0d21e694a5d611cf938a26c7c551854225939223287a9d0327f50c61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"17e79d369a52700b1b2e7b88f2d1f7fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INZlLyY0UXWbbvdPLP80dPNNBe%2BesJj%2BRqzsIuq0R7jlQL77gbTlJJvH80fPEFKFR%2B72ZSrOFGTY%2F%2B2opB6OpK5E2f%2BNJacvSqzpFlF6VWDVF0Qm7OqEMAcvrsU0gsrhYTu8PXbvCzukwURpOgzrYgbo"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649f66cb71989-FRA
alt-svc
h3=":443"; ma=86400
content-length
83079
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D5297de5240aa45da173a0792747e0d26%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126846580&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td12_tt7_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_014.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_014.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8029a54754155cb338adad4a854e755c0efffc08713538fbada06d007d3fbd42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"368fd7e10b14f937ce9f52448d4602d1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MVa5RYagsmi0QrO70yMT23hqh66mObqdyuuaGBBMbU%2BL8D0FDENrRAQToCs5Pr8wLt86J6Zcvv52IpnhiiXkK7QCPGmGykMY%2FD5LcwXIjTtZ%2FKVyU8ako3Ng%2FI4CMyCA9vx%2FhJVh94niQWlQEOXcho5a"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649f9e9281989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40801
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126847%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120726%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126847&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:27 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:27 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:27 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012306200257000/ Frame 8D8B 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61862
x-xss-protection
0
server
sffe
etag
"bf95dc6813023782"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 8D8B 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5232
x-xss-protection
0
server
sffe
etag
"b6c1e0819a00bf67"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 8D8B 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28873
x-xss-protection
0
server
sffe
etag
"75041cf86819093a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 8D8B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5f86339daf79d63d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012306200257000/v0/ Frame 8D8B 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012306200257000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 26 Jun 2023 17:13:26 GMT
age
327241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12958
x-xss-protection
0
server
sffe
etag
"bf1167c9eaa58b59"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 25 Jun 2024 17:13:26 GMT
css
fonts.googleapis.com/ Frame 8D8B 		8 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500,700&lang=de
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 12:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 11:36:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jun 2023 12:07:27 GMT
css
fonts.googleapis.com/ Frame 8D8B 		6 KB
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500,700&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 30 Jun 2023 12:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 11:16:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Jun 2023 12:07:27 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8D8B 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:29 GMT
x-content-type-options
nosniff
server
cafe
age
5278
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:29 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8D8B 		295 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306270101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 10:39:27 GMT
x-content-type-options
nosniff
server
cafe
age
5280
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 01 Jul 2023 10:39:27 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 8D8B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxCWafsWeZKCeEpba1gbsrYrADOeS9_twxJ-ZpoMRqqDyqdM8EAEg9PnGJWCV6rOCwAegAdOx-cgDyAEGqQLYWKRVcTyyPuACAKgDAcgDCqoEgQJP0HxqB0VOBZg5jBDkZMqCP1nSzHaeJXE3EIqyEYT-KPGjsmEHeO7ohJ8gCE_3F1eFfXPjJFqvyRsKEi7exv67FbCBKGHlSxD2BibSxnaUT3pL306S6-k2XclJd5YHci9G_EXQMhsI4spNPol6QVUwTbRK92ZPS33RYj3bB6z1GPdjQ7PDs37rINX8nxMoIZPKumSNWy22tI4NkVRwMlkvnKd3Xh8nmWOVCb_wowXUCKaAo4R2nKSg3bIRiUoFTaIIEyyMJxv6suIOSYMpzgU_R5BSbk5VpaxM4k8n38hz2xK24Idnl3ny_DW8sCDWOWNiJon_BEtVQ3n7rpom9BoSScAE_afWvZ8E4AQBkgUECAQYAZIFBAgFGASgBjeAB9aT5TioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCHpAHSCBYIgOGAEBABGB0yAqoCOgKAQEi9_cE6gAoDyAsB2BMKiBQB0BUBgBcBshceChwIABIUcHViLTE5NjY3MjExOTI3MDk2MDYYvskH&sigh=kP4TaihHTvg&uach_m=[UACH]&cid=CAQSOwBygQiDsfUroI-Em104yKRMfW1boAKw3OZRsGHEgpmKzQKZCYRckV8AUnx2N7yVYd1aPadJZYTUrbi9GAE&template_id=492
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame 8D8B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSpJWPFsWaBSUJWT6MtrA6GmsnoXD0xqXlNlCB1q5o3u48xZ3p7LFOcr2bkCjO9ppj4H_3wdgXjelHxkJUZL701WyMfSw
Requested by
Host: paytolet.com
URL: https://paytolet.com/public/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers
truncated
/ Frame 8D8B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90cf59341a805059898e3cf459d369e422c5c8987e8160ecda2480d852889e3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/png
army.gif
paytolet.com/porpoiseant/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjM5NDE1MzM2MDYzNzAzOSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2Mzk0MTUzMzYwNjM3MDM5IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTkwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYjZjOThhOGJiMTU3NjRmMWM0ZWUzMzFkY2I3MjQxNzgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYzOTQxNTMzNjA2MzcwMzkiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAyLCJhZF9wb3NpdGlvbiI6MTkwOSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDA2LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjM5NDE1MzM2MDYzNzAzOSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NDg2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2Mzk0MTUzMzYwNjM3MDM5IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTkwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiIyODY4NzI3NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FpdbyN4skd10TxpJzrCrp6p2zCdFRpEI8aUglBOO13LbzAhzddwlgRQH%2FmEyh93ltcq5ToUEPx12vbh%2BpL2bhii40PmFjBG%2Fc3zvnyENk1hBydK92Y%2FB6pLAfWlrY4xRE2anPDjxGngBQVk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649fa7f6e6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:26 GMT
army.gif
paytolet.com/porpoiseant/ 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjM5NDE1MzM2MDYzNzAzOSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDYtMzAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fS4N%2BOZOspoFecGa2RRtyE9zuEF0xZ73aIsHQMcPJAHnYu0YbV4lwpmEwTEGpSLI%2BwGgMHwVFRPzH5%2BYP%2B6eDa4HZImg2XOOaSVnv3D222kci4OLSlXAWxjASkArrL4UeaiOjE%2Bz1AdExYk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649fa7f6f6969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:27 GMT
army.gif
paytolet.com/porpoiseant/ 		0
522 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjM5NDE1MzM2MDYzNzAzOSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYXVjdGlvbl9lcG9jaCI6MTY4ODEyNjg0NywiYWRfcG9zaXRpb24iOjE5MDksImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTIwLCJiaWRfZmxvb3JfcHJldiI6NiwiYmlkX2Zsb29yX2ZpbGxlZCI6MiwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6ODc1LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2B5SQxhNFiyQSwxzE1uVchIrz5VZOtv3mTcubriPM1UxzOkuW427cxSbBndsjRgA2ooAY%2B2ahvStQI2PTmvdTWlazztD%2FHPrRJZmSZSQ4hqT7tw4ek0kgbL3%2FYtKABCM1zD48lwVj1uqyns%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df649fa7f736969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:31 GMT
90663950
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/90663950?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126847%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120727%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126847&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:27 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:27 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:27 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8D8B 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 03:30:27 GMT
x-content-type-options
nosniff
age
549420
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 03:30:27 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8D8B 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500,700&lang=de
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f3.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://paytolet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 24 Jun 2023 17:04:15 GMT
x-content-type-options
nosniff
age
500592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 23 Jun 2024 17:04:15 GMT
t1670023299_03_640x360p_30Hz_800Kbps_015.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		36 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_015.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1732ed26401f1174d7e1c512d8fbc1e9b0ece818c97b9e16a120daaabd2f0fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"8fe57dbffff638a45ccd37cb524cef3b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFH5%2BCOVYibzrZM%2B9LMgJJ2sgI3zu4m0mB3dO9Wocb6TssrLBpT7ICgHcWJ9cUoAf%2BeHzujmJ5IYMVPxWmDOKp5wyD1fm%2BCX8m8Xe0iZrBnwZc1l811RtemUmqdGN%2B6aSD5zuk%2Bu7ERTeMoSNXmSg1lF"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649faaa351989-FRA
alt-svc
h3=":443"; ma=86400
content-length
36765
audio_015.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		39 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_015.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846b4829e247d008ef9d406060ffd9fce0007fe4cdb4d561208acd493ade8b8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3c4140868689472bc12ba70ccf15989d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bue4KqJ%2B0DeLmVj4sOU6E9qEokk6c0CAvZaL8zBm%2Fl3asN8FeAq0H74YXOO1mJtZp9pozHcA9oXkMWfpmgYopO%2FiVSnADTn3%2F7lLlBw7bbCOaM5tJ80yS%2BKAvvbXTIKtqyqlGsDcGLzm42ZKXgFvfedT"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649fbcb851989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40141
t1670023299_03_640x360p_30Hz_800Kbps_016.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		46 KB
47 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_016.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c672193f3799112a5eb295d25cb9ac9bfafed1ff209e84091b7af065ce66b835

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9f28241dedee74cde3879a5b12c2aced"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxdy5Z93sXP9AxbgAP1GoRCufoDBEVPX%2FyuPdvmlffcvNv3mGbtoWs5A2DSt%2F1adeGRN2ixvvZzw6icCGd1AjetH55UWcYU5ten8HCGatHVK5U2Em9H2ubyTwMfFqynnRAtvC4y4Yc703m4LsPrgSQpN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649fccce81989-FRA
alt-svc
h3=":443"; ma=86400
content-length
47434
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D8b07bae800b215e481d05a271b3e723b%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126847536&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td13_tt8_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_016.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_016.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74d603cc33249cccc6f16312ec756905ef513c6cf019b72d125e86ea7f85f8dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"f64c23cfba332845e4bd0a5caa9a0e49"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFXD1gBrvZzzsV0t7FlJBArHyTYpxGsiM8PfQZ4LiE1N3aLgRXJIW%2BGEj3ofqBp9zXy0xLd3YG0tV%2Foxbz0DMw%2FVu9DovDvi4UuoiAQtxJ18Qn3cARyJg8ENptXFOuMr0vRhWx5%2BQwwXMlNGye%2Fybl6B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649fd7db31989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40703
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=6&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=682587269&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126848%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120727%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126848&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:27 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:27 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:27 GMT
audio_017.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_017.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
894a169463d47e41e0b592eecc5e327530ebcb5c0916303c7b842bec104257d9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"cbe3abdb527d11633d7a466fdcc00965"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFHvL0uVFwln6AocY4O3zZsjV3d9lkuKggH4OEpOJ6caAdOOLrXuPzEvjkP9DPYF6PSbJoj7L0vaY2jU3QAif2L9gDznHKaaN54S8VqjBj%2B1QU4oYuql%2FoGfI6OFdbaDepzfkhzhCKpKEPIQvd26THSO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649ff48041989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40803
t1670023299_03_640x360p_30Hz_800Kbps_017.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		46 KB
46 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_017.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008d5b9cbb295c364277d6f0a86c5928e6a6add28ec9e673f423f93d151d2d4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2da562dbc95c2e6bea4f8578c561abdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsPHdN5anpbndfbBFKvGwDOp9jwNWW9hK2PhPv47D8vR4oMUrpkDjjuacr3oQF%2BuYtIyKEZ%2FD9s65Xa0spU3Ss5YFjXZaG8%2BmsORo0YmxGK2jJ1BeOr4j%2F3SQkwKouLbnDX%2FQZIgn%2Fi6a0Q7GSvD%2BrkQ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df649ff48081989-FRA
alt-svc
h3=":443"; ma=86400
content-length
47053
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D26dfa00588543c52511429ade391f561%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126847968&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td13_tt8_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_018.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_018.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2277b499b35bc832203bcfce378fc38066468341a2fef9d163b67de73ce3359e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a92f37a4a31c48e7c5fc0bdb31ff1488"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BKGFCHcWFBpgynP6aAYC76DjKo9cBgeD2BPW1i2jHxuWsMDL%2FO%2Fb1lcvrxfTyJ%2FpXeCg%2Fadq72sBEYkfRKHQWmXZcqTfj5PfQiIZQnaCEWkdsqeWg9CoesIPpBcZa8y7bgnHJ%2BB25U5FgQ182UY9XmM"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a013b081989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40743
t1670023299_03_640x360p_30Hz_800Kbps_018.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		36 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_018.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02cb3529bbc37aa59658296abd27501b06ae205a06569b1964597a310512bd65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"15ea5de294c510c0224e01d429eae2a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mAljFzBE1j2nkg%2BTeDRQdrQeoxLn96MzwVBkvXsRFaxN35Nixb%2FzJ3gYMNH5%2BQcY0zOKnTNNd7M5hJlsuhTTYFw%2FPFGxjpW1tW7o%2FUbqTuEYEW7S%2BDT2x8qv5amq3K7dDno%2B2c93NKH3QGFTPAZ0AuVJ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a013b0b1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
36657
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D76163170a8636ae5b88417f095893e08%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126848227&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td13_tt8_pd13_la13000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_019.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		43 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_019.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b21798547e221a7a1de8784a777cb49f756530dfc595ab00b21af3d2fe41aca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"78d348891f19af5d873e2bc6cf79dd5f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5M7NvX%2Fc%2BvQhIWZAqRz9XkFoG3tyVSRJYIVOU1eCJVo3VCGEpjthiiZ6z3BgvMUhm%2Bcr%2FlNML%2FoyvYlvTuqaDFCF9%2BEja9t4VrA96%2BI7lVHvcBlXyspk3OyldfJr2va4Z1YCo1W3H4WVvxc9abg3fs%2FE"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a02ed501989-FRA
alt-svc
h3=":443"; ma=86400
content-length
44271
audio_019.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		39 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_019.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca4e691c8ecf912d29e9a8eb8e43e3990f8684f1944ad297ced19abb7777bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"465daa80674a9750ec82e8034f0c3654"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=avGh70TrUdUuv0gcl1YB0p3Zi1cy08%2F36GfCMoyycu50Z%2FYHsNGCFuJbmU0LXoCiwGSICkscy%2FxLnYFxYBPCnRWxk5mjWFipIoEFqcrS7OWlcidp%2FbCg988xgtmEy8OSXMX0wsrYfhxsKD0bVSJ59gJn"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a034e2f1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40145
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D57914c3716312cb7e954090f0717ea25%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126848563&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td14_tt9_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
army.gif
paytolet.com/porpoiseant/ 		0
520 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjM5NDE1MzM2MDYzNzAzOSIsImRvbWFpbl9pZCI6IjQxMDE2NCIsInVuaXQiOiJkaXYtZ3B0LWFkLXBheXRvbGV0X2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTY4ODEyNjgzNCwiYWRfcG9zaXRpb24iOjE5MDksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJERSIsInBhZ2V2aWV3X2lkIjoiYzJjM2Y3ZTEtM2ExNi00ZmFkLTQyMWMtNzhhNWM0ZDIwMGRlIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDQ4NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzI1MCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2Mzk0MTUzMzYwNjM3MDM5IiwiZG9tYWluX2lkIjoiNDEwMTY0IiwidW5pdCI6ImRpdi1ncHQtYWQtcGF5dG9sZXRfY29tLW1lZHJlY3RhbmdsZS0zLTAiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJhZF9wb3NpdGlvbiI6MTkwOSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkRFIiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NDg2LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjYzOTQxNTMzNjA2MzcwMzkiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ1bml0IjoiZGl2LWdwdC1hZC1wYXl0b2xldF9jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2ODgxMjY4MzQsImFkX3Bvc2l0aW9uIjoxOTA5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiREUiLCJwYWdldmlld19pZCI6ImMyYzNmN2UxLTNhMTYtNGZhZC00MjFjLTc4YTVjNGQyMDBkZSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ0ODYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EHT8zH1zaWsJJpsj4Lu2Onq%2BXA41dlieH7Ip%2Bq68ctrHhZoibT0ZuDQHyEsKwdxbFx7SAn15gQtOiqA3f%2B6iW1ZXVT1LWXDqM9ltzPjKMB8lOzqIOiafDj3wMNGNXuPJ9YkLnWC5uL6y2Xg%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df64a03ba706969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:29 GMT
t1670023299_03_640x360p_30Hz_800Kbps_020.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		26 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_020.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad60703d9e1fada0efeeefd57dab3b75340f91b4bd76f91d1dd510a972bf2f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"221cb717a3b21bf43442da74efdb0427"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr%2FmqKS%2ByN1fJlE87inlX8v5h6fqXp7LUI69YQk0QZrMtfGmzVyIMi1iSaybzt8sDfMQHypQyoR2fIBkbYqlzO5V0ZgZuYmH1%2Fo61Gfm%2BbipoVb%2Fh8Mtr0tJAoHHywuA121n27k0VpKqrU3Pws%2B7WBiz"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a04d8021989-FRA
alt-svc
h3=":443"; ma=86400
content-length
26661
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126848871&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td14_tt9_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_020.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_020.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df583c9245accff3497b6ce704b162783db99dbea1dc131714f3244ff31a1f2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"a152d6a9e9030aa74eefc4cc53b15a62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwFDKOyYt8blEEy4VKq5MP3sSh7AJyVRjQiyzfUKGFNfYBHjAOINNA4nQEPO2KR6RD%2FyEJFsotsqV4CJwnfpSivLMWYiN%2FFGQw09QxFEhfVPADgUdGM6jEwbduVubAo1f06GKOdtSnwfD2O2%2BUT5h77C"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a05c9351989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40665
t1670023299_03_640x360p_30Hz_800Kbps_021.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		17 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_021.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0037fcd2248e05387a3b319432729f160597976bee1f093cf508e95680296c32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2123994e596a6266c94f63598b5e51e8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJkptGC1AOdN1BY7Fm%2FQmS1SUr5B07qS%2F%2BVB64M4dRLAhsEW9OIc5IpBXMrxHR25myq7f0fsx%2BA6BHDDxTIdEBbcq%2Bwzs8wdaMqGU8MJ6oPDwdS0MAI7u%2B3tdFTs5bjVd1JY22ouJUAy%2B%2BSt%2BHF47mgP"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a06ba571989-FRA
alt-svc
h3=":443"; ma=86400
content-length
17145
audio_021.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_021.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e3b2986e8a2b5f9b98648c694bd23ca94aa5ded7336385b9135d817013b086d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"aae5c92a6e32c5a312ca4e936b4b8ac3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXjaOYMwdIIl0lnYnTzjaV2iZwXVWFoj6LTA2nWGnSEuFaWhDkL44l7BOswoFEPrntg51OqbSIC6zbvqnkr9zHJqqM4DCxEIEvH7EZIlzuUNdiCBPTHCxqr%2Fzo9UuCUyrr87zVD14Eg8yZruut%2Bw006r"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a07ab8c1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40888
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126849379&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td14_tt9_pd14_la14000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_022.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		16 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_022.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad63a4c3b6ee3be338dd1b4b82fae776e72a2a5e393eff916b5b95a00d5359b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"67eb4ae88450ebd889288c6bf17bb273"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPtRxCS0BxgfI8BxTiPja%2FigKGuIuvOEy6QkWFcZw%2Fw2aWb2FFOjxtlZ4MLlGoiad9bhar46dX1ZxDju%2B7WZ68HFaXsBlaXgQ5Tiq7FAzPsvuamxy9qNKBQSbI%2FyaIF2ANijXQAJTbqAYTg4VsWGsEQx"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a08bce91989-FRA
alt-svc
h3=":443"; ma=86400
content-length
16591
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=7&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=173179178&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126850%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120729%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126850&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:29 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:29 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:29 GMT
audio_022.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_022.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60ec06ad1324e8a4a6555d6b05c7d3988d8901cc4931b9ee48999e391560317a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c9ccaf5b3fc015f9c4ac8ba4b756c65f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sG4nfD4eA3PwduAPI3ds5s8cjeW44HFSaEcOUeM0XucpnhO83W1UgzkwQG46xaHWeVKkrorKfbkgMUNQ7XliZEUkc6lZ9sDOba%2BjRhxToGl59iJy4BHPap%2FBqmXXxT9HTQYF9eNgyxKiu2YlvKz782bF"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a0a4f7a1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40510
t1670023299_03_640x360p_30Hz_800Kbps_023.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		15 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_023.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
792ea53b2dd2197bd56e8a4b58d6a79728162a0474f021d937bf127d60c60842

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"09017337cc46c732a44cd1454e3fc49f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j2GAXt2JoPIevllH%2FHw1dhonTfLosBBMAOGn3mXqDOgw85%2B1rcO5t0wFEhz2DMOQVZRF4mkMp6BDqTLF3GnH24Vnt9WC1ikLRffnwYqceZ4ocLBhfUzA%2BVQsX5S8bK361HCSPuyQBPJLVkRMPLMOafUL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a0a5f851989-FRA
alt-svc
h3=":443"; ma=86400
content-length
15155
vad.gif
paytolet.com/porpoiseant/ 		43 B
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/porpoiseant/vad.gif?e=%7B%22ad_filled%22%3A0%2C%22error_message%22%3A%22AdError%201009%3A%20The%20VAST%20response%20document%20is%20empty.%22%2C%22url%22%3A%22https%3A%2F%2Fpaytolet.com%2Fpublic%2F%22%2C%22pageview_id%22%3A%22c2c3f7e1-3a16-4fad-421c-78a5c4d200de%22%2C%22visit_uuid%22%3A%22b16eeea4-a8ef-4771-77cd-6305a4a265ac%22%2C%22template_id%22%3A134%2C%22domain_id%22%3A410164%2C%22vab_test_id%22%3A%22mod58-c%22%2C%22video_ad_impression_id%22%3A%22debe2c43-9211-4d53-8f6f-0b0324730db9%22%2C%22uuid%22%3A%22debe2c43-9211-4d53-8f6f-0b0324730db9%22%2C%22play_cnt%22%3A0%2C%22pause_cnt%22%3A0%2C%22completed%22%3Afalse%2C%22errored%22%3Afalse%2C%22skipped%22%3Afalse%2C%22clicked%22%3Afalse%2C%22viewable%22%3Afalse%2C%22ad_position%22%3A%2200%3A00%3A05.000%22%2C%22video_impression_id%22%3A%22a1fb5727-0dcf-4392-8886-761f0f7ae192%22%2C%22ad_client%22%3A%22Google%20IMA%22%2C%22ad_system%22%3A%22Google%20Ad%20Manager%22%2C%22ad_index%22%3A1%2C%22player_name%22%3A%22ezvideojs%22%2C%22is_outstream%22%3Afalse%2C%22impression_id%22%3A8491663962609543%2C%22ad_unit%22%3A%22paytolet_com-video-1%22%2C%22ad_src%22%3A%22https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fcorrelator%3D80176273164%26description_url%3Dhttps%253A%252F%252Fpaytolet.com%252Fpublic%252F%26env%3Dvp%26gdfp_req%3D1%26output%3Dxml_vast4%26sz%3D400x300%257C640x480%257C640x360%257C300x168%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fpaytolet.com%252Fpublic%252F%26ad_type%3Dvideo%26hl%3Dde%26impl%3Ds%26max_ad_duration%3D240000%26min_ad_duration%3D4500%26mridx%3D2%26npa%3D0%26tfcd%3D0%26vad_type%3Dlinear%26vpmute%3D1%26vpos%3Dmidroll%26iu%3D%2F1254144%2C22852681713%2Fpaytolet_com-video-1%26vid_d%3D53%26vid_kw%3DPay%2Bto%2Blet%252Creal%2Bestate%252Cproperty%2Bfor%2Bsale%252Cproperty%2Blistings%252Chome%26vid_t%3DSell%2Byour%2Bproperty%2Bin%2Bminutes%26vpa%3Dauto%26cust_params%3Dap%253D1%2526d%253D410164%2526eb_br%253D60474211daf1dfd4d90000ea01f56c30%2526ft%253D0%2526ic%253D2%2526iid1%253D8491663962609543%2526plat%253D1%2526t%253D134%2526tap%253Dpaytolet_com-video-1-8491663962609543%22%2C%22param_gen%22%3A%22DefaultWide%22%2C%22position_gen%22%3A%22FrontLoad%22%2C%22vad_type%22%3A%22linear%22%2C%22skippable%22%3Atrue%2C%22min_ad_length%22%3A4500%2C%22max_ad_length%22%3A240000%2C%22ad_type%22%3A%22video%22%2C%22allowed_ad_sizes%22%3A%22400x300%7C640x480%7C640x360%7C300x168%22%2C%22t_pageview_time%22%3A1688126834%2C%22bidders%22%3A%22%5B%5D%22%2C%22received_bidders%22%3A%22%5B%5D%22%2C%22video_position_id%22%3A3998%2C%22auction_retry_count%22%3A8%2C%22fallback_type%22%3A%22drop7%22%2C%22bid_floor_gen%22%3A%22defaultVideoAdBidFloor%22%2C%22multiplier%22%3A3.5%2C%22winning_bid_floor%22%3A0%2C%22max_hb_bid%22%3A0%2C%22bid_floor_type%22%3A0%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=061ZBIZCxi%2BOyGsRzhyfMhU8HRbPBg6%2FRNgBFg5dWHmrgSV8gwY1%2BgurszzP7v35ziwr0H50966gvwwWVlHPLVAwFVfFq%2BV17TEmkFTnFA9nSBMpyhcNRloAv73wHAZO%2FeevjrdJu2gZ2ds%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
7df64a0a99e26969-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
priority
u=3,i
expires
Thu, 29 Jun 2023 12:07:29 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D736e09a0771285737509ab8954c475a7%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126849767&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td15_tt10_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_024.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		25 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_024.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0496154af423595e5b94ec64241f73ac120b1796c99b8ae44bb26d1a0eed3a43

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"ac1f4ca0f5109840342f05cca6ffa391"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yOfM6TXWnO4fDmDiTR5fbvhfAV7b3O2tZxyrNlyMDBInWU4q2FWTwAyMyfCtqbpjmF8H3IYtdDbX%2B488nW3bINJ8xmAzlJvIqcfNw%2FSn8TSErnwyDDuKV1gMA33ZxfpyKJq%2BNKxoJsmrNADtaXz%2FDRng"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a0c5a5c1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
26033
audio_023.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		39 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_023.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e947b06aefdaef5d522b4ef646f63c19b5675054cd49644448ac96fafba9cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"47ac3e1908889fe9e2ae3b197e153f4f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HdISqGGC9Yg3WnDKXr0qZmhUk1ljX1ZU4JiacK25RzX2O4pCpxAaO14V8N4U0n%2BqZTXTkR8HdN%2BBIrW3CpRerHLst0NjfM%2Fo4nkn10qp0j33UhtyyE%2B7X9Rm%2BoWpRYx4fIFZ5lxO2mn1DcKfXvK2JhcN"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a0c9acd1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40037
audio_024.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_024.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2f2057564367e0f8ba79b18f2051c37d7313d5b3707cf481cde97b7f5bef181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"fb43acdd9931a589228cd8d8327c7fe3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d63O%2F%2FgD%2FOdyE2FD8rVlQU6v930jIbZm2%2BD7TKnzeuLyAf8sebl%2BVjQtqli4ZuCyQnXCi2q6DaATH1ij02jJitTqW3g%2Bvby6E%2FWVewq3lKsz%2B8Ki6BkrJbTOvF9nsHF%2FWV75t9CGPASroeRAhnir4lkf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a0e7e071989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40695
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3Dc5429b6ddd929d0bc40a832a87789a7c%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126850417&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td15_tt10_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_025.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		17 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_025.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
634734b4ef41c94c855f845da22695c65ef9946690c50ea8711a1a511f927d1e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e91d1d531006f80c67c566990c0d0c79"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5NtVw%2BfF9Sq2uZaqzmNSfK2CKUnE2DTArhuT6FhAEY27ebvAzGIxbymSPgq2BfF33BCgYGV4R1ydwf4D8TBT9A0EmM1qgARgSGNZkbCT6BQoWXvf1fxAtXY9dZuqhj1mn1A0U293WfvVoRBrXirMTrW"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a0f1ead1989-FRA
alt-svc
h3=":443"; ma=86400
content-length
17735
90663950
mc.yandex.com/watch/ 		43 B
75 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/90663950?page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&hittoken=1688126837_8f7391f1f1bc1305b41735633e33683f23d9907c1f7b1d52faccea71f7db9bcb&browser-info=nb%3A1%3Acl%3A3838%3Aar%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A1%3Adp%3A1%3Als%3A1629049244660%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120730%3Aet%3A1688126850%3Ac%3A1%3Arn%3A55766847%3Arqn%3A2%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C1438%2C64%2C7905%2C7905%2C53%2C3514%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688126832447%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688126850&t=gdpr(14%2C14)clc(0-0-0)rqnt(2)lt(221700)aw(1)ecs(0)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:30 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:30 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:30 GMT
89229263
mc.yandex.com/watch/ 		43 B
260 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/89229263?page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&charset=utf-8&hittoken=1688126837_f2a8d12a676334eec776fb3d148977557b168ebcb785f721d54a0a88a9c8c4c1&browser-info=nb%3A1%3Acl%3A3810%3Aar%3A1%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1074%3Acn%3A2%3Adp%3A1%3Als%3A1395123191021%3Ahid%3A721892075%3Az%3A0%3Ai%3A20230630120730%3Aet%3A1688126850%3Ac%3A1%3Arn%3A1056917777%3Arqn%3A2%3Au%3A1688126835670014644%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C1438%2C64%2C7905%2C7905%2C53%2C3514%3Aco%3A0%3Acpf%3A1%3Aeu%3A1%3Ans%3A1688126832447%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1688126850&t=gdpr(14%2C14)clc(0-0-0)rqnt(2)lt(221700)aw(1)ecs(0)ti(0)&force-urlencoded=1
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:30 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:30 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:30 GMT
v2
de.tynt.com/deb/ 		4 B
327 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=a2zUHwIdOr7ikqrkHcnlKl&dn=TI&cc=2&chmob=0&r=&pu=https%3A%2F%2Fpaytolet.com%2Fpublic%2F
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/ti.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 Palos Park, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
date
Fri, 30 Jun 2023 12:07:30 GMT
cache-control
max-age=86400
content-type
application/javascript
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
content-length
4
expires
Sat, 01 Jul 2023 12:07:30 GMT
audio_025.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_025.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd6065413fda2c4885e5f8301225c0de05a712e2869218ab1d221d4cf20c4a6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"d1f99d61655b34d1a6a3ed153305df98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yaSKA7pyLiLT9vTVrxiA9K8uMG4oZ0ZXlehWTmptyE6yzOGdAss2HsqID2%2Byp8c2HEiRIoP2Ap4RCLBGNjW5LzlcIBu00CkCLApD3bNoAcWW5bwjjShTzBuVcLnr3ElacWa9McS7%2BbFdSOvEpoWM71GR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a1038111989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40695
collect
x.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytolet.com
Date
Fri, 30 Jun 2023 12:07:30 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D5297de5240aa45da173a0792747e0d26%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126850768&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td16_tt11_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_026.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		40 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_026.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b59386da1d8d239890f391612bcd7a47e8a72aa65b0405ee2522538ccd25da1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"b91fc7300962caca39697c66135e8f2f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sbr5UeU2elDGjE67idRGosAZt0XOLsJAvc76PvthRCoDWz7PjR8oQdKGM1KNiWJzKej3CeC8B%2BjvCgSaCN0TWzrP3iUm5LpqBDxxWnKVIV9pWNHBEopiDfAdyJCEbYX4jgxabKvnGvUroDlnukhv3V1b"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a122a801989-FRA
alt-svc
h3=":443"; ma=86400
content-length
40694
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D8b07bae800b215e481d05a271b3e723b%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126851236&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td16_tt11_pd16_la16000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
t1670023299_03_640x360p_30Hz_800Kbps_026.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		12 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_026.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2dadc54111c3d3b5df3132b85f7b6595163323f9cf3f5e9c4839cd884b3b30c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"07ed56f87221226fc218f468c3aa8ca2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaY%2BkSzHKK%2Bk0fhwDXwHa0GYAofC324l81MkEOPSycYSmoogomIfUfNZe6k7WQV8aXOXQJ2RLPuzSh3D5kBSkusrUCM0NjZ66ZWqoNQzF4DjTJt1C1%2F1c6fWUacR8U9rJQyzSS4CnkzIma2yKJ%2FdA5SO"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a147d871989-FRA
alt-svc
h3=":443"; ma=86400
content-length
12323
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=8&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=190089239&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126852%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120731%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126852&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:31 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:31 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:31 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D26dfa00588543c52511429ade391f561%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126851749&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td17_tt12_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126852%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120731%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126852&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:31 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:31 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:31 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
90663950
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/90663950?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126852%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120732%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126852&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:32 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:32 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D76163170a8636ae5b88417f095893e08%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126852100&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td17_tt12_pd17_la17000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
audio_027.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		36 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/audio_027.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2d2efe7d3c680ec648a877e00aa4a8fdf061827a974e3d7b9b18b29ec721ed6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"26fa5666bbb9d421625dcab20d988d9f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq5TmJ56ZgVc5wFmiYnbjjK5wUF21ESWatchrXyVPd5ugkpAVQ%2FvnvcfPxmoTQc9%2FHWjUBnqMGqH%2FMcQrAcjGKDzRgom6BNLDM3uKJBFWfl%2BoURY%2FwoZ3h4xNwoVtevYDr%2FCvCSt9Zu%2BtAgNPBelXCmS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a1a4cd01989-FRA
alt-svc
h3=":443"; ma=86400
content-length
36819
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/ Frame F289 		24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a33af3faaaf1281488ed7aafa007f52c10ce40eed60c54ddb1be3012b1bed451
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7df64a1a8b5a9957-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:32 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
t1670023299_03_640x360p_30Hz_800Kbps_027.m4s
streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/ 		9 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://streaming.humix.com/contents/nsrNhxfkjikFVcim/1682919808/t1670023299_03_640x360p_30Hz_800Kbps_027.m4s
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:d4fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de1f36165db512d95e6dcca4bcbcd25ff66778f3d247469ab99be63ffce3f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"82d2a62558176fca69d3d9f56448ed33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skQ9DXqc%2FB0LKhbM3q%2BJFcO8ZOFDLh7WPkiM%2BbIgin7w1%2BZo%2BEWjtECFzzOIpqy9S4UPv0VIKb5LhxwJo7QY%2B4DjkepulctUao8BzyjxlPrEiddH0aIYM%2B1iu0inreA9jABULJLsBsInAOAsuP3IQnZi"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cf-ray
7df64a1aad451989-FRA
alt-svc
h3=":443"; ma=86400
content-length
9133
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame F289 		179 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df64a1a8b5a9957
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba79f379e037687d26ea3f7db673a8ab60b662a946e43acba40cea03aca5201d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:32 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7df64a1d4f0a9957-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D57914c3716312cb7e954090f0717ea25%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126852758&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td18_tt13_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cf356bf5-c349-4be9-b2d4-d59cdcfea454
https://challenges.cloudflare.com/ Frame F289 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/cf356bf5-c349-4be9-b2d4-d59cdcfea454
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
5c2bd86d7fe3580
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/130139545:1688123213:Q56t8R4DnkY9V4eyt4Q_25wpJWuUIwlL2Ccr10Cl454/7df64a1a8b5a9957/ Frame F289 		173 KB
127 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/130139545:1688123213:Q56t8R4DnkY9V4eyt4Q_25wpJWuUIwlL2Ccr10Cl454/7df64a1a8b5a9957/5c2bd86d7fe3580
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df64a1a8b5a9957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
333f6b4ec9b94aae798491b08ad3f23f16da67619acf38bd9a23e245c81ef780

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
5c2bd86d7fe3580
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-gen
u0BTWl49Y4/AcBTpOQ8GrKqO+oGWPpVyvQ9vIE3OxVNI9f+n0Br6Pi2hpIJiq1iTIP6BIh2XElwUh9DqdRjKKsIry2cwvmwzXite022w5nQ3lb12rA35B/+E0xQRGuPcZDn4KoOkGRPVYgazcyVmAGzYzM80thU9QHxhDQh7YfHyAVJzNCT/wty81BSTOhPlzojmA21XLvqyA22U79UMXuffHPzV5M7mV2zb6P59Itdbz+vHb14CA12Hf/eGVjitjUuHLzrjE2pTMxbahn4YftRPjIRIrVCBtGWO3IRilh9sVdhGMIDVeks5po82Cz+Bd0d1FWWb1L+V6PniIDbnCvDpDKrUbarz7dorsk2aqFERo7TEq8tSgqe+Y08Jslx4nr/2CHu8sAfRM+9AlVZR+tO7Ts/xLlbd9+2ecx2l+vZj8KL33YRYWmFP/IkEbzgscD28M7CGIGw2dksJCaM/aQ==$a2IBNiyX/28kNICUu3MY9Q==
date
Fri, 30 Jun 2023 12:07:33 GMT
content-encoding
br
server
cloudflare
cf-ray
7df64a1ee9269957-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
tjboA5ANI2-3qa0
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7df64a1a8b5a9957/1688126852961/ Frame F289 		61 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/img/7df64a1a8b5a9957/1688126852961/tjboA5ANI2-3qa0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e4da60cc749ac8dae2a5e45c175bf3e93ee488a2aae73b17971aaac69e07663

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:33 GMT
server
cloudflare
cf-ray
7df64a21eda39957-FRA
alt-svc
h3=":443"; ma=86400
content-type
image/png
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126853480&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td18_tt13_pd18_la18000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
4207ab93-65fe-48a8-a14d-b1bb468fc336
https://challenges.cloudflare.com/ Frame F289 		99 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/4207ab93-65fe-48a8-a14d-b1bb468fc336
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
99
Content-Type
text/javascript
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=9&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=118568463&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126854%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120733%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126854&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:33 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:33 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:33 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=paytolet.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame CCEF 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=2331621269136887&description_url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&ad_type=video&hl=en&max_ad_duration=240000&min_ad_duration=4500&mridx=2&npa=0&tfcd=0&vad_type=linear&vpmute=1&vpos=midroll&iu=%2F1254144%2C22852681713%2Fpaytolet_com-video-1&vid_d=53&vid_kw=Pay%20to%20let%2Creal%20estate%2Cproperty%20for%20sale%2Cproperty%20listings%2Chome&vid_t=Sell%20your%20property%20in%20minutes&vpa=auto&cust_params=ap%3D1%26d%3D410164%26eb_br%3D60474211daf1dfd4d90000ea01f56c30%26ft%3D0%26ic%3D2%26iid1%3D8491663962609543%26plat%3D1%26t%3D134%26tap%3Dpaytolet_com-video-1-8491663962609543&sdkv=h.3.578.0&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2047588200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.578.0&sid=31BB2C37-E1E0-4730-85B5-0D4B17F39F33&a3p=EhkKCnVpZGFwaS5jb20YyZXN4ZAxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjdp83hkDFIAFICCGoSHAoNY3J3ZGNudHJsLm5ldBjJlc3hkDFIAFICCGQSGQoKcHViY2lkLm9yZxiko83hkDFIAFICCGoSwgEKCHJ0YmhvdXNlEqwBTitHVWNYczRLdzZ6ci85VlNWcGpEOW43a3FsK00zaWMwVkFXc2hxQUM0Z3NNNGt2SS96a1BjZnUxZlRFSUpSZnhBUklFSndKL2QxcWVRNkFHa2c0SXRJWVdMbDR2Q3BkZ0NERCtRYVkwbzQ0Z3VxTmZBQ2diOHo4eExmdExNZWFNQVhTb2xtUUFsUFJSNXpOeUxRd3VaSDc2bVlsQkhVVmxnS2M2R2Mrbm5NPRijqc3hkDFIABIdCg5lc3AuY3JpdGVvLmNvbRjJlc3hkDFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pV2tsWVpHRkRkMU5TZVhWNlRrSTJWRUZ5ZFhONGR6MDlJbjA9GOqozeGQMUgA&nel=0&eid=44752711%2C44765701%2C44772139%2C44773379%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&top=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&loc=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&dlt=1688126834513&idt=4707&dt=1688126853840&cookie=ID%3D14c5fd6f47da3553-2250166f1cde0005%3AT%3D1688126835%3ART%3D1688126837%3AS%3DALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg&gpic=UID%3D00000c5ed7319fb0%3AT%3D1688126835%3ART%3D1688126835%3AS%3DALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A&scor=776755846475256&ged=ve4_td19_tt14_pd19_la19000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.578.0_de.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
true
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126854%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120734%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126854&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:34 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:34 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:34 GMT
90663950
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/90663950?wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&wmode=0&wv-part=0&wv-type=5&browser-info=et%3A1688126855%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120734%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126855&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:34 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:34 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:34 GMT
GBuTWV2DgihmgBM
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df64a1a8b5a9957/1688126852964/3a93b98810afaccea8feb7f09ced2c2ba7889548b24369bd86aa7b767889ad6c/ Frame F289 		1 B
576 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df64a1a8b5a9957/1688126852964/3a93b98810afaccea8feb7f09ced2c2ba7889548b24369bd86aa7b767889ad6c/GBuTWV2DgihmgBM
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df64a1a8b5a9957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:34 GMT
www-authenticate
PrivateToken challenge=AAIAGXBhdC1pc3N1ZXIuY2xvdWRmbGFyZS5jb20gOpO5iBCvrM6o_rfwnO0sK6eIlUiyQ2m9hqp7dniJrWwAGWNoYWxsZW5nZXMuY2xvdWRmbGFyZS5jb20=, token-key=MIIBUjA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCAqEaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgKiAwIBMAOCAQ8AMIIBCgKCAQEA0bRUcGKklfQeNNxvLFfJ4GD9tdPPxSZwJ3XYP4G2zG8DKRLBpv9Kj6N67az3XmlVlx2R0rqjt4_1YNpJnMYvq8Tp2DUxYs4U3kFA6Rbb5cTRT5nIFp10SdDKx5oEUlr5_2lhwjOJ7UX343zafxxxRigli14tfc_MdARtiZxdmy5Dm9rRf5nwlBmsWaAX3v0Uhsdw1FWqbl23kbspqAsOrzkVf57FQWXyec-WMgVpWqs6qqDPPZHzvx68neq0a7QsWfGKjfhMa9dgQCoTvz166RVORThwNko0-5Z2XOaYQhFc0ojy9K4Ht4LY-qcayfQ4DfX7RfkQ4SUsGK-uOfhA7wIDAQAB, max-age=20
server
cloudflare
cf-ray
7df64a2a38a69957-FRA
alt-svc
h3=":443"; ma=86400
content-type
text/plain; charset=UTF-8
vad.gif
paytolet.com/porpoiseant/ 		43 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paytolet.com/porpoiseant/vad.gif?e=%7B%22ad_filled%22%3A0%2C%22error_message%22%3A%22AdError%201009%3A%20The%20VAST%20response%20document%20is%20empty.%22%2C%22url%22%3A%22https%3A%2F%2Fpaytolet.com%2Fpublic%2F%22%2C%22pageview_id%22%3A%22c2c3f7e1-3a16-4fad-421c-78a5c4d200de%22%2C%22visit_uuid%22%3A%22b16eeea4-a8ef-4771-77cd-6305a4a265ac%22%2C%22template_id%22%3A134%2C%22domain_id%22%3A410164%2C%22vab_test_id%22%3A%22mod58-c%22%2C%22video_ad_impression_id%22%3A%22564fa11b-6ebc-4bbe-98b6-08b71f476434%22%2C%22uuid%22%3A%22564fa11b-6ebc-4bbe-98b6-08b71f476434%22%2C%22play_cnt%22%3A0%2C%22pause_cnt%22%3A0%2C%22completed%22%3Afalse%2C%22errored%22%3Afalse%2C%22skipped%22%3Afalse%2C%22clicked%22%3Afalse%2C%22viewable%22%3Afalse%2C%22ad_position%22%3A%2200%3A00%3A05.000%22%2C%22video_impression_id%22%3A%22a1fb5727-0dcf-4392-8886-761f0f7ae192%22%2C%22ad_client%22%3A%22Google%20IMA%22%2C%22ad_system%22%3A%22Google%20Ad%20Manager%22%2C%22ad_index%22%3A1%2C%22player_name%22%3A%22ezvideojs%22%2C%22is_outstream%22%3Afalse%2C%22impression_id%22%3A8491663962609543%2C%22ad_unit%22%3A%22paytolet_com-video-1%22%2C%22ad_src%22%3A%22https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fcorrelator%3D80176273164%26description_url%3Dhttps%253A%252F%252Fpaytolet.com%252Fpublic%252F%26env%3Dvp%26gdfp_req%3D1%26output%3Dxml_vast4%26sz%3D400x300%257C640x480%257C640x360%257C300x168%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fpaytolet.com%252Fpublic%252F%26ad_type%3Dvideo%26hl%3Dde%26impl%3Ds%26max_ad_duration%3D240000%26min_ad_duration%3D4500%26mridx%3D2%26npa%3D0%26tfcd%3D0%26vad_type%3Dlinear%26vpmute%3D1%26vpos%3Dmidroll%26iu%3D%2F1254144%2C22852681713%2Fpaytolet_com-video-1%26vid_d%3D53%26vid_kw%3DPay%2Bto%2Blet%252Creal%2Bestate%252Cproperty%2Bfor%2Bsale%252Cproperty%2Blistings%252Chome%26vid_t%3DSell%2Byour%2Bproperty%2Bin%2Bminutes%26vpa%3Dauto%26cust_params%3Dap%253D1%2526d%253D410164%2526eb_br%253D60474211daf1dfd4d90000ea01f56c30%2526ft%253D0%2526ic%253D2%2526iid1%253D8491663962609543%2526plat%253D1%2526t%253D134%2526tap%253Dpaytolet_com-video-1-8491663962609543%22%2C%22param_gen%22%3A%22DefaultWide%22%2C%22position_gen%22%3A%22FrontLoad%22%2C%22vad_type%22%3A%22linear%22%2C%22skippable%22%3Atrue%2C%22min_ad_length%22%3A4500%2C%22max_ad_length%22%3A240000%2C%22ad_type%22%3A%22video%22%2C%22allowed_ad_sizes%22%3A%22400x300%7C640x480%7C640x360%7C300x168%22%2C%22t_pageview_time%22%3A1688126834%2C%22bidders%22%3A%22%5B%5D%22%2C%22received_bidders%22%3A%22%5B%5D%22%2C%22video_position_id%22%3A3998%2C%22auction_retry_count%22%3A8%2C%22fallback_type%22%3A%22drop7%22%2C%22bid_floor_gen%22%3A%22defaultVideoAdBidFloor%22%2C%22multiplier%22%3A3.5%2C%22winning_bid_floor%22%3A0%2C%22max_hb_bid%22%3A0%2C%22bid_floor_type%22%3A0%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:34 GMT
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rhdXCBTaqmnANqp7yRfMnhRk3BhLRpOewNk42Znmn3IHLSLpsGar0Uunj6lY0l6bbs31EyE6l1UWHenB91yFW5whEXb2h83pOnvPYExWlYLdVSMXDHyIEbt3SjqMlGG42MpAWqkKHcbFFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
accept-ranges
bytes
cf-ray
7df64a2a5dde6969-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
priority
u=3,i
expires
Thu, 29 Jun 2023 12:07:34 GMT
5c2bd86d7fe3580
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/130139545:1688123213:Q56t8R4DnkY9V4eyt4Q_25wpJWuUIwlL2Ccr10Cl454/7df64a1a8b5a9957/ Frame F289 		928 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/130139545:1688123213:Q56t8R4DnkY9V4eyt4Q_25wpJWuUIwlL2Ccr10Cl454/7df64a1a8b5a9957/5c2bd86d7fe3580
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df64a1a8b5a9957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867831aadbdd1cbc565bc6984a7c69d8a0da385af5afe1de5128f27c196e4222

Request headers

Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv1/g-yinpA2RW81Qq6/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
CF-Challenge
5c2bd86d7fe3580
Content-type
application/x-www-form-urlencoded

Response headers

cf-chl-out
WM1rbtFeg/LEQgPyqvdNCBVwqzMG9bI8h76uV9vfk1T5PG0BQwkawwcl11rbx6qHjgkeX61e8fls4QSwKtnQykA+fCe22ns4cwQdhxM0RE8=$PA8dcYjESjj4v4jIaFmTSQ==
cf-chl-out-s
tz1zRpVINW50rL9qv+VL/spVB5Ncs1YysdXreVxWHaZ3+zLxKqKKlOCi1QT81i5/LBwXsFbNVGcEfJ1SPI+odMKkR2vdxLIgkoxOmh6zlpjqvmd71I82m2ZSEbEAe6ODugjwNGojVxXUwmtXqiXqQw+JMIg33BNTtjAkLiT2Y4ggNd8zkICo/lnZ43ZcPCgZzVyA70RFNqENnyzHmI7XgH2D+TV6eUZvoIfSaLFddXkL7MyxSxEqYcsonxZlesx/XjVjeWtBecmzqiab3f1FHHw5yeeW4k5mg5eGNaXbGFc73bNvZZ+TS7mMt0fA4XcIo6CrUFQcsq89aF+uHQbZLOQga6rYqtIBeZH6vUx66Z4GhLZFNRxrN9AuVt+ECDUmSYi6wsRO4a4s/dmbamGpfZ0SCLFDVJUX1x/fLpxE7DazlQJNC/uvTXAWFA74XJxmQsCrYc9jHjJ8b4hrq+kmKw==$4Jkg9EIzK2FJekWo0GG7Jg==
date
Fri, 30 Jun 2023 12:07:34 GMT
content-encoding
br
server
cloudflare
content-type
text/html; charset=UTF-8
cf-ray
7df64a2ae9b29957-FRA
alt-svc
h3=":443"; ma=86400
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=10&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=541561741&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126856%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120735%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126856&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:35 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:35 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:35 GMT
collect
x.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytolet.com
Date
Fri, 30 Jun 2023 12:07:36 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=11&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=737877942&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126858%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120737%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126858&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:37 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:37 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:37 GMT
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=12&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=530664431&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126860%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120739%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126860&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:39 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:39 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:39 GMT
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=13&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=995842994&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126862%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120741%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126862&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:41 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:41 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:41 GMT
89229263
mc.yandex.com/webvisor/ 		43 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/webvisor/89229263?wmode=0&wv-part=14&wv-hit=721892075&page-url=https%3A%2F%2Fpaytolet.com%2Fpublic%2F&rn=491849903&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1688126864%3Aw%3A1600x1200%3Av%3A1074%3Az%3A0%3Ai%3A20230630120743%3Au%3A1688126835670014644%3Avf%3Aew9xzikdbvs4xc5avwiaspr%3Ast%3A1688126864&t=gdpr(14%2C14)ti(1)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 30 Jun 2023 12:07:43 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 30-Jun-2023 12:07:43 GMT
content-type
image/gif
access-control-allow-origin
https://paytolet.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 30-Jun-2023 12:07:43 GMT
collect
x.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://x.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.190.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://paytolet.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://paytolet.com
Date
Fri, 30 Jun 2023 12:07:44 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/_X4xQN1n_XCohKJ/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/ Frame F289 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/_X4xQN1n_XCohKJ/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Referer
https://paytolet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0, must-revalidate
cf-ray
7df64a69bd269957-FRA
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 30 Jun 2023 12:07:44 GMT
document-policy
js-profiling
permissions-policy
accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
server
cloudflare
v1
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/ Frame F289 		173 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/orchestrate/chl_api/v1?ray=7df64a69bd269957
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/_X4xQN1n_XCohKJ/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:3b8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/_X4xQN1n_XCohKJ/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:45 GMT
cache-control
max-age=0, must-revalidate
content-encoding
br
server
cloudflare
cf-ray
7df64a6c78489957-FRA
alt-svc
h3=":443"; ma=86400
content-type
application/javascript; charset=UTF-8
greenoaks.gif
paytolet.com/detroitchicago/ 		0
520 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://paytolet.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJjMmMzZjdlMS0zYTE2LTRmYWQtNDIxYy03OGE1YzRkMjAwZGUiLCJkb21haW5faWQiOiI0MTAxNjQiLCJ0X2Vwb2NoIjoxNjg4MTI2ODM0LCJkYXRhIjpbeyJuYW1lIjoicHZfZXZlbnRfY291bnQiLCJ2YWwiOiIxIn0seyJuYW1lIjoidGltZV9vbl9wYWdlX2V2ZW50IiwidmFsIjoiMzAifV19XQ==
Requested by
Host: paytolet.com
URL: https://paytolet.com/detroitchicago/cmbv2.js?gcb=195-3&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y26-4y27-16y28-66y2b-146y2f-150y33-4y3a-12y3b-6y59-2y5d-22y64-1&cmbcb=151&sj=x04x02x06x07x0bx0dx17x1bx25x26x27x28x2bx2fx33x3ax3bx59x5dx64
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:8b54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paytolet.com/public/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Fri, 30 Jun 2023 12:07:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2yFQLbt0bZ92xVhjNNEelL%2BN9%2Fi1LiUJC9nO%2Fji2jjtw5xAUSb5usjfpJioIC7TMhkHXGPf75JjiIKls9J6Bo4UC4raSfl05l1sPL%2FOyhFZSRocMJdkD0ANhTm0m8cwJ6bvx5yELjQt3AY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://paytolet.com
x-middleton-display
ezp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
cf-ray
7df64a6c9f876969-FRA
alt-svc
h3=":443"; ma=86400
priority
u=4,i
expires
Thu, 29 Jun 2023 12:07:45 GMT
8299249c-dc05-4ae3-934a-59d66f2199fc
https://challenges.cloudflare.com/ Frame F289 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://challenges.cloudflare.com/8299249c-dc05-4ae3-934a-59d66f2199fc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv2/_X4xQN1n_XCohKJ/mc7tt/0x4AAAAAAABT-_XrlIPuwu0L/auto/normal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
URL
https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

628 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 boolean| credentialless object| onbeforetoggle object| onscrollend object| CloudflareApps number| __ezWillLoadCnx object| ezgwb object| __ez string| __sellerid string| __schain_domain string| __ez_nid object| ezasVars boolean| __ezasAggressive object| ezslots_raw object| __advertiserRule object| google_reactive_ads_global_state function| ezasvEvent function| ezaslEvent function| ezoAdBackFill object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire boolean| ezhbopt boolean| ezpbCache object| __banger_pmp_deals object| _ebcids number| ezobv object| ez_ad_units object| ezslots object| ezrpos object| ezsrqt boolean| __ez_fad_haspo boolean| __ez_fad_hascp object| __ez_fad_po boolean| __ez_fad_floatshowd function| __ez_fad_rdy function| __ez_fad_position function| __ez_fad_display function| ezSetTargetingFromMap function| ezSetSlotTargeting function| ezGetSlotById function| __ez_close_anchor boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd number| __ez_fad_pbt function| __ez_fad_gpt function| __ez_fad_pb function| __ez_init_slot function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb object| ezGatewayBackground object| ezGatewayBackgroundBlackout object| ezGateway boolean| ezGwjsonpg boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat object| Tynt function| gtag object| dataLayer function| $ function| jQuery function| Popper object| bootstrap object| __ezInstream object| ezVideo string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did object| zarazData object| zaraz boolean| ezAardvarkDetected function| ezDetectAardvark number| slideIndex number| timer function| plusSlides function| currentSlide function| showSlides function| qp function| ym function| hj object| _hjSettings function| clarity string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL function| ezoSyncToDfp function| ezoGetDFPSlot object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosetowbids function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| ezasBuild function| ezorefgsl object| google_tag_manager object| google_tag_data object| google_optimize string| TrustpilotObject function| tp object| a object| f function| loadScript function| webpushr string| _linkedin_partner_id object| _linkedin_data_partner_ids function| lintrk object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject function| ga object| Trustpilot object| __gcse object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| qevents object| _33Across function| __uspapi function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString object| ezux object| metricNameMap function| ezlogVital function| __ez_get_footer_height function| __ez_set_outstream_floor function| __ez_auto_adjust_outstream_float function| __ez_outstream_player_tracking function| pixelData function| __ez_outstream_float_destroy object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ezVideoAnalytics object| ezVideoPlayer object| ezRBA function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count object| webVitals object| vttjs function| WebVTT function| videojs function| videojsContribQualityLevels function| videojsMaxQualitySelector function| videojsVttThumbnails function| videojsContribAds function| videojsPlaylist function| videojsPlaylistUi function| videojsVttLinks function| videojsShare object| videojsMarkers function| quizzersJs function| vttPreview object| ct object| regeneratorRuntime object| epbjs function| PrebidImpressionController function| PrebidImpression object| _qevents function| uglipop object| _hsp boolean| google_measure_js_timing object| ezslot_interstitial object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| _webpushrExecuteHooks function| _webpushrSetCookie function| _webpushrGetCookie function| _webpushrSetLocalStorage function| _webpushrGetLocalStorage function| _webpushrRemoveLocalStorage function| _webpushrBrowserSupport function| _wp_registerServiceWorker function| _webpushrCheckPermission function| _webpushrGetPrompt function| _webpushrNotificationPermission function| _webpushrGetPromptDisplayTime function| _webpushrShowNotificationCenter function| _webpushrShowPrompt function| _webpushrShowCustomPrompt function| _webpushrShowSubscriptionBell function| _webpushrRenderCard function| _webpushrShowCard function| _webpushrNotificationTimeToLocal function| _webpushrPermissionResetInstructions function| _webpushrPromptAction function| _webpushrShowEmailOptin function| _webpushrEmailAction function| _webpushrSendEmailToServer function| _webpushrAssignTopicsAsAttributes function| _webpushrToggleEditNotificationPopup function| _webpushrTrunNotification function| _wpCheckSubscription function| _webpushrRequestPermission function| _webpushrSubscribeNow function| _wp_urlBase64ToUint8Array function| _webpushrSendSubscriptionToServer function| _webpushrPromptImpressions function| _webpushrNotificationCardLogs function| _webpushrSessionLogs function| _webpushrDisplayPrompt function| _webpushrCustomPromptEvents function| _webpushrBindBellEvent function| popup_notification_clicked function| _webpushrShowSubscriberCount function| webpushr_display_button function| webpushr_display_toggle_button function| _webpushrUpdateTopicsPreferences function| _webpushrShowTopicPreferencesOptin string| applicationServerKey object| _wp_prompt_info object| q object| WebPushr object| d1 boolean| _wp_is_safari boolean| _wp_debug object| publicMethods string| today object| prompt_wrapper object| module$exports$cse$search object| module$exports$cse$CustomImageSearch object| module$exports$cse$CustomWebSearch object| google object| module$exports$cse$searchcontrol object| module$exports$cse$customsearchcontrol object| gaplugins object| gaData object| Ya object| yaCounter90663950 object| yaCounter89229263 object| LOU boolean| _already_called_lintrk function| __h82AlnkH6D91__ object| turnstile object| ezslot_8 object| ezslot_6 number| i3 object| googlefc object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| YjIyY2IwOWIzZDI1NWE1Y2xvYWRlcl9qcw== string| YjIyY2IwOWIzZDI1NWE1Y2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| processGoogleToken object| googleToken object| googleIMState object| data object| ezslot_3 object| ezslot_1 object| ezslot_0 object| __ezsbwcmd number| google_unique_id function| AgdSherpa object| Porthole object| stg number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| google_persistent_state_async object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| trans string| themeUrl string| siteUrl string| currentLanguage function| Waypoint function| axios function| __p4qa8r1lb17__ string| cHViLTcxODQwNjQ2NDMwODg1OTY= object| adlineConfig function| fbq function| _fbq function| showAlert function| fbAsyncInit function| __ez_vig_close_wrapper function| renderEzoicVideoContent boolean| __inScopeForCCPA function| __receiveUspapiMessage number| __cnxiid string| __cnxau function| __ez_fad_ezpbinit object| ezAYL function| ezjsps boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| ez__id5pd string| ez__uIdHash string| ez__sspDomain object| ezslot_2 object| ezslot_4 boolean| success function| ready function| matches function| loadGtag function| loadFBPixel object| shown function| newEzVignette function| ezoChar function| ezoCharSize object| epbjsChunk object| ADAGIO object| mnet string| nobidVersion object| nobid boolean| __ez_edge_a number| __ez_edge_mw string| __ez_edge_v string| __ez_edge_h number| __ez_edge_m function| getCookie undefined| __ez_dims boolean| PIXELS_RAN object| enabledEventSettings object| _hsq function| quantserve function| __qc object| ezt object| _qoptions object| _paq function| sanitizeKey boolean| _hstc_loaded function| UET function| UET_init function| UET_push object| __cfBeacon boolean| hubspot_live_messages_running object| HubSpotConversations function| callback function| _googCsa number| nextSearchboxId object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| ueto_0787e7e497 object| uetq string| waypointContextKey function| wishlishInElement object| existing_items object| new_items object| eleBellPopup object| webpushrUnknownBtn object| webpushrOffBtn object| webpushrOnBtn object| webpushrNotificationTime number| diffInMinutes object| card_wrapper object| cardImg object| elePromptLogo object| eleApproveBtn object| eleDenyBtn object| eleCookieInfo object| eleCookieGoback object| eleClickinfoCookie object| eleCookieinfoData object| eleUpdateTopicsBtn object| signal_decrypted object| pbjs object| __uid2SecureSignalProvider object| __uid2 function| setImmediate function| clearImmediate object| __hsCollectedFormsDebug object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_137 object| Criteo object| Criteo_identitytag_137 boolean| _hspb_loaded boolean| _hspb_ran object| $mcSite function| google_sa_impl boolean| _gfp_p_ object| google_image_requests object| FB object| _google_rum_ns_ number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent string| ezIntType number| vIndex function| sidebarWall function| __ez_close_rail function| __ez_handle_rail_loaded boolean| versionPixelFired function| __ez_init_gateway function| setInitCookie function| checkGwd function| __ez_show_gateway function| firepx function| scrollEventThrottle function| getPageLength function| defer function| deferscript string| prefixedKey object| ezoptbid function| getSlotForhb function| epbjsRequestAdUnits function| epbjsRefreshSlot function| setAuctionActive function| setAuctionFinished function| isValid256Hash object| activeAuctions number| googleNDT_ number| googleAltLoader boolean| LOULocationChangeInitiated object| LOUMainframeManager object| LOUStepManager object| LOUWidgetManager object| LOUOverlay object| clarityuetq boolean| isHbFinished object| parts object| closure_lm_257125 number| ezouspvv object| sas object| apntag object| _ADAGIO object| cnx object| slots string| slot boolean| a91636d7-54f0-4bd3-9d72-e9dad1e56bad function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| closure_lm_669926 object| perf_vals boolean| _hstc_ran string| __hsUserToken number| expireDateTime object| GoogleGcLKhOms object| buttonElem object| e object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager

94 Cookies

Domain/Path Name / Value
paytolet.com/public Name: _ga4s
Value: 1
paytolet.com/public Name: _ga4sid
Value: 944945413
.paytolet.com/ Name: ezoadgid_410164
Value: -2
.paytolet.com/ Name: ezoref_410164
Value:
.paytolet.com/ Name: ezosuibasgeneris-1
Value: 4859bac2-2615-4f48-7499-04fc05a725c2
.paytolet.com/ Name: ezoab_410164
Value: mod58-c
.paytolet.com/ Name: active_template::410164
Value: pub_site.1688126834
.paytolet.com/ Name: ezopvc_410164
Value: 1
.paytolet.com/ Name: ezepvv
Value: 42
.paytolet.com/ Name: ezovid_410164
Value: 1738659891
.paytolet.com/ Name: lp_410164
Value: https://paytolet.com/public/
.paytolet.com/ Name: ezovuuidtime_410164
Value: 1688126834
.paytolet.com/ Name: ezovuuid_410164
Value: b16eeea4-a8ef-4771-77cd-6305a4a265ac
.paytolet.com/ Name: _gcl_au
Value: 1.1.652625874.1688126835
www.clarity.ms/ Name: CLID
Value: cee4f2bd663946ae95927697146ba210.20230630.20240629
.paytolet.com/ Name: _ga_EZWW9JQPLY
Value: GS1.1.1688126835.1.1.1688126835.60.0.0
.paytolet.com/ Name: _ga
Value: GA1.2.1136948999.1688126835
.paytolet.com/ Name: _gid
Value: GA1.2.593329929.1688126835
.paytolet.com/ Name: _gat_gtag_UA_218196865_1
Value: 1
.paytolet.com/ Name: _ym_uid
Value: 1688126835670014644
.paytolet.com/ Name: _ym_d
Value: 1688126835
.paytolet.com/ Name: _clck
Value: rdh2wz|2|fcw|0|1276
.doubleclick.net/ Name: IDE
Value: AHWqTUleS4KwjjZgI5EQujk8zIZ7wjNlV5l-CBqmAE2fbOyM0MsF3OIDa8itl4-A
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2928134150fake
paytolet.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
paytolet.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 1670824676fake
.paytolet.com/ Name: _uetsid
Value: a77e6ec0173e11eeb5814944c0bd8923
.paytolet.com/ Name: _uetvid
Value: a77ec360173e11ee847aab87cabc75ec
paytolet.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IlFhYlJjNUJTb0hVYmhqd3JoVTFidkE9PSIsInZhbHVlIjoiM2JIT1hERDJVUkZUa3pkK2xRMDdCVkoxbElQRU1qR2JUREtFWmpRcDBDYkt6ZXFleGNmNkJBcVNLYXo1WTdIWU95MnN2SllIaFQ5d1NPNnlOSmpENE9LQ2pNcnVRRFR3TUNYWjRUUE1YTzIvUUhCRGc2RXVSWWpmNExCVXg3UVgiLCJtYWMiOiI4NzRkNGUyNDQzNDRkMzcyMTczOWYzZDVjMDcyN2Q3YWEwMGQ3OTJmZWQ5ZDQxN2FhYWRiMGVjZmJiYWQ1MWJmIiwidGFnIjoiIn0%3D
paytolet.com/ Name: botble_session
Value: eyJpdiI6IkRNQXZic1VZY2N5aDMwK0Z2NkE3UUE9PSIsInZhbHVlIjoiZVpYM3N4NmsySSt6aWtvUDFYMXh4eVJLSDV3Ym5yTDZzTE9kWXVMTUdCUGhqeVBOV1lsV3cyNnFSTDI0a1RoK2dBOTJOWlBGNU0wK0FRSkxyR0J0REwwOVFUdDl2UzNYT0xNOERtb3BqZ1QwUEtCS1NHNS9vT2xBbU9IYkVreHIiLCJtYWMiOiI2Y2RiYjI2YmE5NjQ0YWJhZTRhYWM0Y2FlYWJiN2RjOGI2ZmFiYjVhMDJmMjgyZjgxNWFmY2M1YTM1YWQzYTdlIiwidGFnIjoiIn0%3D
.bing.com/ Name: MUID
Value: 1C29AC446E666A481DE4BF046F666B96
paytolet.com/ Name: ln_or
Value: eyI0NjI0OTYxIjoiZCJ9
.openx.net/ Name: i
Value: 6485dd68-2c12-472b-b334-1e9302bbacc7|1688126836
.linkedin.com/ Name: li_sugr
Value: fa7d0413-aff8-40a4-b7ce-fda7ab86dfcd
.linkedin.com/ Name: bcookie
Value: "v=2&27dadb99-74a7-4f6d-8d46-4fd3cff9cf9a"
.linkedin.com/ Name: lidc
Value: "b=TGST08:s=T:r=T:a=T:p=T:g=2551:u=1:x=1:i=1688126836:t=1688213236:v=2:sig=AQFRsflUL0svbFxMoI87MlGytiAH-9-4"
.paytolet.com/ Name: __gpi
Value: UID=00000c5ed7319fb0:T=1688126835:RT=1688126835:S=ALNI_MZsDc3kPfVwgJm4YKQVJrFEMa9-0A
.paytolet.com/ Name: _clsk
Value: 1y0uci6|1688126837094|1|1|x.clarity.ms/collect
.paytolet.com/ Name: _hjSessionUser_2812607
Value: eyJpZCI6ImZiODE5Nzc1LWMxMmItNTg5Ny1iMTUzLTMwMjBlNTc0ZTQ5YSIsImNyZWF0ZWQiOjE2ODgxMjY4MzcxODEsImV4aXN0aW5nIjpmYWxzZX0=
.paytolet.com/ Name: _hjFirstSeen
Value: 1
.paytolet.com/ Name: _hjIncludedInSessionSample_2812607
Value: 1
.paytolet.com/ Name: _hjSession_2812607
Value: eyJpZCI6IjE5ZjZiOWNmLTMzNzktNDNhMy1hNjM1LTJmMTFkMTcxNDFjMiIsImNyZWF0ZWQiOjE2ODgxMjY4MzcxOTMsImluU2FtcGxlIjp0cnVlfQ==
.paytolet.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.linkedin.com/ Name: UserMatchHistory
Value: AQJf3UG2ryZ4egAAAYkMM1Gt6iSX9ifvMeL88qYFltnmxf3yjkp6IF7fXq8tjMFTakE-kmVRyQaYwA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKrrJoqE00FQwAAAYkMM1GtKNrnIOUCZE9aSfgzcNvJ6Fat3LqULHC8_yj3oCv2s5osDCQy82A6HPoVMJDeow
.paytolet.com/ Name: _ym_isad
Value: 2
.yandex.com/ Name: bh
Value: KgI/MA==
mc.yandex.com/ Name: yabs-sid
Value: 2595277261688126837
.yandex.com/ Name: i
Value: Xnx+pqrA0/2EHf7Z0xmDhOjQtXZNobfOecJiVFqsnlUQPUg2EnAxSHlIyPO9AtSIDppbXn+3WucFBfVMo0mBHMF5K/I=
.yandex.com/ Name: yandexuid
Value: 2560654701688126837
.yandex.com/ Name: yuidss
Value: 2560654701688126837
.quantserve.com/ Name: mc
Value: 649ec575-84fc2-d4d5f-e7e9b
.paytolet.com/ Name: _ga4
Value: 66b5b128-8a93-40b3-9546-fd1be43b7dd0
.paytolet.com/ Name: hubspotutk
Value: cb7cef7282af4d66b3b63186f9c3bac1
.paytolet.com/ Name: __hssrc
Value: 1
paytolet.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230630120717fa6cd1c1-6c80-449b-8881-dde271a6add6AQH8dWSfa2oOHVHfAWSetEpUDROKP7qS"
.linkedin.com/ Name: li_gc
Value: MTswOzE2ODgxMjY4Mzc7MjswMjHVrH9JWFfDkrkVhzIndKh7PVWISHQBxgbLsJ8XShvAqQ==
.criteo.com/ Name: uid
Value: 6fb2df45-9d84-4672-b4c6-8e898a6597ae
.paytolet.com/ Name: __qca
Value: P0-1129075504-1688126835954
.paytolet.com/ Name: __gads
Value: ID=14c5fd6f47da3553-2250166f1cde0005:T=1688126835:RT=1688126837:S=ALNI_MZdWW6IC_UptzCaP6yRcFW4qT01Sg
.paytolet.com/ Name: _fbp
Value: fb.1.1688126838068.1303914129
.hubspot.com/ Name: __cf_bm
Value: WirgAU083y7xtifwliTpo.moe0FsNhyIw1z1dsRp.qI-1688126838-0-ASAFhUgRAXuDddQ5nbfgkorG7LfwqysI3It3pqwz5N8yyTNTVCVvEvXMSm9ywqgVT3PxMhQICSslZHml9TVL0T4=
paytolet.com/ Name: ezouspvh
Value: 160
.paytolet.com/ Name: cto_bundle
Value: amPy8F8lMkJ5ZFFGY015OTBBRHlGdEhBWldmRyUyQjhBMnlzdlAlMkJIN3N2YzV2JTJCSzR4Wkozd1c5SmhvYTFXZG1qTFJQamtkd3JldE11YXVUUG5aSUNtT285dzk1am5pdjczd1BWJTJGajlIVEhZRVFhSloyQzVyb1Q0NEI0QkpTZFJjZ2p0WW5VVEdxVUdmeSUyRjBEQzlmNWt0VHlsRnJ5U2clM0QlM0Q
.paytolet.com/ Name: _ym_visorc
Value: w
.doubleclick.net/ Name: DSID
Value: NO_DATA
.paytolet.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-Oayffn5VbF3W-40jtB_tS-tFBrtr5dFHkcnoCf4u7V7Yn_WB-cdADHgWZJhqIlk-6JFpUYbvrbfVPIVCjPMmovJJKanPtA_G06fo2HQ2dOkven-d6rB4NAI8P-GzfI5k8Iwd23ZDndHILnC7CIvNlhocbiQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D
paytolet.com/ Name: ezux_lpl_410164
Value: 1688126840352|c2c3f7e1-3a16-4fad-421c-78a5c4d200de|false
.paytolet.com/ Name: lndcAttr
Value: {"campId":null,"adId":null,"refer":"","chId":null,"url":"https://paytolet.com/public/"}
.paytolet.com/ Name: adl
Value: 3ac18226-96a0-e59c-9c22-7588ed5bdfd7
.paytolet.com/ Name: adl_session_id
Value: 4d000803-e63b-c4b9-397c-b027c950a913
.paytolet.com/ Name: __hstc
Value: 243081629.cb7cef7282af4d66b3b63186f9c3bac1.1688126835997.1688126835997.1688126835997.1
.paytolet.com/ Name: __hssc
Value: 243081629.2.1688126835997
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 1C29AC446E666A481DE4BF046F666B96
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 1C29AC446E666A481DE4BF046F666B96
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.paytolet.com/ Name: _sharedid
Value: eacf514e-fc75-44b9-b1a2-8e1d3c5219f8
.3lift.com/ Name: tluid
Value: 898677246168223090804
.adform.net/ Name: C
Value: 1
.yieldmo.com/ Name: yieldmo_id
Value: g7fe019921e551359cdc%7C1688126843293%7C0%7C
.adform.net/ Name: uid
Value: 7520411867269700015
m.exactag.com/ Name: exactag_new_gk
Value: 3e24e5215ec840ce80b261728e97ce26%7C29.08.2023%2012%3A07%3A24
m.exactag.com/ Name: exactag_new_uk
Value: 4bafd71e69464d7a862f09cc36b7e529%7C
m.exactag.com/ Name: session_session
Value: bb5b02bce2584c5d96d9b3de
paytolet.com/ Name: ezouspvv
Value: 242
paytolet.com/ Name: ezouspva
Value: 7
paytolet.com/ Name: ezux_et_410164
Value: 0
paytolet.com/ Name: ezux_tos_410164
Value: 15
.yandex.com/ Name: ymex
Value: 1719662837.yrts.1688126837#1719662837.yrtsi.1688126837

9 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 468)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/7441985601152547353/index.html".
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df649b54db59957/1688126838075/474b7329e4e2261578ead35a58f35a510eaeb0f05aa60502b8e8ea1ca86c6007/6bZqN8E7z5X4tLI
Message:
Failed to load resource: the server responded with a status of 401 ()
security error URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16346139938887045070/index.html".
security error URL: https://17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/16346139938887045070/index.html".
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/pat/7df64a1a8b5a9957/1688126852964/3a93b98810afaccea8feb7f09ced2c2ba7889548b24369bd86aa7b767889ad6c/GBuTWV2DgihmgBM
Message:
Failed to load resource: the server responded with a status of 401 ()
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
a.quora.com
ads.yieldmo.com
adservice.google.com
analytics.webpushr.com
api.hubapi.com
api.hubspot.com
api.louassist.com
bat.bing.com
bcp.crwdcntrl.net
bot.webpushr.com
bshr.ezodn.com
btlr.sharethrough.com
c.bing.com
c.clarity.ms
c1.adform.net
capi.connatix.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.louassist.com
cdn.prod.uidapi.com
cdn.tynt.com
cdn.webpushr.com
cdn0.agoda.net
cdn6.agoda.net
challenges.cloudflare.com
chimpstatic.com
clients1.google.com
cm.g.doubleclick.net
connect.facebook.net
content.hotjar.io
cse.google.com
csi.gstatic.com
dclk-match.dotomi.com
de.tynt.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
fonts.googleapis.com
fonts.gstatic.com
forms.hscollectedforms.net
forms.hsforms.com
fundingchoicesmessages.google.com
g.ezodn.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb-api.omnitagjs.com
i.imgur.com
ic.tynt.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id5-sync.com
imasdk.googleapis.com
in.hotjar.com
invitejs.trustpilot.com
invstatic101.creativecdn.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.hscollectedforms.net
js.usemessages.com
lb.eu-1-id5-sync.com
m.exactag.com
mc.yandex.com
mc.yandex.ru
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
pagead2.googlesyndication.com
pageimprove.io
partner.googleadservices.com
paytolet.com
paytolet.net
pixel.quantserve.com
prod.api.adline.com
pubads.g.doubleclick.net
px.ads.linkedin.com
q.quora.com
region1.analytics.google.com
rules.quantcount.com
run.louassist.com
s.ad.smaato.net
s0.2mdn.net
sc.tynt.com
script.4dex.io
script.hotjar.com
secure.quantserve.com
securepubads.g.doubleclick.net
sherpa.agoda.com
shown.io
snap.licdn.com
ssbsync.smartadserver.com
static.cloudflareinsights.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
streaming.humix.com
t.adline.com
tags.crwdcntrl.net
tpc.googlesyndication.com
track.hubspot.com
video-meta.humix.com
videosvc.ezoic.com
viewer.louassist.com
widget.trustpilot.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.paytolet.net
x.clarity.ms
17f71e36f7655f7f5ab67574cc7e41b3.safeframe.googlesyndication.com
103.200.108.61
104.17.107.199
104.19.154.83
104.21.34.178
104.21.85.249
104.22.53.86
108.128.58.243
108.138.36.108
108.138.36.23
13.107.42.14
13.248.245.213
142.250.184.194
142.250.185.130
142.250.185.138
142.250.185.142
146.75.116.193
157.230.100.179
162.159.153.247
162.19.138.118
162.19.138.82
167.71.54.9
167.71.57.196
172.217.16.194
172.217.16.195
172.64.151.83
172.64.154.204
173.236.179.108
178.250.1.11
178.250.7.2
18.173.154.84
18.173.154.96
18.173.187.42
18.173.187.81
18.192.83.3
18.66.192.18
18.66.97.30
185.255.84.150
185.86.138.152
2.23.197.188
20.114.190.119
2001:4860:4802:34::36
23.208.149.253
2404:6800:4003:c03::78
2600:9000:225b:3a00:a:e047:753:be1
2600:9000:225e:8200:6:25cd:c280:93a1
2606:4700:10::6816:445
2606:4700:20::ac43:4bf1
2606:4700:3031::6815:22b2
2606:4700:3031::ac43:d4fd
2606:4700:3032::6815:55f9
2606:4700:3036::ac43:8b54
2606:4700::6810:3965
2606:4700::6810:78be
2606:4700::6810:8bce
2606:4700::6811:3b8
2606:4700::6811:63ac
2606:4700::6811:c8cc
2606:4700::6811:d2f3
2606:4700::6812:18c4
2606:4700::6812:863b
2606:4700::6813:9a53
2606:4700:e0::ac40:6013
2606:4700:e0::ac40:6113
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::200e
2a00:1450:4001:813::2008
2a00:1450:4001:813::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9d
2a01:4f9:6a:18ae::2
2a02:26f0:480:f::213:7ec6
2a02:6b8::1:119
2a02:fa8:8806:20::2040
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
2a04:4e42:600::485
2a06:98c1:3121::3
3.66.11.96
34.102.146.192
34.117.30.33
34.120.107.143
34.96.70.87
34.98.64.218
35.190.39.111
37.157.4.23
51.89.9.254
52.186.64.46
52.202.107.26
52.31.229.177
52.48.50.177
54.228.22.180
63.34.4.15
67.202.105.32
68.219.88.97
85.14.248.72
91.228.74.200
0036cfc357eb4e1da31490b95a1c4e5cf14af233b500b53eabb03700a0f5f0d7
0037fcd2248e05387a3b319432729f160597976bee1f093cf508e95680296c32
008d5b9cbb295c364277d6f0a86c5928e6a6add28ec9e673f423f93d151d2d4c
00e8a28586e393b1b23d23dec44dcfa2b38a457a287d33c5f0d8ef9008257387
011212f2fd4d8ef1a8aa82adcbbfd224353e49ba45ee2cb8974251130a04cada
015498a26232e3fc4693444f159d61e23d4a866b14e1cafbae40810cd1851203
02193fbcb11d960448e0fa887ff68d5ce73f01076893523fc3037e00a7149bc2
02cb3529bbc37aa59658296abd27501b06ae205a06569b1964597a310512bd65
0313ebfeb00bd7f6e6d4d98760cdec4033359cf3cb269dcd0be3299a76f205ee
0324766d1d65bc9edea9583b7de3c64ed784234f0e4abd566ae94a2f4b11a8f0
0367981962bcb2fb5e472c74ff6120294bd46a5e7961d211e0c6bbb51c73ba43
037115d01bdf1b21c604cf6ea9c8ad8f9ec733c17c4d0f1077d782b56ab81bf9
0496154af423595e5b94ec64241f73ac120b1796c99b8ae44bb26d1a0eed3a43
04f3852deee31c7a361d9e3399c0ba60163fcf56a0dc8d92fd1ff867d362b14a
06773ce630186ff0a64e18a6947ae126ba329d4a4c13cb6e9e611f59b8548a16
071fc5fc583c012026313105447a6c64b94850365d8c2df56c72403ca4906401
0730ea662702384bb01abf66275bab7f70f4b8edad0eee15c9a8948a5d5f5cdd
07aee82f4b64e2bc1da39107f59b10f92d9c157d0927c1390bc80f1c107defb9
08b409773b3642eed610eeb6b9d226ed7b90200dc142559e755e30e7ff1c4b4a
08c90b7cd3f93c373d46273217219fab21ca81b5fc8da98db354390507d1e5b3
08c91791d18c8b35509f8951ba53b3868ebc91a142f78fb1294aadad03f537c8
0a2f58d55fe473470743407188141b593fcbc6ef25cd0063c95b5a7674d724b2
0abe67bae454de9cd5d4fc27e9ea799d4080e85117dbffdf1b91e9699857c003
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca4e691c8ecf912d29e9a8eb8e43e3990f8684f1944ad297ced19abb7777bd
0c8fbb0a47bc73826d4dafbf1f595038571c7542aea9cd3bf7d672988a6f4dec
0e6b2fac4ad5c44ed969ce0f77ab179f36b4f87647509e49687e2e42c2a4ee7c
0f9db612fd3adedd4f27a60dfdaa3b2b4a13bcd84017e37e77d5f5de6a6e206b
10aaf73f31ab25828a27beb5bf50301863420db57554a90bc4a81af9b8cfaf6e
11ed3e457776339ca21d74c7697a33b82ca710e91ec24a16591376d9fb21bc65
1393acc632c160def86b45c2521c8ee742b7e6239d0d90fb95f51d55cf48b9c3
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
153278132bf1aa80acee605d37e8b8f5a7d2d334dcdf376f66715938a805bc7f
15c4d5e82620f140540bd562f221bed2c5650f26de22b436295ca6d638002047
162c5ebe4d8983b62bbb17bdcbec49361953db02abb8ef83a527c25544b4de9a
164d98df48d58ef27812c45e98705e9de5bf183ca93a7c1a5a8d14fc516d9799
16795058639bd67daebbddddbf61cc655fd0b0f9768accc663d7dbb2e3d08f4e
176471cf6c6210cc282a628c344d44cdf27d2075e4e2d5ef0d091af79173f8e8
17f9c0ff6edabbfac82cc9e23d5459ef40ead490d1615fbb4dfb38f9b7c38be0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
194d8526005f4b58a221b7663db4e5af819b5dbf33a66100fd1d4b346d96f951
1a02e2f23fc028a9083215ee4957209628dbd8c178033284f3ed4d696f7e7a25
1a45210736b55c72db5121f3b0ba4ce4e03261f444785b17c4bfb321004d5e29
1a6192a041b913fba0bcd7d7872b0c89bd87cc32da52e1119754aeb70df21680
1ad60703d9e1fada0efeeefd57dab3b75340f91b4bd76f91d1dd510a972bf2f9
1b329ad9d492bb0f1e0ca20c34769f67b8f12e64009d11375a5cde1481b493e4
1b6c5a9b65868088d8bccdaaac6a4b479180c2f247fdaaabb16713374bbfe42d
1df9281439d77d2fb421d34837981d08d71d6a860de2644f830e0c80e54fe2d5
1e5a28a902c7f1edfc9c082269da365300b36ceb1eed186bf26523d6867ed986
1ee6b17c207d430e5735eb654135c6bbdd352c3fd4268f3ca1bf44b1b799ae64
1f428af85f42adbeaa00e96bf538e7e4c2cfb42865802f438210913b759216eb
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f98869df9d8d50e62236048fd4f7925ac51a367492362b66407205396750afc
20318aa0918ec06ac3223fc88fe2476775ef4266a5e75799d99b40a695172369
203917544e475b7640ff41e15806e1347389fbee74f67f492436343b1f092fca
20f091e39a994eac247abb2db8c48d424cb5f3ea8280cea2194168c2bf5f437e
221237c5d791df2429162702989a45f13bd1f421441b139b957be5b76375d1af
2277b499b35bc832203bcfce378fc38066468341a2fef9d163b67de73ce3359e
22a43357561e7f451ff35d3e7c20196f9c8af2f2c94195d815f50a4c37f0a67b
22ae6f58bd1013447d9f05ea28371857449f6404f6190d66ca7347325ccb81bc
22d56d68f472c6bfa4fe7d320e054f1c15bd450427e6bb9ccafa6d5600b8404c
22f418c33faa6c31cfe76fab61c5fe1bb9c5031dc4fe5602ef8fd802581aff30
2312d736cdefe0ae4e7072c129ad037c2b8c6167308da50048011bda58b8da35
233b9dc0e2c476ab5f438f45096130361f5b0f79cd4711cafdf4cb9d82fdbc76
24121647cc448082299e345c46eadb6f1e488fcf6a0e11302fc8e7d67df711be
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2704d8857780ed1765ddbf4b2ca324ad0759138f7a8a3f0061aaa0cb1c3903f0
27c045f2414b6b6af54b601c46312a6cbeb5dff6da152d9aceea0272fc896d03
27fb0eb9d16e7d2a905f88b59cbfd020b9cc131e44b851e5eaeefb99d62ed962
286a6b80b9db922659cea617d11c9dd855b55291c9b0e845ec6171566565f4ff
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
296a4a9067e880f8e4901d242623d6347999bd08eedec9ae2e815666e62a7132
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2aa332e002bd6453021c397acb37df2ff7e0bce47b081fbfdf85177f459519cb
2ad63a4c3b6ee3be338dd1b4b82fae776e72a2a5e393eff916b5b95a00d5359b
2b0669766d7046c59969c78d47af78e686cca308d3953506f6ff61b3413beb06
2c7260005e7957be930ec46d8833e473936e9bcf8c2df8e58ecade54cee0e147
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f193d706417bcf72a130968908edcd09a192c51f4b592114ea4697ee4dfe85b
3000b1e7a236cf48e5f4e4168aa0b9b127718d314b79f29c652ffc9f8e275df2
30a7919c0c21802d3b7bc127ec1361cc696c6fe840d49ee41f5bddc4e763b620
30d34a03dcaa7bb6a46bb49960bd4d7648ca71068b0635da5784e3a1f9070ed6
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a524c8b76ef7ddce5204dd66d96bebf0422da860115773eb287b44228cb10d
31bda9ed720673d9ea21b02158c24dc1b303d498916a31d7d454a174dbb016a2
329d1a750114920332eadc55c129957d9dbe5a1b25745e2f7e0ed4fad75e04cd
333f6b4ec9b94aae798491b08ad3f23f16da67619acf38bd9a23e245c81ef780
3349f90f1da5e8e9c8234aaa9b932f3157e8dc2ac7c67852d2c531fa9e80f082
34378a5dfdcdf85a5c769671fd75e9d2311b149fcf281df9d4d87bf1c9095db1
3443b1248e73d80cad497be0ad72125664f5900083a9a7c3210de6aae062db1a
3460c8dc80571967cec28fddfdafd61baa448d2ff6589376050981296d1aabdd
35a19e36401943762efbbf44d5e485e5b352042330ae476eec64aa95659b797b
35c3c5dc0d21e694a5d611cf938a26c7c551854225939223287a9d0327f50c61
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
382eb011abc2de54db115b34d5bb6411bcb5bfa9bb4d6a394b62825c99e04462
387a63e314f5fdb0a7ec0a0e38d457e8c86b46e76a866dc112e823ca53cf3392
387f8f9a4eb728b443e3de3ed70be2b691083bfabdfd0b44560d7c6e80d3b3e7
3a9344d21711f63294dded98fc9832b38c7edae2f81929d533c9c86fba0021a3
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3ad6b4cd9fdd1156ea742d8806d7d22f787ac9570a365aaa3a4903e25fc820c6
3b59386da1d8d239890f391612bcd7a47e8a72aa65b0405ee2522538ccd25da1
3b8708d5e3043d822cdcdc633069af59b0e8b12458a5fe2e4ae43b4272aaa33e
3b89401fea631023de67ae75bf8f246b1af109a9a4247c3862016949eacc462b
3bf8c0e8f2f526bce6f38287401899ee884e9f4207a0bf02f82e0517954cc7b0
3dc2d7913ab3437dcff658079a24f0dc2e0a9c890b8e5d80d7a9d9dded24da25
3e1780fcf095277e5932ebe4308ba7c209a0ffd929e80fa1dac9de7efaacb043
3ea24731f090de32eff31fad71e25328201ffd719078e6c22da76e6470a654ea
400a32c50b37971cce4b4e7a3f9ce754efab3afbf1767c695bf2156ae136e771
402179b88fa6e0b17851d64725ec39658d804bd6cc9b8ba227e27bd3b4cca459
405e60d4d83515cb48da7462a2bc4c892ca9a5bea6631cb452ffd1fd388bb8a2
40e66c1d31577b34406b9b1bf8fa5b7391f180e663e5b60f902fed8c84258202
41145f32972823e794695b4f85eed4ce06b2cb5171d9f27d1ea1adf42d7d304b
416d2a417940877d507578cb0c9eb3d6e86cd6ee566534e9d671bbb6111c67ba
41ae31f327204464f360773c2dc723d27f82c2ca1f724fde0a482704f290db16
41cbeced808dfe637d813751d9b52210f9dd48e8655a7e2a20f80ef0383faaa4
420c9aa5ba3f2310b18861dbde9ebbe4ec968d0d412cea8d588b96c558796ae3
42560ef9cd88b29d780c7b1b9dfacd9ebcce9d6a786377f06ac4c85ecbffac33
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42c9d1df23e2f7d82d90b2bd6bab3b5398e81889cb9bde1d4a530acc663c9c63
43ee3f001a45d8140785867c54428887bfaff044cef3d79d5fa98fcb739b6dd4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
446bea0baf9d4fb2520dea351853d06bc09a7f52000e8163fdef0eeb7c77727d
44c4ed2469ac5b98f3a4bad8d49487de2d86df073206ad383198b6339460aa16
452ba6e0fcbbb3d19cf93bfd8010762711b9d26ed812dd7463f9042d6ac62eb9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
48df8f6ca7724a16d80580e872f3a9a87e224326e179770b10bf3613a6874763
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4a3eb0d412ebad4b5a1071598a588656fc3bb83d4d1879f2dde4abd040248caf
4ae370ed9cdec054930682752ee0d43b6dd68d936fcbc9e574f86db902282800
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e539500752069c624d4c1c9719b0cd75bf0e88923c78017e42ceb8e095596ef
4f52f329c18914acde937ef708d127632bfcbbd8f4d5b02ab9d074699e00afa3
4f925e856c238fd58acb1284b59475ffe2ef42d658ab179bd3c8da8384c47788
51103c0324b88fd9dce7c65dd73ec25c736880c28242ccec70feca8a12f942b0
51565a1b3c02c98ed2829b0004f7bb1f6c12e777b1843c0b4f0ba8ee88a85757
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
52af94ed26cdf0765a0354ae4ec7804860361f5a9a0cd2c7ce5a42419d18a0e9
5326b5e0caa2f53e51b1d785547b5a7df55ae7cd8f3cc5983c183ea2c99a5cf0
5364b451e5b91b5c3b6b2831e8f2260ba547aa35edcbdd466f97ce23fb528dbf
53c3a917896b6c2e9e5796b7230d175269b26f16504bf018ef70e0731bd98078
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
5458ade10c4a5bbf648688464b0efc0a76d9dbb2818b9ccb2eed0a8f3d1244dc
54731f45e4aafa9beb0d6b414a96f034a4d6eee152e0aa63b755a068cab61399
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aced9202fd7bfdbb7205ce2d4332e6e6cbc461d286ecef6e72144296bcede9
5614a46f9a51eabf15239f22ffe370c2d3c9dccc6e9369c0c1791a3212fca4c6
57051489e78b16d6ad50951642c742a87b2471c03bbb700227e2a6181c04a322
571022a6a2f46088a7bf28e19b7743b0e371adf6594ac7746282a35804ac52d9
573c36d7ad452885cbda19890e57dc7438cfa4ba7ff1d42f34f2750fb31a323d
58a2b1a251bb272b4babc53c625d0b4cd1543e6d06beaa03fcb7bd1a7d6449bb
58e045f5cc886898a55d4450daffaa78bc91f481333bd7d8ccf5c806e1ac6e62
5941a626695f3d452e86105f287b35a17017e3477a9f421a285782f23d05fa7f
5a798191befddcfe31bdc3964ba3103add438f7d553dfe65a1f9b89595409428
5a9863314577494b778cade4d77d719a27fca818d6091efe35b972cac31026f8
5b9a13423c09a7c3974066c077f75c392399814c71e806f9538244544b529f70
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cdff77a528171f5534961c778258ae485b6c552b85f681970131ede6de8c8b2
5e3b2986e8a2b5f9b98648c694bd23ca94aa5ded7336385b9135d817013b086d
5e4da60cc749ac8dae2a5e45c175bf3e93ee488a2aae73b17971aaac69e07663
5e947b06aefdaef5d522b4ef646f63c19b5675054cd49644448ac96fafba9cef
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f311c10956d2d9d21f2ccd8e63a075ebb69a961cde3c0b8554a54002385fce4
5fb318fe9b32965452a18821046f66dc35ae13d2ed6f7a5ecd7b8a4063cb61fb
601a7644b2a2838ad9404c7b57d79151d9610c3f2d43c07f609300f7f930794f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60ec06ad1324e8a4a6555d6b05c7d3988d8901cc4931b9ee48999e391560317a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61df879c468bdf567ef4560ba40b4e22702bc3d041c67617e076d7df4cfec422
61fee1b3a8aa8280bebd7a389d08acdbfeee67605518681e4a2f15a47e3669e7
62011d9efe150848f9c48be56a7e3e2046690df06b050d33afaf5ceb39a6a3f2
6240cc7c252d8caa79a8e3d46219f75c3a07a6dcf0bdd14b86ab88c4bb376a42
625e6ed8959b27ac331adbb0ee5c9d1e90f51e5174795dd5b017048d0c9d99c1
628798fe5d57af55187c1667fbb5cea14c2d5420b21a16ea57406485472c87f6
63140b61722479a99262b83e9691eaf42bac37e1132262ef6fe43c130b360480
631fedeea37eaceb5603d242236c244723cdf602035eefb5a638ebd73cc57235
634734b4ef41c94c855f845da22695c65ef9946690c50ea8711a1a511f927d1e
636ee43cddd96a5e26ff67cdcb9cd38261250d40cf87b10873a5de88551440e5
63719c6b2c76443759381bbcbd237473d894c91e81043291ee840b24f85f2d08
6458c2ff0120420f7d979d65d04a1d41f8a7c6a08ea1e877717c62bdd786439b
649625a6826bd78ccb8299212ff9a4fb4610f54981ebda8939289d211d331d1f
6498a978ef476bde9fabbfe6cf6833ad7e2213d4f9d3263f62a8293f85381c2e
65d7999d97b566dedbe5b8da9c538622efb0d26fc38b12c00eefb14fa610cb8e
679804e244b4127b7ecd99a513b57d6a4f91866410e16da69ce02f98f534051d
68748b387aaadd545a0bb1c563aa0588a1b87cb7502e8062bbecc53aa354bc6a
69159bd81eedf89aee248415f0ac556d8b25cf84ae76901fb976da6da63e5814
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
69f36953d1340da5caa06c3c1083365223bb624888f7aaac3b91355f68b45ac2
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af2070c5a4326f303cd491919e92228d45a5ec1ddf4830a5f1b3e8230e8d628
6b30aaaa21366d52f75323f59949ba8520cfec50fa89ef9aa9a165687348aa5d
6b3a5919eb1fbb5c8be98ef552cc142a246ac357ad166129fd76b73f6f6d2b44
6b97c727a9b701f3379168e040c96509123597595d760c49eb80feeba6acd2e7
6cce336f4fcdd345b5311dbacb6040eafcd60805f98054fef1715c7a90ea06b0
6d3ad1e7d25dfad39a00724579c180be50697940ca9f273b700dd3499ffe25d0
6da12db52730c60e2b4d0a0b01f96bacb3a3bbd1b7dbdf44aa38ceacc370a4f8
6da43b944e494e885e69af021f93c6d9331c78aa228084711429160a5bbd15b5
6de1f36165db512d95e6dcca4bcbcd25ff66778f3d247469ab99be63ffce3f59
6df7c73fa12d8261f09a11faff5c77f91f912362a9fdc15c46c3b949b188717b
6f15cf39100feae2e2bf4c38f08b2d89701c3f04a2ad84a1d6f89bc70f21cf6e
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
717789dcabdf7976b73d846593a750fbf718a305654767167c3d658ec727a0fc
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7209e11a45cef119e8d3539afb2689835d17b16a0a22f8334d867cf77a220d2a
72b0b827ce038a8735e05d723ed0d59d8a948add3a7c64025686901ef8f66ca1
746a740b54620bf99442e8b65d7f4462c71301a399b198f1c98e119b9db3ff94
74d603cc33249cccc6f16312ec756905ef513c6cf019b72d125e86ea7f85f8dd
7522c2cf228f80d9b1af1172f45d04b729d43dd8b9fc7cccb06eee2dd9629fed
75b6a564a6e463c44fc7640c585e90411bea891df84bf187096af5876cf7221d
764daba9d077be1ec3afc89a7570452b53db831586cf5b3d384b98627fcead3a
76dd5024f59224f7b30edc12726bcc0fbacb94b75e906d8ca208ce4e827c75f4
77380c7b232eebf5b6b451848bf8531168deb0f579089d2774d2ae5af56b0ba9
777b263876e8ebfed40c0f21022d8aa8863551b182d562ea5515caf0ff88b750
7787fd9bcaab977f378061acdfe9bc6c012f8d6189a3ba41f2d33b886580aef2
78514976870261c76f300b603d0c51689f2c79bb86f2b4021ab0e2161e7bc7de
792ea53b2dd2197bd56e8a4b58d6a79728162a0474f021d937bf127d60c60842
793c305047c58eaf6adb9fd1f032fc2ba40bb5d33f036a8e31f06ab03c9d0e4f
7966f4699faf90259eccc0712ad31df0923e53d5eb04017f17e2be011018f957
79c48431c56f2a175c984ab751f3b45800adf87e6b79f954dffd3be0fc1cefac
7a1b9a3a89866841ed20eed2700b1b2f5e06b152eb6eb66b769dc95c915b394a
7afacfe1657f7be1a450cfc4365f906e0d54961cfcc256c2f82528bc6ab2c1ca
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7b785a1faae290046ec03886ff49d7f5e73ea9cf997b58d01cf56dfc2bd4733d
7bb3a0e0618ea7872d14178a204c41179319fa40d6c28cb019fa3968a45ec0f6
7c1fe55e1f8d9bb17a7dc826174e42830eb9026a2d5a5cd591a906c93f195c0d
7c2b0a7e5941aed9b64ac84459cb3d4beb2bb416db5b83b29c8f19199d3b4331
7c2c4975eeaa95b52c3e06e58a0801eb158495be608ed8a947c7f506988cb240
7d19b9fff3b33035c316f3e338c92ba5e82be0e82e12dcfe1c7cb9d928a73dff
7dd9d0239673769ed47f4254822c6df177cafa2ee6de8c70b6890259ae6c6aa7
7ec9a3aad16263d804cabc6da6e5229c32cc87f7e7bd12d8580eca223447cb3b
7f148a333a7585ab1391cceb303d946f5bf1b38ba6bb8eae863125ccde728bb3
7f605b7b593df7e4ed6540535983dc897057bd484a503abf38ac921424b492ed
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8029a54754155cb338adad4a854e755c0efffc08713538fbada06d007d3fbd42
804a3c2e58bcac2838632051fb781c1828ba95d91f54989b44481358ab1fd90a
8163443f02fe88dcf2d1b83494e641519f786f5f1a839b80234b54b1541f9d80
8169070527736f2296d9d72e169101428b2f9821205614dc54cd16d3130c70f8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839c424b188a9bdafd46e5b643a2c5afb4b7df5e51f0321ffafd5f23b118e259
846b4829e247d008ef9d406060ffd9fce0007fe4cdb4d561208acd493ade8b8c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
851582e0d5f58ca12ab6c2481295b9e54bffdaec106503131b399a09189b5911
8611fd55fa961d77ac006552eb2eee14cb3af21234ea74cf63aea088070523e0
867831aadbdd1cbc565bc6984a7c69d8a0da385af5afe1de5128f27c196e4222
8687779ddc4430303d8105e8dda7af06db6686d7d3e88231183c5d695b8d78dd
8691274fd586e4f3572c2772303bdc2b1a95a398a396e592df5afd3db2c1c7fb
87beae45e2a48f9a38e1f249918560143ef97db43a562f2970ca3e240d3ce6b8
87ca2d8adbd10be0e5e89784dbb7aa8bb67f77247471f437e6af535009955f8c
885bbff6750a9a8ae2133f6971bbf5d997b7c767596ae3055e50b8bb6775c461
894a169463d47e41e0b592eecc5e327530ebcb5c0916303c7b842bec104257d9
8aa9bba5c2745b686813ea9e52325854a4f13b96fffb1c2286f48b2a8eaf3842
8b21798547e221a7a1de8784a777cb49f756530dfc595ab00b21af3d2fe41aca
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d33950a44ee27b039f7f0711ad1dd36d7dd56695f19faf40db311f03ca83d09
8da6995557d29a73fe50e281b1e09e241f0893b6b41ecf27702ba4f5c25c0194
8def762254d6a0865e0bb036d90e5984db22caccbd0d96f2e165dccb390efbad
8e630ef5639956102bcb819655a6a4e7f949b953ddcf4e225b991bd5d4966524
8e89e1175a6145d737446d673ffa073f4c469c8fe3972f5287b1e7e9b241282b
90cf59341a805059898e3cf459d369e422c5c8987e8160ecda2480d852889e3e
915aad6b2dd28c934b5a8e6f632642c7993740dc419ba3b0fad29b34e4e2882a
91895e846479fe4ffb793d7e5055327b7bddb14670cca3fde95d24fedae4847f
93234d434a08c48282913495505bb97a3f304122fb9432e528d0da9069718675
93d6fe3dced027c87ed8e524d4ba7f09626f3307922eac40f268212a47cd7fb2
93d8d0bc82b680223764c49bf2fb322af217b450c011a6397b2957008583133a
9430ca926cf9c65517177172afbb7c9fb4dda416385558220ee06abfb0930a33
96e70fe1d109f7d904b7e7dada1a1f38fcecd64160db5f7efd98b5b6bdf5e512
976df8c6fc830abbcba51b76b07f7b795fbc02d466ddd4530861161464f14dd3
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
998031baa249d094c5164e9e1412432c080b832b6e354ae004ce8d1c35ddba59
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c5961b01b6612e4ff3224bf3c542bd1c21b45358343c4be87e16c9c002a946a
9c6f6d530015f6103f20b2afab894e9f567fc382b43c2c6b1a487ed49c083ad7
9e7eb0c036a4aa626811ae4868c6398a8253d4daaaf679da8f5cbb4b32aecbbe
9e8923668c9615546029b28e901d14d875ca35a59a28066ab922437ad8ae9daa
a0044ab64bc2c317a7b41f0c4e729962dc3e439565c1ee6ac1513a4b6a8f8f92
a0591142e1d6fe8b8a6016efa44de77deb81fa362bf09b28b3c9dcdab346ab38
a09795df538fb1604a052b02322e57199ad9e5faee6b3539d1963bd72fe2a474
a0ccc5355a9350669c11c13a38d1777b674d450aa25274e99edf994096606253
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f8e80c9819b5f56dd994bd8240c107178ab91951bc142c7a9a2e6439c18ed1
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a1732ed26401f1174d7e1c512d8fbc1e9b0ece818c97b9e16a120daaabd2f0fc
a1d1ea3bb21e6ac680c043f8455a2479aa88b49b3e723ecd7720901e87ea7bcd
a26c30f9f6dcdf84d05a4bc923ba8b51306d18f165c1bf7d8f8c802d5e3d70be
a2dadc54111c3d3b5df3132b85f7b6595163323f9cf3f5e9c4839cd884b3b30c
a33a9294810cb9dce4d45a07c4dc30f198d8314af6d71c288a86fb1e4fbb1e14
a33af3faaaf1281488ed7aafa007f52c10ce40eed60c54ddb1be3012b1bed451
a40050ede26264290dfc1db40ed40ed7fc66691a935c84cd22e6470eedc26181
a45d5cb959d21cd7a042ef1e23ee0922d718b4d4342adac45fccd645a6ab7189
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5190dda380ac1a3e58c735adda29e97b3676b0ea3d4d705af7d204505b17d3a
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a52397ac20d14b7063c608f61261318da8ecb23fe996f92803563b060ba13ce0
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a5f077b380fd859dc6f2e7b1a9a25103a57c267ac82ad351500117a2621db88a
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a784560c79c2bd930b184a4134d59b1d672fe786320828f191e68f48458d6f90
a7a5045877238b1271059b2175e224d73844f717d25ee6bb0bd4751d21490075
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a973ba85502a4981607eb6233b294b4545c5b6ff38b9d58460f1e2a557992863
a9a9abcd021d8b513bbee748d48743abaeef94ab5aeb85c5c7b8062220cf3db0
aaadd60745c1ce74bdcb526ec2cbb90b062140c4c1e9f5bed054dd8c3c40d80e
ab9a107dadcf1743abae886825985947f077d19ced7a0a31baf83680f1b36a3b
abaf64de0855592138133fdf15c746a6e47a07d5f7a34a9513a06994c89f91af
accdfd1ed287d30475e76e8a486c57f5251940b8137efb68ceec84bc8f63b6e9
ad6efd36d7fcbb0ff2489c995d2867044aa83e5b4c7abdb63431efa63b937c32
ad72cc6f0d61431b600cbcad6fb96b6391b9f66a2a5e6bdcac73f91d9e9f9df9
adbb927b59fb265a16d9e9f95b64fee9a554c93d72018c19a7538c1aaa1f61ef
aed7790ebfd265538055f5acdc5261c5e79f4e1c36424fd214f970a348534d10
af9afa865b85cdddc7c4abb660b1578f8eeb1fa66c0594c56b93af2df63f6bc8
b03501649c2d236c411cb4a4ef04ddb5b306df9d01d22be86e8174a48661f6a9
b0451f74381336c61c20fd584fa5882aba2797c5cb890a751ddcf77000dc8eab
b0bbeea353baa206119b544cd5ef1972b620a3ebb99fc0253adc27e19d6bab9c
b0ca0f63e3aeeca7a7540839800817fcb6297056f8e9d749ae6d08c1d31aac62
b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb
b16efcca394116d68fd631031e90d393a65c9d4c9cb5634ca32899b4da5aab6d
b23c34a305d5ac98e5cf8df2ff04ac33de5f069e83962366023102218548f64b
b2d2efe7d3c680ec648a877e00aa4a8fdf061827a974e3d7b9b18b29ec721ed6
b345162c62821f7a2dcc09537ac03c899f788dce86248535f17d446085ec3af3
b379a9a4907129eca021a642b12eea706f590bd664d294291b68d506c48083cd
b58109431c3adc92bccc460ac5dc394dc4f0979d24656f7a52503e6c77709d0b
b5869f6bb9116c6dd0b6b691d57a17954f3c522cf9ae4497094e62146d8bac15
b6a30ce5793df7a59e0c7ffed6aea2d74ccfb78d62f809964f73a7e50b3ceaca
b7251f253a7f14b9f7946a59d2003dc87be21baab047d4394e3cf2802d6d01e1
b7add38aec8861f2b752684bf5a71d1cd8127a6beaf9f71df7aa36eb36c20ff9
b7d7eac540f5ebaf57dfca4ab6f72e3ff91d2fd6d7b0077d89524609d16bb6ce
b87719151eca45300607bfb5ce4cb83936e03fbddcde5804a5dc82466caaa41f
b886f11e6cea2d231535fd0b59bb2950a8d40d9ec4a39b6da894c1f90d89a382
ba79a13f8a53faf7d6abe4e0c4eb575ea0c1d34a3262e00eeadff4099dd62682
ba79f379e037687d26ea3f7db673a8ab60b662a946e43acba40cea03aca5201d
bad408ca687f7bbb93fa8a5bda6ed18d6a04ecdcb03ae364e5d074f6cd3d9c9c
bb16ea6d4e22fb1948a41e3360e0bcb594fe82950da1113298eba674a8910077
bc909e337d186a47be7019d37f8b939f92ee0270a9921ee5a31ddd4064b51d37
bd3f24e49eae726ef1b1c45fbc9d347384aea9b23b23c8b555a1079dea976302
bec55cc5744e463b4538576a1f1d17e52ebf455e76886d66f601c0b211f852c5
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c0ffa651cec5c4c05bc751cd2e56792bd4aa449762ca625dfa51280c5e2278bf
c12e54fac2a52a04d3c8b0c7af32ae3ddce2134dcbeeae215e2e1ec691dd9aab
c1c1a6dc0077c6c25cdc9ccc26e81c72030b342e2fe388914f38d84571c0b24f
c1dbb40c462897a6e1deba145143a9bb0d84c27afc6029b4f83740349d9d1238
c24483ffb2b66466c15a7c4b15662c997ae3b82166cb105638e534d3d41cc825
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c3573952c314df834c78d9dfa217dd798e4c99336e24cfff2c626de46b127f5c
c3ba239840d0d27fc3bd5dbaa4976da421d1464fcc2f88775099ad4d23cd4d0a
c3f753a32feddae68daf0b884418960121210954b7a0afd6a18c144b642e07e1
c548a2e763b5e91f4490ebc0ddbff76e8e0347e1f7e51f898d59b64654c3adc3
c64e454e234c21df09f76bb3f7f9eb5265cc5e65ff433b74b620b6aee03ff5e9
c672193f3799112a5eb295d25cb9ac9bfafed1ff209e84091b7af065ce66b835
c7629303e79e930ce0b081ab8757ff9de381b5be526cb8aa3c531eab315079dc
c7ca1d475d75b95f330757ed1eef0d5e2a0a63372d968c31c9ffe3159f29b141
c7d9e521655217d28644c35646022d2df59f9edc2f1ada5a3ba4fdbcae9fcdb4
c8f3cc31dcfcb5b75194e0e775d43538872366b5cbd8cd54b7d3afb7c50a13aa
c965aefdb4c6acf10f46758dc1601a64d811dcf3a378bf9e90278916aa47508f
caaf3975886cfdf5f38b32d0c0aecf4a6217a12fa2f8b6df09e24ef3847022c6
caf24f883cd87ef58435746c4f919df31f420226fd2d545befcfc300366af7cd
ce115bc063e7c54b2a257af989e4fb8ed022e2898e721f59ecff9e8da6412172
cec80b323ef9dc8488b808533a146135d7bb341072eb2c10605ba8515a7f73d6
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d19c630e5fb5a45be9e0c1d262baf87b86143bd4d04352f328c05e06bbc9d454
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d29b2cebef491def9b5517709519ccc0ae89647bd7ddbe0caebeebc47dfe87fa
d2f2057564367e0f8ba79b18f2051c37d7313d5b3707cf481cde97b7f5bef181
d37eea3a77597d079cccca5118edc840165fc85a98d0c278729975099a074eb0
d3850772f5b859e1ebab3e19c59cdac81d8c954809c3736c022737477353626e
d660119d70fde473f7720a43fb960d95c8ff46768e67d762f9557179709b8942
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6bb673fc4f76bdd441d0337cf21b0edc0caf4823b408505485d0126e4aeb44b
d738cc2e63c9f8ed958fa47e693c0de07d747c15abdd41aa44525ff2d5982725
d8793e374dab2ae48fafd92ebc35cddfa733d706e51a0afc4d15b406362f0e39
d88885ad28a6eccdbf03b997a92b276f559ff08967a4db804a040dcf11e14273
d9912196cfbb855b3a035ec2d7cd7b6b30b278131ecb6c29062726ad75b98869
d99d92a52427fdd9aca61d3fc6b4edc29cd591617f1a1c225fc99056030c89f8
db6c8330efd6e6bfd20dbed90de2e76fe0bac473c76abe90aaa91fac7bb067c6
dc09613dcc5d485401a3f40a6b23011e58a37628fb97234067a1c2faa01bf699
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd5bf95280e509e7150d394d731106ac503683371a25dca7f34c306c910e8051
dd7fcadf77947aedfa9df2220b7b33ae98b978e617e5c1100c1dd422d31a5fda
de05ff346744289ae37495fd4a814f1d8440190b9aa67ebd2db6386ffbf215a7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
dedde02e623568215d9f2bbd16574fd7d13f7c22ae41588a41f56351aeb9fbd2
df583c9245accff3497b6ce704b162783db99dbea1dc131714f3244ff31a1f2e
e0cdd6780a01ee62ad8b68f1be30f4edbf52248e8b4555755c2a6dc593df37bd
e1e1dbf9fbf77090daf000b819c73634600624988eb105bc3c8c75d4abab40eb
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2406197ffaaa60f120018bc024fd6e14eebf16fd1109908d7265bdaaf385354
e27003eefc208a5f6f480dc86bb391d3417ed2e5d32951631706e1bd17df0ee2
e2f372e39f91816bc7182f009db910d7a200baf53282bc416af7aca6aa89ac20
e33937c8718b4891cefe03686c4bac285d9265052427e705bce7e677659ed765
e3692ec270e6e83ae35b97ef697b5ffa66e6808bae62f804c249f57a63dad8ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e455b202cb808e146c24fb917e7a77706d08597a415cb97e1e8b1ded9abc3dc5
e5b43b0227a540afdeaaea7ad68db76b69833e6b27584db42374f8a3d11e0f5c
e68318fd50f741b3df01ad37103b6868a5b2060936fa2551af45a8585517a2ac
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
e6ee2ed2681b830ee910ad42d23faecf0794bcd1092b9afa0e55ff57cf829f63
e736932319bf292a1fe30fd72eb5e3fa2d622b40e8fbe1c2a9cf8e3e442d85da
e75d9252582697a1b7a8cab4307bf877c4749655ccf731c148c44c3b519108b9
e88acc2f5ca6e8dd1a5788e79700064a3431b8bfefee49f517d0a9870d29b9f3
e8d1a3f280520722da06c2c13678bc83fc80f32bfb51472d3cf1c91abd860a3d
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb9445bdddaf0686b78183b753f816750a757102b69cb93e007885c8185f797e
ec224af78f85d82a718dae1ba0e055b0faee499d8ee0b4b7e698e566cce4d8a6
ee432cd521f48f722321b82164555df9c2bf4a38a00657c61b80576620b528fd
ee769ce6e2cd6af225a0c599cf736aaf4f2df0476c6dab7d899830453db72573
ef1874f11501aa7118cdfa7af21a9ef1c87301e917881dc941831b122d82b34a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef43469f7ad0da262c41ab84556768a9019c224a1118fe38e836b1a8768a711e
efa66f0a953a51c5d0047ef28be8d73d37fcf901c959803b067ee33bcb742adb
f1e9c5ee6f84f7f34f2ba8fd2f01fa7574343afd0e09e64691245ce1745528f6
f1fe30ec9144eeec7009f5c05c3c292d80f60d5d63fd10103fd68bf02668c9db
f21fec7cd7a1dd0524a55e71cffde6e48e74278abb4815ab6ae6c150075906f0
f2d467c8d3fa1890005a06648b9037ac40f02e78906e329fb88a5f8c82cf87aa
f36c2f4279c3e47b70d9b91e7f7b740ffbcd58aebd11a23113e06d1519146556
f4181150e69e0477c7789c92ec35ab64b29c101fde750a851c1068dab6d2c83d
f4c8c21270426c132b755f12eefbecf851e2faad5d40824b33a279b7ab1afd92
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c042d81ee44f17f4f9778091ff7aa9a1b9b1efe7455a673ba4d8dea5fcbce7
f609fd574b2094dafab5320518d76c86c11e9f9a79344707151284b63f2a4345
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6914d47718a28ab8055edac273b3aff57e64e5bddccc616c2b7e355fe986f39
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f93f2d3e6f3b4bd570ab40b97fe90da437d0dbb38d460352d85304d58478d4b7
f9518f4b66ec416aaf33168598d4f4dc33186f8daa2476c70a4a330342813bb3
f97d6faed6f752cf6fbc5de57e056326a6bfd145d508e9410c17a7ab19ec4352
f97e21f3eec9e3e533d436de3a395dd755e1a309ed6e05282c16fe0c11f523e6
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fab4fef6bbfa8d6464403a14be7de1be5e3e63637a96d994fab10266e1eaf6da
fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8
fb1fe5f836ad325db5ee805fccce085eaab05625d476fbae76adccd5f3baa786
fc6bb3d490f4d56efeb0600138d374c85df85d65b7d135ce1ab655d58f6914b8
fccf4c44ba6e220d5b4bb6c8a9ef4e07177b33f15139e3cbc11ee6954a3a2c9a
fcd07d21f21002d006e7e9a4797896bb12f00ea503ccbfed143527826c61694e
fcfd4197f5307a145a18c5fd671d89323f4842fed7534f8c25fcc6cb37b2cd2f
fd15bac74e9f228c9a3ba2dcf4d64515f407d76f346a64cb75f5b19688b14a2a
fd23cf4baab2e3415ef0aff32eae32d6131424a582db8ae082bd16798187b48f
fd390b709bbe6d9524dd0ac01f8520cf95945d365e0ab6206ae6e6e60551a2e6
fd6065413fda2c4885e5f8301225c0de05a712e2869218ab1d221d4cf20c4a6f
fed92e56028dca8addea19cbe6de75170a2108fd700faf38f0fb781e1c79da81
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff4b231e47084581c812566c51b926c887f610e8dc430ae128b836e3c1435020
ffabbc1892e69d74fb717a06a4a1d638d712e399e081db73b4cd1ade647c9114
fff0091f27cd5a1eb1509aaf822b596c24f6662c265d51a63f11e677ceb2301c
fff4561aa80560ecdcb6289afee29a65cefd1706f78367ca23aaec91c97659d6