www.thepaystubs.com Open in urlscan Pro
2606:4700:20::ac43:4b53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thepaystubs.com/
Effective URL:
https://www.thepaystubs.com/
Submission: On January 18 via api (January 18th 2024, 10:49:59 pm UTC) from US — Scanned from DE

Summary HTTP 145 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 48 domains to perform 145 HTTP transactions. The main IP is 2606:4700:20::ac43:4b53, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thepaystubs.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2023. Valid for: a year.

This is the only time www.thepaystubs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:20:... 2606:4700:20::681a:7c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	2606:4700:20:... 2606:4700:20::ac43:4b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
11	13.248.221.98 13.248.221.98	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
5	104.126.37.177 104.126.37.177	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	104.198.8.50 104.198.8.50	15169 (GOOGLE) (GOOGLE)
2 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:231... 2600:9000:2315:e200:15:a0d3:77c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
28 29	143.204.215.62 143.204.215.62	16509 (AMAZON-02) (AMAZON-02)
2 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a02:26f0:480... 2a02:26f0:480:c::210:f195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	34.102.166.132 34.102.166.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.154.71.202 54.154.71.202	16509 (AMAZON-02) (AMAZON-02)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2600:1f18:612... 2600:1f18:612b:4232:950e:aa8c:14aa:701	14618 (AMAZON-AES) (AMAZON-AES)
1	95.101.148.20 95.101.148.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.158.87.169 35.158.87.169	16509 (AMAZON-02) (AMAZON-02)
1	81.17.55.117 81.17.55.117	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	124.146.153.165 124.146.153.165	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.248.4.62 34.248.4.62	16509 (AMAZON-02) (AMAZON-02)
1	52.210.27.230 52.210.27.230	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	3.208.240.1 3.208.240.1	14618 (AMAZON-AES) (AMAZON-AES)
1	35.158.11.2 35.158.11.2	16509 (AMAZON-02) (AMAZON-02)
1	52.48.249.53 52.48.249.53	16509 (AMAZON-02) (AMAZON-02)
15	108.157.4.91 108.157.4.91	16509 (AMAZON-02) (AMAZON-02)
1	18.173.233.125 18.173.233.125	16509 (AMAZON-02) (AMAZON-02)
2	52.217.198.25 52.217.198.25	16509 (AMAZON-02) (AMAZON-02)
2	18.66.248.17 18.66.248.17	16509 (AMAZON-02) (AMAZON-02)
145	55

1 2606:4700:20::681a:7c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.thepaystubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:20::ac43:4b53 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thepaystubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.248.221.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com

paystubs.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.126.37.177 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-177.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.198.8.50 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 50.8.198.104.bc.googleusercontent.com

gtm.thepaystubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:e200:15:a0d3:77c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.nivaai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 143.204.215.62 (United States) 28 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-62.fra53.r.cloudfront.net

api.nivaai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:c::210:f195 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.166.132 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.tpmn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.71.202 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-71-202.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:950e:aa8c:14aa:701 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.87.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-87-169.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.117 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.165 (Miyado, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.36.155 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.4.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-4-62.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.27.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-27-230.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.208.240.1 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-240-1.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.11.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-11-2.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.48.249.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-249-53.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 108.157.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-91.dus51.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-125.dus51.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.198.25 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

fc-use1-00-pics-bkt-00.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-17.dus51.r.cloudfront.net

434059818173913.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	thepaystubs.com 1 redirects www.thepaystubs.com gtm.thepaystubs.com	603 KB
30	nivaai.com 28 redirects www.nivaai.com — Cisco Umbrella Rank: 370278 api.nivaai.com — Cisco Umbrella Rank: 384565	16 KB
28	freshchat.com paystubs.freshchat.com assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 19032 434059818173913.webpush.freshchat.com	718 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 752	144 KB
5	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2074 rs.fullstory.com — Cisco Umbrella Rank: 2075	71 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	379 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	278 B
4	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 349 px4.ads.linkedin.com — Cisco Umbrella Rank: 6550	2 KB
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260	3 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	140 KB
4	bing.com bat.bing.com — Cisco Umbrella Rank: 376 c.bing.com — Cisco Umbrella Rank: 247	14 KB
3	criteo.com dis.criteo.com — Cisco Umbrella Rank: 608	1 KB
3	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 490 ib.adnxs.com — Cisco Umbrella Rank: 253	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6518	669 B
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616 www.google.com — Cisco Umbrella Rank: 2	819 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	71 KB
2	amazonaws.com fc-use1-00-pics-bkt-00.s3.amazonaws.com — Cisco Umbrella Rank: 31356	7 KB
2	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 550	1 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1743	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 373	470 B
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 75	70 KB
1	freshworksapi.com rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 10704	26 KB
1	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1144	423 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1421	877 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10355	265 B
1	360yield.com ad.360yield.com — Cisco Umbrella Rank: 698	199 B
1	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 3161	225 B
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 731	342 B
1	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1525	660 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 358	125 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 412	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2620	163 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 669	163 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 508	35 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 381	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 709	807 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 3209	391 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1704	99 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2988	38 B
1	tpmn.io ad.tpmn.io — Cisco Umbrella Rank: 4220	605 B
1	tpmn.co.kr 1 redirects ad.tpmn.co.kr — Cisco Umbrella Rank: 3950	284 B
1	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 3535	259 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 829	145 B
1	clickcease.com www.clickcease.com — Cisco Umbrella Rank: 11720	43 KB
1	gstatic.com fonts.gstatic.com	48 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 783	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4957	21 KB
145	48

	Domain	Requested by
36	www.thepaystubs.com	1 redirects www.thepaystubs.com
29	api.nivaai.com	28 redirects edge.fullstory.com
15	assetscdn-wchat.freshchat.com	paystubs.freshchat.com assetscdn-wchat.freshchat.com
11	paystubs.freshchat.com	www.thepaystubs.com paystubs.freshchat.com assetscdn-wchat.freshchat.com
5	analytics.tiktok.com	www.thepaystubs.com analytics.tiktok.com
5	www.googletagmanager.com	www.thepaystubs.com www.googletagmanager.com
4	www.facebook.com	www.thepaystubs.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	dis.criteo.com	www.thepaystubs.com
3	rs.fullstory.com	edge.fullstory.com browser.sentry-cdn.com
3	px.ads.linkedin.com	2 redirects snap.licdn.com
3	www.google.de	www.thepaystubs.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	bat.bing.com	www.thepaystubs.com bat.bing.com
2	434059818173913.webpush.freshchat.com	paystubs.freshchat.com 434059818173913.webpush.freshchat.com
2	fc-use1-00-pics-bkt-00.s3.amazonaws.com	paystubs.freshchat.com
2	i.liadm.com	2 redirects
2	r.casalemedia.com	1 redirects www.thepaystubs.com
2	x.bidswitch.net	www.thepaystubs.com
2	secure.adnxs.com	1 redirects www.thepaystubs.com
2	www.google.com	www.thepaystubs.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	edge.fullstory.com	www.thepaystubs.com edge.fullstory.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	jadserve.postrelease.com	www.thepaystubs.com
1	c.bing.com	www.thepaystubs.com
1	exchange.mediavine.com	www.thepaystubs.com
1	matching.ivitrack.com	www.thepaystubs.com
1	ad.360yield.com	www.thepaystubs.com
1	partner.mediawallahscript.com	www.thepaystubs.com
1	visitor.omnitagjs.com	www.thepaystubs.com
1	tg.socdm.com	www.thepaystubs.com
1	ups.analytics.yahoo.com	www.thepaystubs.com
1	eb2.3lift.com	www.thepaystubs.com
1	criteo-sync.teads.tv	www.thepaystubs.com
1	rtb-csync.smartadserver.com	www.thepaystubs.com
1	match.sharethrough.com	www.thepaystubs.com
1	pixel.rubiconproject.com	www.thepaystubs.com
1	contextual.media.net	www.thepaystubs.com
1	criteo-partners.tremorhub.com	www.thepaystubs.com
1	sync-t1.taboola.com	www.thepaystubs.com
1	sync-criteo.ads.yieldmo.com	www.thepaystubs.com
1	ib.adnxs.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	ad.tpmn.io	www.thepaystubs.com
1	ad.tpmn.co.kr	1 redirects
1	ade.clmbtech.com	www.thepaystubs.com
1	sync.outbrain.com	www.thepaystubs.com
1	www.nivaai.com	www.thepaystubs.com
1	www.clickcease.com	www.thepaystubs.com
1	fonts.gstatic.com	fonts.googleapis.com
1	px4.ads.linkedin.com	www.thepaystubs.com
1	gtm.thepaystubs.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	fonts.googleapis.com	www.thepaystubs.com
1	browser.sentry-cdn.com	www.thepaystubs.com
145	59

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
www.hrblock.com
www.usa.gov
bettermoneyhabits.bankofamerica.com
www.dol.gov
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-29` - `2024-04-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
edge.fullstory.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.freshchat.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-01` - `2024-09-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-28` - `2024-01-26`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
gtm.thepaystubs.com R3	`2023-12-12` - `2024-03-11`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2024-01-07` - `2024-04-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
clickcease.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
www.nivaai.com R3	`2023-12-23` - `2024-03-22`	3 months	crt.sh
api.nivaai.com Amazon RSA 2048 M01	`2023-02-23` - `2024-03-23`	a year	crt.sh
freshchat.com Amazon RSA 2048 M02	`2023-07-05` - `2024-08-01`	a year	crt.sh
freshworksapi.com Amazon RSA 2048 M02	`2024-01-08` - `2025-02-04`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.wchat.webpush.myfreshworks.com Amazon RSA 2048 M01	`2023-06-21` - `2024-07-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.thepaystubs.com/
Frame ID: DBC4168244FB0076BAFB6A37716183DC
Requests: 118 HTTP requests in this frame

Frame: https://paystubs.freshchat.com/widget/config_iframe.html?host=https://paystubs.freshchat.com&token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&origin=https://www.thepaystubs.com&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c
Frame ID: 0A109E39FFB786CD25FAFF34C7BDC739
Requests: 2 HTTP requests in this frame

Frame: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Frame ID: 55B4E0569370D7A2813DA91A73FE8D6A
Requests: 24 HTTP requests in this frame

Frame: https://434059818173913.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t
Frame ID: 6EDA979D9AC7E4A5B704D64154EBD961
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Paystub Generator | No.1 Checkstub Maker - ThePayStubs

Page URL History Show full URLs

http://www.thepaystubs.com/ HTTP 301
https://www.thepaystubs.com/ Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

145
Requests

79 %
HTTPS

37 %
IPv6

48
Domains

59
Subdomains

55
IPs

8
Countries

2390 kB
Transfer

7643 kB
Size

50
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/watch?v=jUsr5yZSQqg
Title: Create your pay stub in 2 minutes!

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=ynENbRHpUoE

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=uPDJ7Ie9leo

Search URL Search Domain Scan URL

URL: https://www.hrblock.com/tax-center/irs/tax-responsibilities/prision-for-tax-evasion/
Title: Face Jail Time

Search URL Search Domain Scan URL

URL: https://www.usa.gov/labor-laws
Title: Workers’ compensation laws

Search URL Search Domain Scan URL

URL: https://bettermoneyhabits.bankofamerica.com/en/privacy-security/how-long-to-keep-documents-before-shredding
Title: safeguard company information

Search URL Search Domain Scan URL

URL: https://www.dol.gov/agencies/whd/fact-sheets/21-flsa-recordkeeping
Title: The Fair Labor Standards Act

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ThePayStubs/

Search URL Search Domain Scan URL

URL: https://twitter.com/thepaystubs

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC9z06oljqHotLsh1UyQIgBQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thepaystubs.com/ HTTP 301
https://www.thepaystubs.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 53

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5721305&time=1705618193082&url=https%3A%2F%2Fwww.thepaystubs.com%2F&tm=gtmv2 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5721305&time=1705618193082&url=https%3A%2F%2Fwww.thepaystubs.com%2F&tm=gtmv2&cookiesTest=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5721305&time=1705618193082&url=https%3A%2F%2Fwww.thepaystubs.com%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQJd06EgmpveDAAAAY0exDvkOiPevpze08vlvTx_3DiFl4PduQWbKdDoXNsDRCEzrC0JhrHk8GvUx_fNNZOhW8w1lnjpuA

Request Chain 75

https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://secure.adnxs.com/setuid?entity=52&code=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 76

https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://x.bidswitch.net/sync?dsp_id=46&user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30

Request Chain 77

https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://sync.outbrain.com/cookie-sync?p=niva&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&initiator=partner

Request Chain 78

https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 79

https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 80

https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://x.bidswitch.net/sync?dsp_id=46&user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30

Request Chain 81

https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&google_gid=CAESEIBORUo84PSUqxv_Vnhj3Kc&google_cver=1&google_ula=913071,0

Request Chain 82

https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2826800844529132169

Request Chain 83

https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://sync-criteo.ads.yieldmo.com/sync?id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&pn_id=criteo&ext=1

Request Chain 84

https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 85

https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://criteo-partners.tremorhub.com/sync?UICR=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 86

https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 87

https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30

Request Chain 88

https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 89

https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 90

https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://criteo-sync.teads.tv/um?eid=80&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 91

https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&dongle=013b

Request Chain 92

https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 93

https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 94

https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 95

https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&C=1

Request Chain 96

https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&custom=&tag_format=img&tag_action=sync&cb=

Request Chain 97

https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 98

https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://matching.ivitrack.com/sync?realm=niva&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 99

https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&_li_chk=true&previous_uuid=5620ecb55868428dac0c61244d141089 HTTP 303
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Request Chain 100

https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 101

https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Request Chain 102

https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78 HTTP 302
https://jadserve.postrelease.com/suid/1017?vk=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

145 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thepaystubs.com/
Redirect Chain

http://www.thepaystubs.com/
https://www.thepaystubs.com/

227 KB
73 KB

39ms
19ms

Document
text/html

2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2eb688699e5ec04f1ad35dc7dbc2d65e9a47237843e826815fa27e5dc32a685

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5189
cache-control: public, s-maxage=86400
cf-cache-status: HIT
cf-ray: 847a64c92bd5bb55-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 22:49:52 GMT
last-modified: Thu, 18 Jan 2024 21:23:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3vZDyAYnYmFNTaC0iyLjMEfy4WCkTpTf8SohgF%2BWRejitqtAXVTjE8ecQZ7EjDpLUFUMUufODlY%2FY%2FP6ItTy4W2Q2gcFYFtuiXf0BTRv%2Bc7l76WQzi9NM2AkTuMXeOiLGkoVYaKRAXwnZdL8j%2FSwPd4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 google

Redirect headers

CF-RAY: 847a64c8ebe89be6-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 18 Jan 2024 22:49:52 GMT
Expires: Thu, 18 Jan 2024 23:49:52 GMT
Location: https://www.thepaystubs.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ry0BdXoACe0Tic9IYlWiPGHjArva5mcM%2Fpn520FIe%2FhEO%2FCmB%2F9zXTOdsrS0x90IKtbxGEzpi8mIlSGljCsMq1Cj5I5fQXwUAyPdpiCROJXMOY5pCT7Dpw8hEYk0wvFuhKsIFdXR0znOWbHK0sd%2BgZQ%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 133 KB
51 KB 39ms
19ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-71604044-1

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dd753929e7a89dc5eb305117944eb32a455a950fffb7d8bddb66dcc896a77d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 22:49:52 GMT

GET
H2 200 logo.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 3 KB
3 KB 16ms
15ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/logo.png
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99a5d4ac8414258cf38ceba08a7e7b8af17a4ff308b7fd1129dacd8fa773f429

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350237
cf-polished: origSize=5949
content-length: 3047
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-173d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOLO4nQVGiOeA%2F9Uh1SZeuFj7SiCGrV9qKgWwRJ%2FZvZiatbW58TJmvPMratBfieiUifU4%2F5o%2Bx3GbbVL8TUBNM3rV6GCEDHYtg4j2X1D4%2BpiwtIst682Wcwsuih0XocbOc7gXRB%2BDmllcTKzKp7t7oU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c94befbb55-FRA
expires: Mon, 13 Jan 2025 21:32:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 249 KB
80 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TQ78NC2

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

41823b426edc9b6d0bfd90d8ca3273327e435b55cb43946e3acfd8a945b66dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81697
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 22:09:16 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 22:49:52 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 79ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 18 Jan 2024 22:49:52 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5FAB162DBC1E46EDB381251AE331B81C Ref B: FRAEDGE1116 Ref C: 2024-01-18T22:49:52Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13187

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 247 KB
68 KB 53ms
7ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65

Request headers

Referer: https://www.thepaystubs.com/
Origin: https://www.thepaystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:13:26 GMT
content-encoding: br
age: 2186
x-guploader-uploadid: ABPtcPo1E0OWpkrXAXvw0p3DhKqfSzjzuoWO6HVG48jEnQeAR1aFa3WGlOAlXfFh0FVthzFD6AKwQAcJ0A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69176
last-modified: Tue, 09 Jan 2024 14:46:09 GMT
server: UploadServer
etag: "39c79f2b05faf1b80cfb99fdd212a0e6"
vary: Accept-Encoding
x-goog-generation: 1704811569390469
x-goog-hash: crc32c=MZJ0CQ==, md5=OcefKwX68bgM+5n90hKg5g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69176
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 18 Jan 2024 23:13:26 GMT

GET
H2 200 paystubs-main-banner-mobile.webp
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 9 KB
9 KB 20ms
19ms Image
image/webp 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/paystubs-main-banner-mobile.webp?1640156701
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11c77804a35baaa7ba7e5bc9242739a1bdaa8daf6e3ccdc14b5d7bdedc00040b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350237
content-length: 9310
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-245e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B8kLIglDqlvEdaVM9y%2FL0C1plhskmf8vaLY9ppayMb0K2gaR0Su7hrqz22JsUROQtCSULFORuCeCs4qmEgEF0FFgW9Z6yeuplFwu6B%2BrX3DNlqjxuC7B0euz56kp379UPR3XRKTkPCQ9J9dHwkG%2BLc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c96c1dbb55-FRA
expires: Mon, 13 Jan 2025 21:32:35 GMT

GET
H2 200 gold-stars.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 580 B
904 B 17ms
16ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/gold-stars.png
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d3bf5a597ef938dbe72bbcf72df7c7eff713ba1f5ebfc9a2bd6d90f493373ef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350237
cf-polished: origSize=688
content-length: 580
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-2b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8881b8DlE2UQewEU%2FC5Sp7Y3ST3m6W0%2BUPwgzYi8FzNGe6GynHWHN2FOqR87vH%2BpSR0E5VJ%2BTErULNGchovdPHNtNaMFr2W636pNTYhwY8XDjIFeAZQWD6OcCrx1O%2BCrGWfT%2BRF0hODzjKLZgfSiINY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c97c20bb55-FRA
expires: Mon, 13 Jan 2025 21:32:35 GMT

GET
H2 200 arrow-left-mid-grey.svg
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 205 B
525 B 17ms
17ms Image
image/svg+xml 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/arrow-left-mid-grey.svg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a36a2d059128bbc8b66d7c35dd5d424e628bdce0c02c7a884db15ee9d91eab58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 117154
etag: W/"65a58f78-cd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uoh2O1hvw8RT%2FC4uJjvjN0E1nKC%2BgdnTL615jf1aD3fUzjIYphGHhI%2FHR5kNufaKwq440s34FM1FpdnasHJY3OoxBArZ181e2V%2BDDY03HmhNF6EFylWsRJIEc%2BJaQvrRYzrR10ZVw4AT0CEB5R3XPqk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 847a64c97c22bb55-FRA
expires: Thu, 16 Jan 2025 14:17:18 GMT

GET
H2 200 arrow-right-mid-grey.svg
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 188 B
475 B 22ms
21ms Image
image/svg+xml 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/arrow-right-mid-grey.svg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10b333cfe996b32a7404da2c95667e5078680962a3b7eeb1fef1cf126ee9890e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 219710
etag: W/"65a58f78-bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hNO1U7cUg11PeC59f3y0ZY%2BOQrFgJbTC6gFuZLHNDGFgVWbze2TkUJccKVxaGKeyrPwKWV0stfFSWXY%2FjjQCyJYb2g%2BBTyInupw5SmZKJyHp6GjjmCBpR0BQ45fLShB%2FRSah31G6QoILrTPAZKZn0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 847a64c97c23bb55-FRA
expires: Wed, 15 Jan 2025 09:48:02 GMT

GET
H2 200 tps-fresh-chat-form.css
www.thepaystubs.com/assets/thepaystubspaystubgenerator/css/ 7 KB
2 KB 18ms
18ms Stylesheet
text/css 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/assets/thepaystubspaystubgenerator/css/tps-fresh-chat-form.css?version=237c87a726
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7da8768afec5745e78b76cc73f6b28d5d711eb345b23c2f55309203430f3d58d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 219710
cf-polished: origSize=7279
cf-bgj: minify
last-modified: Mon, 15 Jan 2024 20:04:50 GMT
server: cloudflare
etag: W/"65a58fe2-1c6f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0fRz9msVpxGTDWEvzkekq0e4ygfY1bw55fAULrs%2BjLx3R2GdJUXiTi50FVitEgWXg06DBKLbpLS33aCm6ZHK2B90pVo8tsDsDrh3j9ZL%2Bo4tKw1CCKHIof9eekGdF8wOQgNynz1%2Bm0OrWsK%2BpyNOUxg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public
cf-ray: 847a64c97c24bb55-FRA
expires: Wed, 15 Jan 2025 09:48:02 GMT

GET
H2 200 widget.js Show response
paystubs.freshchat.com/js/ 66 KB
21 KB 327ms
104ms Script
application/javascript 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/js/widget.js

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-trace-id: 00-c2c9f771023b6c7ef0fc8ef3ed317050-7ef79d0647f43bdc-01
date: Thu, 18 Jan 2024 22:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 16 Jan 2024 04:56:56 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: pg76p
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: 45884edb-fc1d-9fd1-8d78-cb6babaebcb9

GET
H2 200 fresh-chat.js Show response
www.thepaystubs.com/assets/thepaystubspaystubgenerator/js/ 5 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/assets/thepaystubspaystubgenerator/js/fresh-chat.js?version=53092400ca
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 031697f8deb6b9ac3156d702e86503929c656219e7f68c4f4c0170903934a130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1205678
cf-bgj: minify
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: W/"657af289-12e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uhrbr%2FOqjutbf2FxrNVC0y8dRXNUdssnG8gBOF6OBowvsKyck7ScFY7MJtPEQN87lduz4g47m2DND9QSmt0aOPiYE0Y2VFiN6UOg5%2B3vkuUnIVroDnxELe2gIliY0uH2adjS9G1b1DBEW0jckmZ6RT0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 847a64c97c26bb55-FRA
expires: Fri, 03 Jan 2025 23:55:14 GMT

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/7.64.0/ 61 KB
21 KB 50ms
11ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/7.64.0/bundle.min.js

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

68120ca24215c1b206fcb772b03ba7f682df147e078b727bac3476262239b22d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thepaystubs.com/
Origin: https://www.thepaystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 14 Aug 2023 11:44:53 GMT
server: Fastly
age: 3855199
etag: "1964e626f57fd4dd0657dc185c54a666"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20968
expires: Wed, 14 Aug 2024 02:05:29 GMT

GET
H2 200 main.js Show response
www.thepaystubs.com/assets/thepaystubswebsite/js/ 4 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/assets/thepaystubswebsite/js/main.js?version=0531dede0a
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 973a453289e4d3b851e778b1c006dbeb8fb2d3b20e9c20ea953b30aa59b8fb3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 736455
cf-polished: origSize=3811
cf-bgj: minify
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: W/"657af289-ee3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhpJZU2iH%2B1Lv7B%2Bi1o8nrlGa%2FfBjB3q0pZRqJXyLmno%2FHkLPeOHkyMO9WVC%2FpeJbuli4SG8WfazwksCkR5F4wI%2BBQdswaOnWdzt32z8lKyAKy3QaLZCcNjc%2B24DkRFRmhQqvoWrzt41tUmPsiHfr9M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 847a64c97c27bb55-FRA
expires: Thu, 09 Jan 2025 10:15:37 GMT

GET
H2 200 home.js Show response
www.thepaystubs.com/assets/thepaystubswebsite/js/ 62 KB
19 KB 30ms
30ms Script
application/javascript 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/assets/thepaystubswebsite/js/home.js?version=1cbd9fdeaa
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 026ec34ee7182761d2fb237607d5a946e0273591165a9f3444c60b46d3ee2f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 224702
cf-polished: origSize=63643
cf-bgj: minify
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
server: cloudflare
etag: W/"65a58f78-f89b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pwx5UO1Ie5h43d446tHYzO38fR7Y%2Fr6s7rldo5hYaLQy8oY%2FDlcJxpSps%2Bedxdd0Xz2mt7eiXxOEfOBCQABUJY%2BH4EOQla2%2F5cUSZHDMvdzDXtcNS1b8upGb4Kova%2FSJc%2BllrEHN63zjL%2Bg8sLNqfJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000, public
cf-ray: 847a64c97c2ebb55-FRA
expires: Wed, 15 Jan 2025 08:24:50 GMT

GET
H2 200 arrow-down.svg
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 185 B
481 B 28ms
27ms Image
image/svg+xml 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/arrow-down.svg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd2cc2c0627793a55434e6ba75c2d298d41cc4f07eeb42a87e088e8be2cbee27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 350237
etag: W/"657af289-b9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWAuq%2BcpcFlwuQuHMWriN6oro%2B%2B70UwH%2FLtdKte86t9ePXYRv3dELlLDoT2QzVGB3QlzM78BqwyYrq46lrbquniGIB5v5rNO4KcZDcUEqmd7pV3IsUdiVF4rxfzLurAc%2BRlwGAgc3jnR6zB4Cfac6y8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 847a64c97c2fbb55-FRA
expires: Mon, 13 Jan 2025 21:32:35 GMT

GET
H2 200 tps-menu-triangle-2.svg
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 162 B
497 B 20ms
19ms Image
image/svg+xml 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/tps-menu-triangle-2.svg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30b1081c83147ad20d44c90d586a0120bd844102248593e3cd7558e07248f2e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 117154
etag: W/"65a58f78-a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hd0OVVdX58%2B6%2FjiAnmdwKlL2N9KAnAs16egPI6E6OjQNwavsdiHPndazOtos7dpITXmQiNEpo%2FblJC1x3ZSHq5HHx0dQ0rwyKi98Up9b89o1M254TYMJf37Ph3dCvUSdfSBJEg0koCqtOcwLj75LY8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 847a64c97c30bb55-FRA
expires: Thu, 16 Jan 2025 14:17:18 GMT

GET
H2 200 opensans-bold-webfont.woff2
www.thepaystubs.com/bundles/thepaystubswebsite/fonts/OpenSans/ 15 KB
16 KB 28ms
27ms Font
application/octet-stream 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/fonts/OpenSans/opensans-bold-webfont.woff2
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3605d4bc67047529d3ce273628484e8de46167327aa910c47adc753e10df63fd

Request headers

Referer: https://www.thepaystubs.com/
Origin: https://www.thepaystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1205678
content-length: 15740
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-3d7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofofsDeC8fdKCCO897KK%2FE%2B9HI7sMszD%2B6knjrrqSoyH1m9OzeJ8Lfy6WBRUks4q2YQCtMCCSvGOTnTan4YxiqICALKGluwxvnrpzRBHtrBDAfqafBGlhlgDII0XIUkfjLKDmabgD9BuqGZNvBmzCMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c97c33bb55-FRA
expires: Fri, 03 Jan 2025 23:55:14 GMT

GET
H2 200 opensans-semibold-webfont.woff2
www.thepaystubs.com/bundles/thepaystubswebsite/fonts/OpenSans/ 15 KB
16 KB 18ms
18ms Font
application/octet-stream 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/fonts/OpenSans/opensans-semibold-webfont.woff2
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e09ecb1edd388bb4eaab28555454c5c83471bc962d78927fccdf3aa9e842453e

Request headers

Referer: https://www.thepaystubs.com/
Origin: https://www.thepaystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92414
content-length: 15756
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
server: cloudflare
etag: "65a58f78-3d8c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KpKE4vAaUyMv8KXALSyHlpCSGsIWuSNwA9DP7d1S3%2BTEdFbdF1x91xWgGvWIKn8TWJPrEUmxRfJk9N%2FxkDCwPADj8Ijn%2Ffk3pneOENLGtvXIsPoT%2BuHhGQiyH%2FD9z8FHAjy5ngsQRLv9xmvg7H%2BXORU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c97c35bb55-FRA
expires: Thu, 16 Jan 2025 21:09:38 GMT

GET
H2 200 opensans-regular-webfont.woff2
www.thepaystubs.com/bundles/thepaystubswebsite/fonts/OpenSans/ 15 KB
15 KB 40ms
40ms Font
application/octet-stream 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/fonts/OpenSans/opensans-regular-webfont.woff2
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe4ed9f86c98b8d95ec06e53cad3551fedcc68e72f0019281b37e6761923e097

Request headers

Referer: https://www.thepaystubs.com/
Origin: https://www.thepaystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1205678
content-length: 15088
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-3af0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdfK4u%2FsvpNKXvBbKzUtxwPze2BLilUqdmg1Eh2hU0fmwFL6Y7Um97LfHy5PlLePSUgYeXfkHswH7rWnrX5eUa%2FYOUblWvK2aZllLSj6wp6RjpJcBR%2BJGwUb23MjX0kHTKdztKXPuKK9A7cZn4BhDu4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c97c36bb55-FRA
expires: Fri, 03 Jan 2025 23:55:14 GMT

GET
H2 200 templates-example.svg
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 366 KB
210 KB 36ms
23ms Image
image/svg+xml 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/templates-example.svg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad942dfd4032f2ea326ed5e0b1ef7b44bcf36a9eae2cdddad66561098f286627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 117154
etag: W/"65a58f78-5b799"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5pX4qkBGwa%2FoECrsBM2x6gyVPKIEdGVA0ZAXZFQTSvjh5fZ6HybnzkezdskGVS5fsoYSLcP3H6AgF1j2nokkXexpzkpyzdl5Mawl3f1UN%2B6Wkrc2wJbrzOGlRN5m6L0gJjZBnKpRYSDn6uTMeVdEyXc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 847a64c9ac6cbb55-FRA
expires: Thu, 16 Jan 2025 14:17:18 GMT

GET
H2 200 us-canada-toggler-us-flag@2x.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/landing-page/ 951 B
1 KB 26ms
13ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/landing-page/us-canada-toggler-us-flag@2x.png
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2298c686ba969a528699392a9cd1a4e2f164f851f9fcde82c7bb35070a46621

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350237
cf-polished: origSize=1020
content-length: 951
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-3fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CMQbxq7h7sxcYm%2FXTsLgu4XosqWzNzdAoH2ZJ916PxrNDeq0RFF7kcDtC5UT41fuNfrEos17dde1mwQOiN8ovlVLBT4gGFnzuQ6WpUo3E775p3%2FCIdWvdtIwMUInD73kgujs2aAYIydL1KPg664zWAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac6dbb55-FRA
expires: Mon, 13 Jan 2025 21:32:35 GMT

GET
H2 200 us-canada-toggler-ca-flag@2x.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/landing-page/ 618 B
937 B 28ms
15ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/landing-page/us-canada-toggler-ca-flag@2x.png
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bf54eff1a3332fe3be1aa8e54fceac1fb29e8ff699149d9f482a65c279d6fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350237
cf-polished: origSize=667
content-length: 618
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-29b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DzxxgOPIgE0tJ4CuIppV2Xd%2Bxe%2BED3iq4f80hMCN2WuevAIu6%2FlMlmQLURnG1FaD46Fwx8vtRkMXSJ71roz1hRywnxmNeELFqWqYc4kRNkKZyyeh9xEe7x83tqy1ULAdtfnrWQauxPQyVR4ZMbmjSqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac6ebb55-FRA
expires: Mon, 13 Jan 2025 21:32:35 GMT

GET
H2 200 paystubs-main-banner.webp
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 30 KB
30 KB 29ms
17ms Image
image/webp 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/paystubs-main-banner.webp?1640156701
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b88b470fc642d0122092317ec4ada7d66ae1e161a850e9b0b8ad36bc5e0c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 117154
content-length: 30536
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
server: cloudflare
etag: "65a58f78-7748"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9SHoB%2BDkgYhl5COrIbYQtW4QZuFJQ8nBZJbsr%2F3%2BjaJfhP8ytgt%2FUiW%2FM8QF5XKydjIoFRFnaR27pNE8a3UtFlNN0HhAqjsUwGZikZImhH3%2B7HJprs2slarPqbySLkKebIb5w6JpP7COk9fhIqO1lM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac6fbb55-FRA
expires: Thu, 16 Jan 2025 14:17:18 GMT

GET
H2 200 secure-ordering.svg
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 15 KB
7 KB 32ms
21ms Image
image/svg+xml 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/secure-ordering.svg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09c9319809418451640ee5e266c0fdb038616386b00637f6886d5cf5a0bf2929

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 219710
etag: W/"65a58f78-3def"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wB2Ub0mqwdJUrhtWKiOVxZtv%2F5FEyL7av6F8RGhCZqZxl6Sf1ScxaI3xw1EX%2B4lO7gWjausg1ckBiAVJEMMKoMxi4mQJcSGVpPOmTlvOM%2FBBo2MUby9zHUNmXWl8ZfSkgFc0VpIRyHywK6ntPCa22Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 847a64c9ac70bb55-FRA
expires: Wed, 15 Jan 2025 09:48:02 GMT

GET
H2 200 money-back-guarantee.svg
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 17 KB
8 KB 37ms
26ms Image
image/svg+xml 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/money-back-guarantee.svg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12a3ff43036d2887a7b7ef989bdb63a3c05d75d2e591eb1c9352175095de2cdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 29272
etag: W/"65a58f78-4456"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyajoltRdVeq%2B7mt3rIHlxvWPXHq0YEurz5IUskOr385JbBeSqgKwzbobP54zkuN%2B15eI8gsWvgXQZB0dBvgIUlFBIC0fYDoscMrlKEtA%2BxMCM1uOh60SqJtm%2Fhwr9m4hJDu9EdI8H8bHpZXCuXNqO0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 847a64c9ac71bb55-FRA
expires: Fri, 17 Jan 2025 14:42:00 GMT

GET
H2 200 satisfaction-guarantee.svg
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 20 KB
9 KB 41ms
31ms Image
image/svg+xml 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/satisfaction-guarantee.svg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8adf8092ae01a2b4d6ce8dd7c73cbf6b29caa0813e10a167f094ccec1b5c7442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 585162
etag: W/"657af289-4ea0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vJaDDBGR5AKWHJ6jNzywT1Z3GmdDlhwuw7m%2FFsB9ZHWkQQNdtjOfxcFmZsJ2Ai6yFmUsWHYP6gITwP4g%2B9WGHDVQaoOvMJ7NUIix1Py%2BwPt6Hlp%2FUJhvjwn5Asmgfam1Kcsgcosj%2FLsSYqVs%2Fkm%2FqU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000, public
cf-ray: 847a64c9ac72bb55-FRA
expires: Sat, 11 Jan 2025 04:17:10 GMT

GET
H2 200 video-play-button.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 2 KB
2 KB 30ms
20ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/video-play-button.png
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8e8cc4bc4ce23e1ba245602f799e939460720db5b448fb7fc051b468e15c215

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350237
cf-polished: origSize=4388
content-length: 1966
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-1124"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viEIdEk%2B%2BF9t2uVk7uybPa5L8p4h1llE%2FiLGSv9PkBliQmifMdOAo1uHvK%2FcvLzzVJ%2B0y1ol8esQo%2F7zxj0tg8UAAdLaLs2BvGcH7bwA9%2BzbSFMzvlswtmaP8TwGNAiasglmZA9SZIiqAxhxCekriUI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac73bb55-FRA
expires: Mon, 13 Jan 2025 21:32:35 GMT

GET
H2 200 step-1.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 10 KB
10 KB 26ms
16ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/step-1.png
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74c9144e92580dd4c72f885076c3fc2242102b6a60874bf0a169b3aef3c90c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348812
cf-polished: origSize=11733
content-length: 10233
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-2dd5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jx0TKCbooPbUCdeJnI2g8ncgNfYgsSnx116Wgr2biB8%2FeK87FVgFrOMfOd2%2FhOS8d6HE4x61QIt7%2FtSI2lx5s8rCpsp0P6Sepryl%2BB84X7FBA%2FKu6XDeR77qCgf4BWm47c%2FgmesOgda7HzdoDlfQsY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac74bb55-FRA
expires: Mon, 13 Jan 2025 21:56:20 GMT

GET
H2 200 step-2.webp
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 12 KB
12 KB 32ms
22ms Image
image/webp 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/step-2.webp
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 667ba7b0d3a169eb6c53843f1f7dbc6add57735ca806f8168a0d0294cfc9508f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29272
content-length: 11816
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
server: cloudflare
etag: "65a58f78-2e28"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjqw8BcpluX%2BrOojEAAG6V3Ldb%2FnCBaXrEHQNP9PhDnHBrBTfY%2FWaXd4w%2FYZBm%2FSryKN5J5zDugpWNlY7CmJMljHU80yPzaEYShU9fzNU%2F9q0oUfvsPumfrN113NLVTd%2BRU%2BuHAqACQAL0S7LjH0Q%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac75bb55-FRA
expires: Fri, 17 Jan 2025 14:42:00 GMT

GET
H2 200 step-3.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 7 KB
7 KB 42ms
32ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/step-3.png
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d4ebc3465fa3d11b92b8fa90b24c91b1f67e9088e17642fb4186e9e1db563f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348812
cf-polished: origSize=8147
content-length: 7223
cf-bgj: imgq:100,h2pri
last-modified: Thu, 14 Dec 2023 12:18:17 GMT
server: cloudflare
etag: "657af289-1fd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXYKLoDTuHbtPS5WCaadOufmOuZ92inQBhRD9S22XCNACXSng1AO9ni7CX8VQzbWKUe6ikn0u4jbEgOAw2yc4asyHtHT6SJTVb3F7bSk0PAcuNuUZcl4Hiyj5vFClw0CUvQe%2FWDS0XnrTbyguRqVWZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac77bb55-FRA
expires: Mon, 13 Jan 2025 21:56:20 GMT

GET
H2 200 five-stars.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 463 B
814 B 37ms
27ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/five-stars.png
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ddf8929cc709ae29868c0ddcc9d4fc35ebb547430683dfbc6225240e7241b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 29272
cf-polished: origSize=758
content-length: 463
cf-bgj: imgq:100,h2pri
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
server: cloudflare
etag: "65a58f78-2f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dB6miEi6go24Aiol%2FlMZiM17GKtCdPn8p31ztTbeA5bgYMHN%2FDWxeA4MImInkZHDWdhK%2Fl6p9VC3RP%2BiDx7f8amMkIF4H4s7mblruenHqiMnfIhjsJaEOK0FFWLQId4xHBoR%2FYHMtAG09JIOA0urHXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac78bb55-FRA
expires: Fri, 17 Jan 2025 14:42:00 GMT

GET
H2 200 65206675a362d796309261.jpg
www.thepaystubs.com/cms-uploads/media/cache/blog_article_small/files/cms/standalone-content/thumbnail/ 19 KB
19 KB 212ms
203ms Image
image/jpeg 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/cms-uploads/media/cache/blog_article_small/files/cms/standalone-content/thumbnail/65206675a362d796309261.jpg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e950961cc6faed3c799900c940626107297c064ce78da5ddf03014dd6fba5f50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=19405
content-length: 19091
cf-bgj: imgq:100,h2pri
last-modified: Fri, 06 Oct 2023 19:56:38 GMT
server: cloudflare
etag: "65206676-4bcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnNGSemw2Pxbx4s2oO1cJ0jg2liPBHgC4mprBmNl9zsZS7q3V%2BH7kPPIXpAw6VMCyBsmV%2F0Qoj0M1gyCxhnaHX%2FTRauXCpTHJ%2FQV8yKMatD1E9326KGJN0hVKr%2BecB39tS7aolI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac79bb55-FRA
expires: Sun, 05 Jan 2025 19:02:47 GMT

GET
H2 200 651343ce33c1b849536805.jpg
www.thepaystubs.com/cms-uploads/media/cache/blog_article_small/files/cms/standalone-content/thumbnail/ 12 KB
12 KB 207ms
198ms Image
image/jpeg 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/cms-uploads/media/cache/blog_article_small/files/cms/standalone-content/thumbnail/651343ce33c1b849536805.jpg
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 112b64ac296ce964e5853dc03192a0f24e7eb7db8e1c944176c1549579f73179

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=12220
content-length: 12078
cf-bgj: imgq:100,h2pri
last-modified: Tue, 26 Sep 2023 20:50:00 GMT
server: cloudflare
etag: "651343f8-2fbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Boa6R0C3sRNlftjggZEDfEj5pHaz6Er4uOBrTJG9WcTki3tW4z2OYLbtZjnGcwG%2FoHvr0gwF0TBJyaE44gELFgJXFVzgfolL1Deyr2M3myjsWc%2Fw9Af7gB%2B4DigQMyjIAoFrShE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64c9ac7bbb55-FRA
expires: Tue, 14 Jan 2025 09:03:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 17 KB
2 KB 45ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/assets/thepaystubspaystubgenerator/css/tps-fresh-chat-form.css?version=237c87a726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74d6cb4a2d2fcffe0efc528c81be5916b17b126eb18af8d4711d11f29cdaf92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 22:49:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 21:10:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 22:49:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 283 KB
93 KB 40ms
30ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-WKLDCQDLSP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71604044-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab41db38480e169b9394fbe7f2c8ee070a493172ce844f7e823255307f7a6b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 22:49:52 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71604044-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 18 Jan 2024 21:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3703
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 18 Jan 2024 23:48:09 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 214 KB
75 KB 39ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-933435326&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-71604044-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bad68467a01ea68fc441d62b6fd98e7e61624f71a808d67912db17a20bb186bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 76557
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 22:09:16 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 22:49:52 GMT

GET
H2 200 web Show response
edge.fullstory.com/s/settings/MCM6B/v1/ 4 KB
2 KB 109ms
109ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/MCM6B/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 842cc4b7277aa4070e812687e553c32ebc03920c3a188cc0c7efcafa056e5453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPrpbFubeMAB58Jpz5MSzbxBKwk0ooDATsc73lACdUp0v6x_EVs67wXO-4cbYcC6wKoctb7FNxf8
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
last-modified: Thu, 18 Jan 2024 22:41:29 GMT
server: UploadServer
etag: "8c624d63898c6c0210d83822fe8b840e"
x-goog-generation: 1704813389523575
x-goog-hash: crc32c=zVN12Q==, md5=jGJNY4mMbAIQ2Dgi/ouEDg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1322
accept-ranges: bytes
content-type: application/json
expires: Thu, 18 Jan 2024 23:04:53 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
81 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DDDH7RGZM6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ78NC2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a29c186251d21bb83017f30d099897d00bab03d5946a3a0b655e6d7cab7f6111

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82957
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 22:49:53 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 213 KB
57 KB 21ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ78NC2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Jan 2024 22:49:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57003
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: MynYTZO3G0ZRoUSspPqlzdX3G0IdI8cXo5ePBgw762kqX1swjQdh73eUb44rUtjNHiBqlNi85Q8haax3T8sPUg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 56ms
14ms Script
application/javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ78NC2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Jan 2024 16:29:26 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=46458
accept-ranges: bytes
content-length: 15732

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
3 KB 64ms
39ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TQ78NC2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9ab167fb4bf6ab63b9f20538f2a3ed1d5668ee7eef1ad6f0cda7441d752b5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Thu, 18 Jan 2024 22:49:53 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 141ms
112ms Script
application/javascript 104.126.37.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJ91AL3C77UC18381FC0&lib=ttq
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bd3079952fe13806d893765b1850c99b543c0078278ccd0a7cdb959866ac9457

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 5c1e0219
date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24011822495307EA139341AC435BADAF-55062104BD32AA72-00
x-cache: TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=100
content-length: 1733
pragma: no-cache
server: nginx
x-tt-logid: 2024011822495307EA139341AC435BADAF
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 100,104.126.37.173
x-tt-trace-host: 0143c9a2ce5f6e8441192a64c56558e26b34415078847b30b320b089a59d156384884cdc91b5dbf6aab5b80b37cf6bf8cd790c0aef052e493cc6dd0a3fa9bef1e22a24a91d41c42a41a7047d174a1aa01bc389630073e58cfd1cf6dfec57a6c63d
expires: Thu, 18 Jan 2024 22:49:53 GMT

GET
H2 204 17457971.js Show response
bat.bing.com/p/action/ 0
115 B 30ms
29ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/17457971.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 18 Jan 2024 22:49:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F92652A48C3F429397195A59745CE013 Ref B: FRAEDGE1116 Ref C: 2024-01-18T22:49:53Z
x-cache: CONFIG_NOCACHE

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d62ee91004dab6abf7252a81dd7789b0c48bce6a284850a823c10e69efe2003

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 130 KB
50 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PGZJTLT&t=gtag_UA_71604044_1&cid=1360234621.1705618193

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc5b317fb9227022b7f1d3ccc84082bc1ba7f6031a2ef31258a44c3842570c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51059
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 22:09:16 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 22:49:53 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 34ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-WKLDCQDLSP&gtm=45je41a0v887502835&_p=1705618192860&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1360234621.1705618193&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1705618193&sct=1&seg=0&dl=https%3A%2F%2Fwww.thepaystubs.com%2F&dt=Paystub%20Generator%20%7C%20No.1%20Checkstub%20Maker%20-%20ThePayStubs&en=page_view&_fv=1&_ss=1&tfd=300
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKLDCQDLSP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thepaystubs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 66ms
25ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WKLDCQDLSP&cid=1360234621.1705618193&gtm=45je41a0v887502835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WKLDCQDLSP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thepaystubs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 37ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WKLDCQDLSP&cid=1360234621.1705618193&gtm=45je41a0v887502835&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=683507140

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/933435326/ 3 KB
2 KB 63ms
43ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/933435326/?random=1705618193050&cv=11&fst=1705618193050&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9105605370&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thepaystubs.com%2F&hn=www.googleadservices.com&frm=0&tiba=Paystub%20Generator%20%7C%20No.1%20Checkstub%20Maker%20-%20ThePayStubs&auid=2054129729.1705618193&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-933435326&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0d6a7fb9a4d18a11f390b401dc2b7a337dcc8cf46634f8709eb2e339756347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect Show response
gtm.thepaystubs.com/g/ 65 B
522 B 505ms
172ms XHR
text/plain 104.198.8.50
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.thepaystubs.com/g/collect?v=2&tid=G-DDDH7RGZM6&gtm=45je41a0v9119008940z89118554012&_p=1705618192860&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1360234621.1705618193&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1705618192860&_s=1&sid=1705618193&sct=1&seg=0&dl=https%3A%2F%2Fwww.thepaystubs.com%2F&dt=Paystub%20Generator%20%7C%20No.1%20Checkstub%20Maker%20-%20ThePayStubs&en=page_view&_fv=1&_ss=1&tfd=333&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DDDH7RGZM6&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.198.8.50 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

50.8.198.104.bc.googleusercontent.com

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://www.thepaystubs.com
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
918 B 135ms
105ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://www.thepaystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6D407A7CAFA940E5927C14624A073AD3 Ref B: FRAEDGE1112 Ref C: 2024-01-18T22:49:53Z
linkedin-action: 1
vary: Origin
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
access-control-allow-origin: https://www.thepaystubs.com
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYPQC6Gky6uedbkPWh5Gw==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5721305&time=1705618193082&url=https%3A%2F%2Fwww.thepaystubs.com%2F&tm=gtmv2
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5721305&time=1705618193082&url=https%3A%2F%2Fwww.thepaystubs.com%2F&tm=gtmv2&cookiesTest=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5721305&time=1705618193082&url=https%3A%2F%2Fwww.thepaystubs.com%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQJd06EgmpveDAAAAY0exDvkOiPevpze08vlvTx_3DiF...

0
265 B

213ms
177ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5721305&time=1705618193082&url=https%3A%2F%2Fwww.thepaystubs.com%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQJd06EgmpveDAAAAY0exDvkOiPevpze08vlvTx_3DiFl4PduQWbKdDoXNsDRCEzrC0JhrHk8GvUx_fNNZOhW8w1lnjpuA
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: D1BF01A2883C47B2A0DE9C2FA1376B45 Ref B: FRAEDGE1921 Ref C: 2024-01-18T22:49:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPQC6NIMRgUDAJw6L8XA==

Redirect headers

date: Thu, 18 Jan 2024 22:49:52 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 98A43A3068654942AD658F012CF38D29 Ref B: FRAEDGE1112 Ref C: 2024-01-18T22:49:53Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5721305&time=1705618193082&url=https%3A%2F%2Fwww.thepaystubs.com%2F&tm=gtmv2&cookiesTest=true&e_ipv6=AQJd06EgmpveDAAAAY0exDvkOiPevpze08vlvTx_3DiFl4PduQWbKdDoXNsDRCEzrC0JhrHk8GvUx_fNNZOhW8w1lnjpuA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYPQC6J2VoG2WwpemBibA==

GET
H2 200 1424169681749488 Show response
connect.facebook.net/signals/config/ 132 KB
35 KB 67ms
67ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1424169681749488?v=2.9.141&r=stable&domain=www.thepaystubs.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4de87507e05ccb1504b746587edafbd5546b1a2d9d24ca82194b1a455b27379d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Jan 2024 22:49:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 3cc6Q+FXac4wESUd2hS5B7jldQjzuz6a3uhw4GtQOJwToQj+HEFrNc8rlkjJOLbs02QYbhuyYAKyV3czIGfh4g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 16ms
16ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=752079960&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thepaystubs.com%2F&ul=en-us&de=UTF-8&dt=Paystub%20Generator%20%7C%20No.1%20Checkstub%20Maker%20-%20ThePayStubs&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAACAAI~&jid=1122885250&gjid=689660853&cid=1360234621.1705618193&tid=UA-71604044-1&_gid=1375360813.1705618193&_r=1&gtm=457e41a0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1472342619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thepaystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thepaystubs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/42a553e1/www-widgetapi.vflset/ 216 KB
67 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/42a553e1/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8791270626b8a4fed6d34bc6cc2b10b5a682ce66d8b5016ed60fe711b5d2d016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 13:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33502
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68593
x-xss-protection: 0
last-modified: Wed, 17 Jan 2024 05:15:15 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 17 Jan 2025 13:31:31 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 21ms
21ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-71604044-1&cid=1360234621.1705618193&jid=1122885250&gjid=689660853&_gid=1375360813.1705618193&_u=aGBAAUACQAAAACAAI~&z=113056731

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thepaystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 18 Jan 2024 22:49:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thepaystubs.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
2 KB 157ms
131ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e88e5db12226555063bcc410731fccdb0ab4e4bc0268dbaaa830e7ec903e2b3c

Request headers

Referer: https://www.thepaystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thepaystubs.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1456

GET
H2 200 /
www.google.com/pagead/1p-user-list/933435326/ 42 B
154 B 39ms
18ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/933435326/?random=1705618193050&cv=11&fst=1705615200000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9105605370&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thepaystubs.com%2F&frm=0&tiba=Paystub%20Generator%20%7C%20No.1%20Checkstub%20Maker%20-%20ThePayStubs&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_hf1M-eT8g3OT0C904DLkMrImafRg1Q&random=2525846551&rmt_tld=0&ipr=y

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/933435326/ 42 B
154 B 17ms
17ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/933435326/?random=1705618193050&cv=11&fst=1705615200000&bg=ffffff&guid=ON&async=1&gtm=45be41a0v9105605370&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.thepaystubs.com%2F&frm=0&tiba=Paystub%20Generator%20%7C%20No.1%20Checkstub%20Maker%20-%20ThePayStubs&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_hf1M-eT8g3OT0C904DLkMrImafRg1Q&random=2525846551&rmt_tld=1&ipr=y

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 26ms
17ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-71604044-1&cid=1360234621.1705618193&jid=1122885250&_u=aGBAAUACQAAAACAAI~&z=948780078

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-71604044-1&cid=1360234621.1705618193&jid=1122885250&_u=aGBAAUACQAAAACAAI~&z=948780078

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTc3MGUxMzJiMQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 396 KB
104 KB 11ms
11ms Script
application/javascript 104.126.37.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CJ91AL3C77UC18381FC0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 5c1e0367
date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240112163321CB16C97027C0E25A612F
x-tt-trace-id: 00-240112163321CB16C97027C0E25A612F-5EEF37B9B8C74DD7-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 010a5561d024cd56eff2ef0721548f935aecf224b7e869186a90ff616042a74eb8ed9092b23cf8197ef064af2c04ece6988aa13dc7a89492185a5544cccbf0e0e5bbe38e1849709536cca27cc575f60f873e788e1378fca586931c5e107699f5c3
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 105350

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 29ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1424169681749488&ev=PageView&dl=https%3A%2F%2Fwww.thepaystubs.com%2F&rl=&if=false&ts=1705618193167&sw=1600&sh=1200&v=2.9.141&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1705618193167.637640776&ler=empty&it=1705618193088&coo=false&tm=1&rqm=GET

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Jan 2024 22:49:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 identify_55404.js Show response
analytics.tiktok.com/i18n/pixel/static/ 137 KB
37 KB 12ms
12ms Script
application/javascript 104.126.37.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_55404.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-akamai-request-id: 5c1e03d4
date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240104161345CBB1E1C290F908F0EC25
x-tt-trace-id: 00-240104161345CBB1E1C290F908F0EC25-766F40541FCD0063-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 0137a65e4355387039957beb226dad2d4524e59b7873771082c9d39ece9aa1d1632725c6dc24c1a9e7a00f510a2089d9caeb2e8c30b78a8c2a170d390f6e4bdec7bc5b5e772de194d08cf0bdf21b3579eb74f711907ee5b2ba603035cda327e0ad
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 36926

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
706 B 144ms
143ms Ping
text/plain 104.126.37.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thepaystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 5c1e041b
date: Thu, 18 Jan 2024 22:49:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240118224953CC90D546A0813DDFB931-696E9576D9A81F93-00
x-cache: TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
server-timing: inner; dur=31, cdn-cache; desc=MISS, edge; dur=7, origin; dur=125
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240118224953CC90D546A0813DDFB931
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 125,104.126.37.173
x-tt-trace-host: 0143c9a2ce5f6e8441192a64c56558e26b34415078847b30b320b089a59d156384749d55add695b608f32e84b727579b6a03ba671eade9d19d4f168eb02868e5f0f6fb3b55d92996d42b1e36cb19bf3004593cba4888cb88c8d6cc10c8eeb9a027
access-control-allow-headers: Authorization,*
expires: Thu, 18 Jan 2024 22:49:53 GMT

GET
H3 200 408292173546210 Show response
connect.facebook.net/signals/config/ 54 KB
13 KB 63ms
63ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/408292173546210?v=2.9.141&r=stable&domain=www.thepaystubs.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

150b881d5c2aaa4c63a987b79051c8f591f386d66da99db6f7120993a77a674e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Jan 2024 22:49:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Y4Fy9Q+YEdVs9LnlI9MBgz2fanvlLgmPDwXnODMPwh3w6uNJivagLjex5fKqemRH0PQVQDmfKPLAfbZua6Ooyw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 27ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thepaystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Wed, 17 Jan 2024 11:02:10 GMT
x-content-type-options: nosniff
age: 128863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Jan 2025 11:02:10 GMT

GET
H2 200 stat.js Show response
www.clickcease.com/monitor/ 142 KB
43 KB 61ms
11ms Script
application/javascript 2600:9000:2315:e200:15:a0d3:77c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2315:e200:15:a0d3:77c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding: gzip
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 22:49:50 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop: DUS51-P2
age: 12
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 09:05:15 GMT
server: AmazonS3
etag: W/"e112b8bf96f23bc2970347a3c98e37fc"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: r8KOgCNPbUBpQ4Q9aLcxZ6LY80dyLBPjs125kbdo2dzB7Sp5Ocbo3w==

GET
H2 200 ntag.js Show response
www.nivaai.com/ 5 KB
2 KB 45ms
11ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nivaai.com/ntag.js?id=6249ec2b-9496-41ca-97c0-e50802176b13

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

387623d1e78c3b5d1a75cc2d6c586a5be756f463b17b115c7def4e513570b4ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::n4nth-1705618193304-d4e5b3c25e3f
age: 43345
x-matched-path: /ntag.js
etag: W/"a79a4faf698a3cb0728be3b509618653"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ntag.js"

GET
H2 200 config_iframe.html Show response
paystubs.freshchat.com/widget/ Frame 0A10 701 B
1 KB 102ms
101ms Document
text/html 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/widget/config_iframe.html?host=https://paystubs.freshchat.com&token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&origin=https://www.thepaystubs.com&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c

Requested by

Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

bae1f759fd4cd9055a14e9384f474c8e53358ea04bffda92bde1e11b0599c61c

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thepaystubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Thu, 18 Jan 2024 22:49:53 GMT
last-modified: Tue, 16 Jan 2024 04:56:56 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: a79fa86e-e7c6-4a52-a872-02fa17775082
x-server: 5984f
x-trace-id: 00-81984427447954fcf5c7ab6ac8008936-8c48f1c2571d7fff-00
x-xss-protection: 1; mode=block

GET
H2 204 0
bat.bing.com/action/ 0
284 B 29ms
29ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=17457971&Ver=2&mid=a96e73e9-103b-4aa7-b7a7-5d83ed334aa4&sid=e4d69560b65311ee9d3c194e6cdc73d0&vid=e4d6ca10b65311eebff1ed6fbce06314&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Paystub%20Generator%20%7C%20No.1%20Checkstub%20Maker%20-%20ThePayStubs&kw=paystub%20generator,%20generate%20checkstubs%20online,%20paystubs,%20stubs,%20checkstub%20maker,%20pay%20stubs%20online&p=https%3A%2F%2Fwww.thepaystubs.com%2F&r=&lt=538&evt=pageLoad&sv=1&rn=346814

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 18 Jan 2024 22:49:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3685438ADBF048A89718C6612A6E6BC4 Ref B: FRAEDGE1116 Ref C: 2024-01-18T22:49:53Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 210758968237773 Show response
connect.facebook.net/signals/config/ 134 KB
35 KB 64ms
64ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/210758968237773?v=2.9.141&r=stable&domain=www.thepaystubs.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

42c1c61fcae62de4981b839c879f79f24b8a62a10daa95e3716c3236561134e2

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 18 Jan 2024 22:49:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 0SPDvB5LYZL+bVrAqJ6hXt38mOGwwivdXDbCTUS8viSu/MPYxzu9bnn/Ck6u82h0gZ+ZfcmjhARHwGyCi6Mcfw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tr Show response
api.nivaai.com/ 0
386 B 276ms
197ms Fetch
application/json 143.204.215.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nivaai.com/tr?command=config&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&ntag=6249ec2b-9496-41ca-97c0-e50802176b13&pathname=/
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-62.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 a4a46c5a6cdf81ec1d08cf6e63389764.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-trace-id: Root=1-65a9ab11-5bf605227398244b2242b257;Sampled=0;lineage=fc8b8e8b:0
x-amzn-requestid: 6e3d68c9-fa8e-4f13-baa4-fe18fa561f98
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: RweqxFruoAMEafQ=
content-length: 0
x-amz-cf-id: iCJT85gMOqnk7gkuQDkGnZv3ZoDT6LH602u41FC7Kfc2hbur1p_JHA==
access-control-allow-headers: *

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://secure.adnxs.com/setuid?entity=52&code=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

43 B
1 KB

10ms
10ms

Image
image/gif

37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
an-x-request-uuid: 624d25af-b194-4041-a130-f4dc4cc4d0eb
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
an-x-request-uuid: bf921453-b618-4316-a63d-28eb031c3e09
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://x.bidswitch.net/sync?dsp_id=46&user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30

43 B
235 B

86ms
15ms

Image
image/gif

35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: HTTP/1.1
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 22:49:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 3cc7d1f9-d4e6-491b-9dd3-1662f0d99efd
x-amzn-trace-id: Root=1-65a9ab11-36e8d91748d6cded1e35a4d9;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://x.bidswitch.net/sync?dsp_id=46&user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30
access-control-allow-origin: *
x-amz-apigw-id: RweqzFy9oAMEeuQ=
content-length: 0
x-amz-cf-id: WQewoRoZ2LuZjZB36XuO-tC1fonnFqFKrhAAvx0ws5hMe-hN4J29BA==
access-control-allow-headers: *

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://sync.outbrain.com/cookie-sync?p=niva&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&initiator=partner

0
145 B

345ms
86ms

Image
text/plain

64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=niva&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&initiator=partner
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: HTTP/1.1
Server: 64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 22:49:54 GMT
Cache-Control: no-cache
X-TraceId: 138f3328818200333b6caac3fac85ec9
Content-Length: 0

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: bc2e0e83-57d4-463d-90b0-3d821956d4f3
x-amzn-trace-id: Root=1-65a9ab11-5df725b206ec996905ff576a;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync.outbrain.com/cookie-sync?p=niva&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&initiator=partner
access-control-allow-origin: *
x-amz-apigw-id: RweqzFdjoAMETDQ=
content-length: 0
x-amz-cf-id: DDNY1Xnd8cB5jNbAKSLADncMDyQhUxhC0TXd5XoeOtx23S-k_Jo-GA==
access-control-allow-headers: *

GET
H2

200

sync.htm
ade.clmbtech.com/uid/
Redirect Chain

https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

68 B
259 B

211ms
158ms

Image
image/jpeg

2a02:26f0:480:c::210:f195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Server

2a02:26f0:480:c::210:f195 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 18 Jan 2024 22:49:53 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.17.241:80
content-length: 68
x-xss-protection: 1; mode=block

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 4d4b22c8-85cd-46a4-8bbb-0afaf25cb2d3
x-amzn-trace-id: Root=1-65a9ab11-6588cc5a082b4b844e3b7327;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: RweqzEiPoAMEatg=
content-length: 0
x-amz-cf-id: rxB9FlyX4QdxaFP_1xAZHJnzCCxb4DD-_F-ga8v43E0DMd_4M_migg==
access-control-allow-headers: *

GET
H2

200

pixelct.tpmn
ad.tpmn.io/
Redirect Chain

https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

170 B
605 B

292ms
265ms

Image
image/png

34.102.166.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
vary: accept-encoding
content-type: image/png;charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
date: Thu, 18 Jan 2024 22:49:53 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: accept-encoding

GET
H/1.1

200
OK

sync
x.bidswitch.net/
Redirect Chain

https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://x.bidswitch.net/sync?dsp_id=46&user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30

43 B
235 B

15ms
15ms

Image
image/gif

35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: HTTP/1.1
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 22:49:53 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 1406f2f8-e62e-49d5-a347-1fbdbb23bbdf
x-amzn-trace-id: Root=1-65a9ab11-280134503629b91042f02986;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://x.bidswitch.net/sync?dsp_id=46&user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30
access-control-allow-origin: *
x-amz-apigw-id: Rweq0FgroAMEG5A=
content-length: 0
x-amz-cf-id: 0WEk363SQTOGCQR-mLJILx2Oo3OuIv4sf2JHQAs8xl4tlaNPCCfAVg==
access-control-allow-headers: *

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/
Redirect Chain

https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&google_gid=CAESEIBORUo84PSUqxv_Vnhj3Kc&google_cver=1&google_ula=913071,0

43 B
370 B

296ms
93ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&google_gid=CAESEIBORUo84PSUqxv_Vnhj3Kc&google_cver=1&google_ula=913071,0

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 184556
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&google_gid=CAESEIBORUo84PSUqxv_Vnhj3Kc&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 392
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/
Redirect Chain

https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2826800844529132169

43 B
369 B

314ms
110ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2826800844529132169

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 215755
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
an-x-request-uuid: 9974b0c2-ab9c-47cd-aae9-5608789d0df1
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2826800844529132169
x-proxy-origin: 45.141.152.73; 45.141.152.73; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
sync-criteo.ads.yieldmo.com/
Redirect Chain

https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://sync-criteo.ads.yieldmo.com/sync?id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&pn_id=criteo&ext=1

0
38 B

103ms
29ms

Image
text/plain

54.154.71.202
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&pn_id=criteo&ext=1
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 54.154.71.202 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-71-202.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
content-length: 0

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 684cb956-96f5-4814-b8a4-be0ff28f6acc
x-amzn-trace-id: Root=1-65a9ab11-2632b7b8124c3de2176ddfaa;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync-criteo.ads.yieldmo.com/sync?id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&pn_id=criteo&ext=1
access-control-allow-origin: *
x-amz-apigw-id: Rweq0HYeoAMEeiQ=
content-length: 0
x-amz-cf-id: wTsYr393Xaqf0YKII_02Xi4xJjrfq05JuRz_IDxRou57ADBH7dlRqg==
access-control-allow-headers: *

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/
Redirect Chain

https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

0
99 B

74ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12505

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: a11cb662-98eb-4c5b-ac69-b3d8e7d8dab6
x-amzn-trace-id: Root=1-65a9ab11-6242a9fa05357a0407074e39;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq1HetoAMEWfw=
content-length: 0
x-amz-cf-id: P3TYMPhBKLdYM16EujcMze463jDG2RERnk_yQjYgoY18Y2u_l3B6Lg==
access-control-allow-headers: *

GET
H2

200

sync
criteo-partners.tremorhub.com/
Redirect Chain

https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://criteo-partners.tremorhub.com/sync?UICR=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

43 B
391 B

297ms
95ms

Image
image/gif

2600:1f18:612b:4232:950e:aa8c:14aa:701
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 2600:1f18:612b:4232:950e:aa8c:14aa:701 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Thu, 18 Jan 2024 22:49:54 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 9a105b94-a07a-40bb-a43a-dd46479205f1
x-amzn-trace-id: Root=1-65a9ab11-2958be685f14188b5cb840db;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://criteo-partners.tremorhub.com/sync?UICR=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq0HwnIAMEYeQ=
content-length: 0
x-amz-cf-id: EapkMixpl7BtdKmX1LIM-JgAaT2hnFYlx0-dtg-0YuG9YH5fvKfmzg==
access-control-allow-headers: *

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

57 B
807 B

84ms
57ms

Image
image/gif

95.101.148.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Server

95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a95-101-148-20.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 22:49:53 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
alt-svc: h3=":443"; ma=93600
content-length: 57
x-mnet-hl2: E
expires: Thu, 18 Jan 2024 22:49:53 GMT

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 73fb6eb7-0e68-4e91-b844-a4fd94a8c913
x-amzn-trace-id: Root=1-65a9ab11-692c14474b52ee4d5f9007fe;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq0FzQoAMEIuw=
content-length: 0
x-amz-cf-id: V-IZU66awRqZX4VBe4OXtmJk8pbG4NDpnoMD13l2xdCZnfCeWxCclQ==
access-control-allow-headers: *

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30

0
239 B

57ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 2ed6f5f4-5fe3-44d4-bd08-21db4a3d53f0
x-amzn-trace-id: Root=1-65a9ab11-59c719534e5ff7f06e8eb1d1;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&expires=30
access-control-allow-origin: *
x-amz-apigw-id: Rweq0EdPIAMEC3Q=
content-length: 0
x-amz-cf-id: U6YVEe4_iRvuXP_Di5EjY8Yon1lo0CY0CnLxjywUIWsX8DT1NsTCig==
access-control-allow-headers: *

GET
H2

204

v1
match.sharethrough.com/sync/
Redirect Chain

https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

0
35 B

26ms
6ms

Image
text/plain

35.158.87.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 35.158.87.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-87-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 6c2bdc1d-d47d-499f-9025-0d4b4fdad4df
x-amzn-trace-id: Root=1-65a9ab11-0d3f85196f0063f65557f1aa;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq1GWNIAMEsPw=
content-length: 0
x-amz-cf-id: Uh1UQbOarQNsCAKM6vIc3kdln9XJKxo1MQaZf-mx1GT1_WB7thKjWw==
access-control-allow-headers: *

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

43 B
163 B

107ms
13ms

Image
image/gif

81.17.55.117
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: HTTP/1.1
Server: 81.17.55.117 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: a10f4e2d-35f5-400f-8554-a561dd20da1b
x-amzn-trace-id: Root=1-65a9ab11-18936f530d48d77a65caa826;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq0FwVoAMELuQ=
content-length: 0
x-amz-cf-id: tNyPDEzY91y63V7YimbmEI8ixrHqGGOYObcs4sfr93o98YFRG7AarA==
access-control-allow-headers: *

GET
H2

200

um
criteo-sync.teads.tv/
Redirect Chain

https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://criteo-sync.teads.tv/um?eid=80&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

23 B
163 B

73ms
34ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Thu, 18 Jan 2024 22:49:53 GMT
pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: a04199b3-2fb2-45dc-86a5-890629616dbd
x-amzn-trace-id: Root=1-65a9ab11-3151029b68c9438c28f8763b;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://criteo-sync.teads.tv/um?eid=80&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq0GfXoAMEIBw=
content-length: 0
x-amz-cf-id: HFlKS8h2jsMMRxXwryCrBp3x96nVuT4nZm-N_zD8_CD5o5nEeqN1oQ==
access-control-allow-headers: *

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://eb2.3lift.com/xuid?mid=2711&xuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&dongle=013b

37 B
140 B

27ms
7ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&dongle=013b
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: cd453ede-cedd-4ece-884e-e4193bcf5d68
x-amzn-trace-id: Root=1-65a9ab11-0c9f27b572d4444c3217f7cf;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://eb2.3lift.com/xuid?mid=2711&xuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&dongle=013b
access-control-allow-origin: *
x-amz-apigw-id: Rweq0HlRoAMES4A=
content-length: 0
x-amz-cf-id: oW9-00s0nBtRxFnReZ20V_81hdqp9WuZYdSUiBQTGNLaIkL4BxtnNQ==
access-control-allow-headers: *

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/
Redirect Chain

https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

0
125 B

34ms
8ms

Image
text/plain

3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 073d0cb9-90c4-4715-845b-af157e87603a
x-amzn-trace-id: Root=1-65a9ab11-0fa69bbb4167e07f6f0110d0;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq0HeTIAMEWfw=
content-length: 0
x-amz-cf-id: OzVvxixvRa6EX-HFpqAV7Gp_3ZXWWU3RJlK2tNMoCNYQQ5998yWmAA==
access-control-allow-headers: *

GET
H/1.1

302
Found

idsync
tg.socdm.com/aux/
Redirect Chain

https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

0
660 B

829ms
266ms

Image
text/plain

124.146.153.165
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: HTTP/1.1
Server: 124.146.153.165 Miyado, Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Thu, 18 Jan 2024 22:49:54 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?dsp_uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&proto=niva","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZamrEsCo8XcAAPQZFq4AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40161"}
X-SO-Key: ZamrEsCo8XcAAPQZFq4AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40161
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: a-ad40161.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng19.dc4p.scaleout.jp
X-SO-IP: 45.141.152.73

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: d2851ab5-a55a-4e74-8a64-ea47086ca475
x-amzn-trace-id: Root=1-65a9ab11-2295da6311ff75c772870cd1;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq0H-boAMEWcg=
content-length: 0
x-amz-cf-id: _AXP5CdRyRC420VYxO5xm1mfo9jIn34p5XnP8ypXXykkef47wfqQNQ==
access-control-allow-headers: *

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

49 B
342 B

64ms
17ms

Image
image/gif

185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
content-length: 49
expires: 0

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: ccfb9d75-5eb0-45b4-a786-1a3b023ed6f6
x-amzn-trace-id: Root=1-65a9ab11-125f04320ec06dc66ef4b303;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq1En4IAMEudQ=
content-length: 0
x-amz-cf-id: RibqYamAaV7mKYvZ9lMdxlc3559cyQngddLEOVIUTN_d0Vsaf_FLeA==
access-control-allow-headers: *

GET
H2

200

rum
r.casalemedia.com/
Redirect Chain

https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&C=1

43 B
326 B

23ms
22ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&C=1
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vs0PJO9wtMx5HvVfWM1UZHxx%2Fn0g%2FAt3azSxxSFYdvWELI7JBDB4urL1dfJP0Nxda33iCrcTD7FHh1VLbg%2FLQmyOg%2BPhxsan1VDR%2B565sF5rl6TbTt8SQnZVuPf9dsr5e2md"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 847a64d01a2f1942-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eDNrjBTyHKqWGaceoMoeaRBlCeJCUpf1sgGhT0EYpnoz07qZfZJQL7Sw14GFsA6RASKQZrRKIKu535Qz3Qf%2BL1rm4g1XA1WGH2Dn5GxAV%2FSw8rrEQDRGqnL4Kyhl2LC%2BAEDO"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&C=1
cache-control: no-cache
cf-ray: 847a64cfea171942-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

204
NO CONTENT

/
partner.mediawallahscript.com/
Redirect Chain

https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&custom=&tag_format=img&tag_action=sync&cb=

0
225 B

151ms
31ms

Image
text/html

34.248.4.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&custom=&tag_format=img&tag_action=sync&cb=
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: HTTP/1.1
Server: 34.248.4.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-4-62.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 18 Jan 2024 22:49:54 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 3f1e4649-9db2-40e0-ba08-fee8fca3e4af
x-amzn-trace-id: Root=1-65a9ab11-263158e14c48159e4ea4d014;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&custom=&tag_format=img&tag_action=sync&cb=
access-control-allow-origin: *
x-amz-apigw-id: Rweq0EnYIAMEUCw=
content-length: 0
x-amz-cf-id: lMYG6-XSl9IrIkfEGq4G5YsLkmiFrqzg-Xhyl3wT6JV19mRYnyxF5Q==
access-control-allow-headers: *

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

43 B
199 B

100ms
29ms

Image
image/gif

52.210.27.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 52.210.27.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-27-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 22:49:54 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 14037358-7982-413e-8f50-2419810262b8
x-amzn-trace-id: Root=1-65a9ab11-77385df10d43e954350a8fc9;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq1F9MoAMEMNg=
content-length: 0
x-amz-cf-id: 1f1sXlJKaBPGTfNqO2D4oMjpumTerPSHLTQmUt8q31rZTfE-Tp2dnA==
access-control-allow-headers: *

GET
H2

200

sync
matching.ivitrack.com/
Redirect Chain

https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://matching.ivitrack.com/sync?realm=niva&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

42 B
265 B

40ms
15ms

Image
image/gif

34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=niva&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 7dfcbeac-43c2-495f-885f-e6c4b0bc3580
x-amzn-trace-id: Root=1-65a9ab11-4b602b7f19a6a6d253d49873;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://matching.ivitrack.com/sync?realm=niva&uid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq1EEzIAMEVkg=
content-length: 0
x-amz-cf-id: 9Q-1HKevQC5vuDe6yoL04vky6hd1MPH8TWAjzpkbWMI_3aMYHFp8qQ==
access-control-allow-headers: *

GET
H2

200

usersync.aspx
dis.criteo.com/dis/
Redirect Chain

https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78&_li_chk=true&previous_uuid=5620ecb55868428dac0c61244d141089
https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

43 B
362 B

259ms
258ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:54 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 202579
expires: Thu, 18 Jan 2024 00:00:00 GMT

Redirect headers

Location: https://dis.criteo.com/dis/usersync.aspx?r=77&p=311&cp=liveintent&cu=1&url=https://i.liadm.com/s/28292?bidder_id%3D71340%26bidder_uuid%3D@@CRITEO_USERID@@
Date: Thu, 18 Jan 2024 22:49:54 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 4

GET
H2

200

push
exchange.mediavine.com/usersync/
Redirect Chain

https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

0
877 B

35ms
8ms

Image
text/html

35.158.11.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 35.158.11.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-11-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: db4f21ef-977f-4005-b18f-996a4983a606
x-amzn-trace-id: Root=1-65a9ab11-2ead813a071304667b4ea9c4;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq1HaGoAMEEnQ=
content-length: 0
x-amz-cf-id: TLIDc30oZkwv6ZNpXq2tvAfvVUXhTIXaeM9I3d-Y5W0pkGvylynJvA==
access-control-allow-headers: *

GET
H2

200

c.gif
c.bing.com/
Redirect Chain

https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

42 B
404 B

33ms
32ms

Image
image/gif

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1EE0291B950B49DA89A2F714F14B7575 Ref B: FRAEDGE1116 Ref C: 2024-01-18T22:49:53Z
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 0e7fe8fc-d113-4f34-960d-14651b9351aa
x-amzn-trace-id: Root=1-65a9ab11-60babb03674fd24e4a7e22a6;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq1EHYIAMEcJA=
content-length: 0
x-amz-cf-id: Wyexgli-u44nWmSlANkl1qrCx8smp2jVKa5dDfbKb7ueJMgkwjgwgA==
access-control-allow-headers: *

GET
H2

200

1017
jadserve.postrelease.com/suid/
Redirect Chain

https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
https://jadserve.postrelease.com/suid/1017?vk=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

43 B
423 B

126ms
46ms

Image
image/gif

52.48.249.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Server: 52.48.249.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-249-53.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 22:49:53 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

date: Thu, 18 Jan 2024 22:49:53 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amzn-requestid: 06fdb3b1-544d-4d4d-ba99-e39e430ca35d
x-amzn-trace-id: Root=1-65a9ab11-48a3fb042416fd1367948229;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://jadserve.postrelease.com/suid/1017?vk=108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
access-control-allow-origin: *
x-amz-apigw-id: Rweq0H4ZoAMECkw=
content-length: 0
x-amz-cf-id: -0IgWiwvR9tZVMMpvy09lVH5bftfV9gOy2O2s1SDKiRcr4t1RRi8QA==
access-control-allow-headers: *

GET
H2 200 config Show response
paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/mw/ Frame 0A10 3 KB
3 KB 114ms
114ms Fetch
application/json 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/mw/config?domain=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c

Requested by

Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/config_iframe.html?host=https://paystubs.freshchat.com&token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&origin=https://www.thepaystubs.com&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

6867603baf94f4a4d130bffdce2e4ba556e6669eaa71da764daaeef94af49357

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/widget/config_iframe.html?host=https://paystubs.freshchat.com&token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&origin=https://www.thepaystubs.com&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 11
x-xss-protection: 1; mode=block
x-request-id: c373825b-27e0-4bfc-8b8c-25f54c685cfb
x-trace-id: 00-c9d916d0753a691b12212340f460a993-fd57b9f7edc39f15-00
server: fwe
vary: accept-encoding
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 2601
x-ratelimit-remaining: 2999
x-ratelimit-limit: 3000

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
848 B 206ms
206ms Ping
text/plain 104.126.37.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTc3MGUxMzJiMQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.177 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-177.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thepaystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 40c3190e.5c1e072b
date: Thu, 18 Jan 2024 22:49:53 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2401182249532614AA9C09F3C198E1C7-724AD5C4E12775AD-00
x-cache: TCP_MISS from a104-126-37-173.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
x-parent-response-time: 142,104.126.37.173
server-timing: cdn-cache; desc=MISS, edge; dur=103, origin; dur=59, inner; dur=52
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202401182249532614AA9C09F3C198E1C7
x-cache-remote: TCP_MISS from a23-48-200-69.deploy.akamaitechnologies.com (AkamaiGHost/11.4.0.1-53785976) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 59,23.48.200.69
x-tt-trace-host: 0143c9a2ce5f6e8441192a64c56558e26b086569fe75c738697e6fba7151db6851dbd14e6b905f81afb47c8f28fc2f14b66660301c0a4b2b8bb69ed6eb7855587a2e98824dca35e8a99af6a4eb6e0ac643d558dfffc5a06e8ce2e620df96c67ca83383e33e9d5aae5bbb4b488dbe545275
access-control-allow-headers: Authorization,*
expires: Thu, 18 Jan 2024 22:49:53 GMT

GET
H2 200 / Show response
paystubs.freshchat.com/widget/ Frame 55B4 5 KB
3 KB 104ms
103ms Document
text/html 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true

Requested by

Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

f845e5f77db57867a7e0efd812d29930da49ffea368eb9bd4357cd404780c65d

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thepaystubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Thu, 18 Jan 2024 22:49:53 GMT
last-modified: Tue, 16 Jan 2024 04:56:56 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: 957a8cdb-fe4b-460c-873f-76948e21d3c7
x-server: pg76p
x-trace-id: 00-b7859d815b548d281b3e5f41bc7af2b0-46d9f9b730247926-00
x-xss-protection: 1; mode=block

GET
H2 200 widget.css
paystubs.freshchat.com/widget/css/ 9 KB
2 KB 102ms
102ms Stylesheet
text/css 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/widget/css/widget.css?t=1705618193507

Requested by

Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

1746b268addac39a01bc462c8e85434841637a136be1c0234b2eae14988e3d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: f3d36f9e-6f0e-94a6-ab7c-49d798725531
x-trace-id: 00-9c6cc5cb6511ab26ab37f1ee8338842c-3858c9f390a98bf6-01
last-modified: Tue, 16 Jan 2024 04:56:56 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: tbjsk
expires: Fri, 17 Jan 2025 22:49:53 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1424169681749488&ev=PageView&dl=https%3A%2F%2Fwww.thepaystubs.com%2F&rl=&if=false&ts=1705618193515&sw=1600&sh=1200&v=2.9.141&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1705618193167.637640776&ler=empty&it=1705618193088&coo=false&cdl=&rqm=GET

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Jan 2024 22:49:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=408292173546210&ev=PageView&dl=https%3A%2F%2Fwww.thepaystubs.com&rl=&if=false&ts=1705618193515&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4124&fbp=fb.1.1705618193167.637640776&ler=empty&pm=1&hrl=144ae5&it=1705618193088&coo=false&cs_cc=1&cs_cc=1&cas=6037940782963003%2C3887304228019299&cas=6037940782963003%2C3887304228019299&cdl=&rqm=GET

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Jan 2024 22:49:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 8ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=210758968237773&ev=PageView&dl=https%3A%2F%2Fwww.thepaystubs.com%2F&rl=&if=false&ts=1705618193515&sw=1600&sh=1200&v=2.9.141&r=stable&ec=0&o=4126&fbp=fb.1.1705618193167.637640776&ler=empty&it=1705618193088&coo=false&cdl=&rqm=GET

Requested by

Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 18 Jan 2024 22:49:53 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 23 KB
5 KB 45ms
9ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:46:17 GMT
content-encoding: gzip
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 04:23:45 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 224
x-amz-server-side-encryption: AES256
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: eWUeJJzfB_6kFXKsrBvq5RRC1dbd_ERyEKs8cfqqaSUKC5SZUddrdQ==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 0
420 B 45ms
9ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:47:28 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 148
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Mon, 08 Jan 2024 04:23:44 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: WcsAkhVFXF87-a1zpNNKQeuYbBvlwA5ugIEPwImZuom3Jb8AZT1oFw==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 vendor.862630a2b93632e0d7bbae6d63246102.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 684 KB
194 KB 46ms
11ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7fecbfe24b0884ff617e8bb7bd0871397a39e6de70a6d2ff276743988f532bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:46:00 GMT
content-encoding: gzip
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 04:23:45 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 234
x-amz-server-side-encryption: AES256
etag: W/"862630a2b93632e0d7bbae6d63246102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 3fCjB4iP6p1IfwVEBwdj0zyUmxrLCJhM9iKnn21oY6KkfwQwwy2J4w==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 211.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 772 KB
178 KB 9ms
9ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/211.js
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6433a43310293748cf1fddd99a260723f22d8202abe6c37e736716eb1f0a7c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:47:17 GMT
content-encoding: br
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Wed, 20 Dec 2023 00:29:54 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 156
x-amz-server-side-encryption: AES256
etag: W/"47c822f8cee790a907c6e7dd37148e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: P_qMVHgEhPBwdcIeFB0uNZ4PFZEIE_eqGhXNzFIuTMjAe22mGcn8cA==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 chunk.7d7a379e6a2aec286837.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 243 KB
27 KB 9ms
9ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.7d7a379e6a2aec286837.css
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80f7d395cf93c58d93197e7ab338b45c4a88d853ce0917d54df119ecb80ab22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:46:17 GMT
content-encoding: br
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 04:56:49 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 229
x-amz-server-side-encryption: AES256
etag: W/"80781608bce24799ff39fbc59c3abaca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 3C4pu-2wp0pGaRFHUy47oVD5KPH3EUbHvQg903wCRE90JZPRu5nPug==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 fd-messaging.b512064bbb091a79cc62.css
assetscdn-wchat.freshchat.com/static/ Frame 55B4 243 KB
30 KB 9ms
9ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.b512064bbb091a79cc62.css
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80f7d395cf93c58d93197e7ab338b45c4a88d853ce0917d54df119ecb80ab22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:46:26 GMT
content-encoding: gzip
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 04:23:45 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 207
x-amz-server-side-encryption: AES256
etag: W/"80781608bce24799ff39fbc59c3abaca"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: JUWiEW8r2e9QPUibtdOZzdoUZwvfeo5hKeHjLVnvImO17VlUYLKWWw==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 fd-messaging.f67f06fec9610d2ce5ef.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 743 KB
133 KB 9ms
9ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d602c114540663b11443cab58000824b1fa4081095f887de9508c048a7cead5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:46:26 GMT
content-encoding: br
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 04:56:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 207
x-amz-server-side-encryption: AES256
etag: W/"a7accfccd5431d461c488dbc60250042"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: r-N0sVB0dE6-DbVpWuSEh3SyJFbf0FqTzabXq2ty42lS9rWJWBzxYA==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame 55B4 86 KB
26 KB 48ms
12ms Script
text/javascript 18.173.233.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.233.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-233-125.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a024505bf72e1df12a5a8b3cee3d207b251e08197119b2233e75f173c03d08ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: Y41dpGlcRDNHJUKY2o2EtC2ylprMm4u0
content-encoding: gzip
via: 1.1 1409f43de9922fa2ed053db7f1ec8b90.cloudfront.net (CloudFront)
date: Thu, 18 Jan 2024 22:49:51 GMT
last-modified: Wed, 13 Dec 2023 14:46:49 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P3
age: 3
x-amz-server-side-encryption: AES256
etag: W/"55155e934bf2f06780474adf628e427f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: 8K_OM4v9mwRV0qU_QA5vw4xo7Xtm5Uzbd45FxXnvqLTWHb63vryEZw==

GET
H2 200 chunk.53225951580d96ba885c.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 5 KB
2 KB 9ms
9ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.53225951580d96ba885c.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9037e86768130186d676f65444b051b348944719247563d521046bca6af241b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:46:30 GMT
content-encoding: br
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 04:23:42 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 206
x-amz-server-side-encryption: AES256
etag: W/"16f166059cdfefcc4cccee6866835222"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: rL4N_jrMoGCplKZYv1yhO6varboC5B-9tJmSU0V2N76sXzi4WgBzbw==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 chunk.7be603f8fb2482fb972b.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 11 KB
5 KB 10ms
10ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.7be603f8fb2482fb972b.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52a64558e7d0d7e73cd2fea7064fc02b849852b98e3c344f25fc6a5f1d449b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:46:26 GMT
content-encoding: gzip
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 04:23:43 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 220
x-amz-server-side-encryption: AES256
etag: W/"516f14e4be6e5d509f7f85c85054d45f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: ELkE__eYIFgS-frKC54OV2Cqc702E8yoZzOQjjcOc5FWCQg_aLKX5g==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H/1.1 200
OK img_vglfrlpmbh_0fd74626b0861b11c21cb476308f0684c5fbd04a63093fa20716983f65cc83e7.png
fc-use1-00-pics-bkt-00.s3.amazonaws.com/6995213326f2258357e55e5a3e67f9fb18cfcb6a9aed627f76cd5bff26b3e316/f_marketingpicFull/u_2603c827ba56d43f83e6734cf771a10cb04d33a3e1290c032c1ff3a0dda315c5/ Frame 55B4 606 B
1 KB 363ms
152ms Image
image/png 52.217.198.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fc-use1-00-pics-bkt-00.s3.amazonaws.com/6995213326f2258357e55e5a3e67f9fb18cfcb6a9aed627f76cd5bff26b3e316/f_marketingpicFull/u_2603c827ba56d43f83e6734cf771a10cb04d33a3e1290c032c1ff3a0dda315c5/img_vglfrlpmbh_0fd74626b0861b11c21cb476308f0684c5fbd04a63093fa20716983f65cc83e7.png
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.198.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f3f58bfd58e523048bb6300a784f778bee377b60ee34d3a0c88005650694fcf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 22:49:55 GMT
x-amz-version-id: rcNdRNTrV39hxU5LrOTTLt8qkmtg0sGx
Last-Modified: Tue, 04 Jul 2023 18:04:21 GMT
Server: AmazonS3
x-amz-request-id: 7Y0AFJ0HNG47N61V
ETag: "969a459479a8e946977dcecd9348a69d"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 606
x-amz-id-2: 8W744s4687WR1GnuwIUVA4RUpYCg4L+0WVJAcuM0QxjqyIKm7/hEOYMQ6UqTXMZFYQSz5/H0QO8=

GET
H2 200 co-browsing.js Show response
paystubs.freshchat.com/widget/js/ 26 KB
8 KB 103ms
102ms Script
application/javascript 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/widget/js/co-browsing.js

Requested by

Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

1e10e9493470eb296ba1ba705a39455e226be2906bd24a41e1f2b8287ff8f62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: 07a33dc7-405f-4b14-a88b-0c9044e195ba
x-trace-id: 00-4bdd69d62e47f9a51480056ad958cfe5-0c4e65b3c85b0e0f-00
last-modified: Tue, 16 Jan 2024 04:56:56 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: tbjsk
expires: Fri, 17 Jan 2025 22:49:53 GMT

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 4 KB
5 KB 11ms
10ms Media
audio/mpeg 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://paystubs.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 18 Jan 2024 22:48:15 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 100
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Mon, 08 Jan 2024 04:23:44 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
vary: Accept-Encoding
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: -JHHgKctl77QfzhXM9HCKj9FwkLvezq2suyDGZjxZruTSi8BhgqFwA==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 user Show response
paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/ Frame 55B4 63 B
999 B 105ms
105ms XHR
application/json 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/user?siteId=TPS

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 2
content-length: 63
x-xss-protection: 1; mode=block
x-request-id: cef6d5d7-87dd-4399-a40b-1ef1993f3a14
x-trace-id: 00-2c3489ea2a114f3e282cc4de46245f7b-647c14d1b3244c11-00
server: fwe
x-ratelimit-remaining: 2998
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 2601
x-ratelimit-limit: 3000

GET
H2 200 cb.css
paystubs.freshchat.com/widget/css/ 1 KB
1 KB 103ms
103ms Stylesheet
text/css 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/widget/css/cb.css?t=1705618194034

Requested by

Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/js/co-browsing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: b2e8962b-906d-43be-aa2b-fc8ee5b80347
x-trace-id: 00-bf227133e4ac41aef4a387ca33b4b27d-253764ef4db4b3fc-00
last-modified: Tue, 16 Jan 2024 04:56:56 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 5984f
expires: Fri, 17 Jan 2025 22:49:54 GMT

GET
H2 200 widget_info_v2 Show response
paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/ Frame 55B4 10 KB
3 KB 103ms
103ms XHR
application/json 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

360ecb3dcdbea27e801bcb66fcf1e1818d54c6d3e8d3538ab97181e16ba3a44e

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 0
x-status: HIT
x-xss-protection: 1; mode=block
x-request-id: dcdb5e3e-7971-47e6-8448-49dd1bea37d6
x-trace-id: 00-f2fcbbf5e13cbb1e36b78eaa7b0dedf4-d44832c8e27f6eff-00
server: fwe
vary: accept-encoding
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 9886
x-ratelimit-remaining: 2997
x-ratelimit-limit: 3000

GET
H2 200 chunk.b4e34b26bf9277e4cec0.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 89 KB
18 KB 10ms
10ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.b4e34b26bf9277e4cec0.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42cb0f92535b4c62050d17be72e101aa35c407fca55044d33e8ad9c0e5d8e9df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:48:56 GMT
content-encoding: br
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 04:23:43 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 60
x-amz-server-side-encryption: AES256
etag: W/"898ea654f872d5ed82b8a403eb5ef612"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: Vkw9V1BSBG2DLYMHn0_5PIyxMdFV4xOb1kFLOInIHjV3z6KQkE9uwQ==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 chunk.eeb1df0c1d9301056fea.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 281 KB
49 KB 10ms
10ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.eeb1df0c1d9301056fea.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e58895c844053854d89a346df3e6e4d1619df4d215060e6c673a846e4b0a7f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:45:10 GMT
content-encoding: br
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 04:56:50 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 300
x-amz-server-side-encryption: AES256
etag: W/"fb4d686d030c203ff35f7fecfdff8657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: DHo3jP2k2FX3FcKraughD1kvU8F__tjHjN9SRJP4my6UpbZrgRz0mg==
expires: Wed, 15 Jan 2025 04:56:47 GMT

PUT
H2 200 activity Show response
paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/user/91441cb8-908b-4b20-8699-06921f6daf2e/ Frame 55B4 17 B
954 B 109ms
108ms XHR
application/json 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/user/91441cb8-908b-4b20-8699-06921f6daf2e/activity?widgetInfoTraceId=41aff35a-e244-4b9e-8148-54d086fd9d73

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/211.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 5
content-length: 17
x-xss-protection: 1; mode=block
x-request-id: b0c88d70-da0b-4151-9a25-f826b6659e2c
x-trace-id: 00-d1ef707cf29882400e9da0640df3d638-482c32759f01f3f3-00
server: fwe
x-ratelimit-remaining: 2996
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 3063
x-ratelimit-limit: 3000

GET
H2 200 index.html Show response
434059818173913.webpush.freshchat.com/ Frame 6EDA 30 KB
7 KB 447ms
408ms Document
text/html 18.66.248.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://434059818173913.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-17.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Referer: https://www.thepaystubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Thu, 18 Jan 2024 22:49:55 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
x-amz-cf-id: Quao9ZUdP4HImVC2h0zIwiy4EQhmnszesN4eUSNqNrNua-m_O4gk8w==
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 categories Show response
paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/omni/faq/ Frame 55B4 81 B
1 KB 130ms
130ms XHR
application/json 13.248.221.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs.freshchat.com/app/services/app/webchat/497e4e8e-a71c-4a77-a9bd-9d21980b2bbf/omni/faq/categories?per_page=100&platform=web&locale=en-us&page=1&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.221.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

8779ea02c05847c1209231f40c56422c447c523ba2b512a5f904cdd426f295ed

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-b3-traceid: 7d441b37c51880c721c79edc9331f975
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 27
content-length: 81
x-xss-protection: 1; mode=block
x-request-id: 32c0af8b-652c-4755-9e03-92e22f4a2720
x-trace-id: 00-b0f6bc13027b167508520c534fd51775-e4fa5e2bbf6fb9e3-01, 00-b0f6bc13027b167508520c534fd51775-d5f988ad31a84292-00
x-fd-request-id: ac846ee7-bec1-9cd7-976b-2626a30b916f
server: fwe
x-ratelimit-remaining: 2995
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
x-b3-spanid: 1b016571cb20667e
access-control-allow-credentials: true
x-server: 2601
x-ratelimit-limit: 3000

GET
BLOB 200
OK 7b31f508-2811-4885-a8b4-15cc5c3e8c97
https://paystubs.freshchat.com/ Frame 55B4 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://paystubs.freshchat.com/7b31f508-2811-4885-a8b4-15cc5c3e8c97
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/widget/?token=497e4e8e-a71c-4a77-a9bd-9d21980b2bbf&referrer=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t&widgetUuid=54b734ae-f4cd-4cd3-bab7-06f475db991c&eagerLoad=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 152
Content-Type

GET
H2 200 9849.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 16 KB
3 KB 10ms
10ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/9849.css
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:48:58 GMT
content-encoding: br
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 04:23:42 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 64
x-amz-server-side-encryption: AES256
etag: W/"20f054b8b45ccd177447feada77d0895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: uFCbp4PhiFANwb-un3znZ9CFNgYZ35BWeDrNIDbTOCANw9nEZiTPWw==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 chunk.fd314e4ac1e6a45b6b94.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 137 B
586 B 10ms
10ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.fd314e4ac1e6a45b6b94.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44c7b3c33a1d28e0360f7b972e222118b5c746c1c774c67f3fd6ab9e53e9974f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:47:39 GMT
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P2
age: 144
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 137
last-modified: Wed, 20 Dec 2023 00:29:56 GMT
server: AmazonS3
etag: "a89e4a96c2e88cb6a5a23d73c000bcae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: _d70RO0xmvKYIek6HBeAUaxtoAnT4ZJfUXp7uk09KDol-aBGFOTBDg==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H2 200 chunk.cf2220b6d090e27b9496.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 55B4 48 KB
14 KB 10ms
10ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.cf2220b6d090e27b9496.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.f67f06fec9610d2ce5ef.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5936b3730015c46ef27548aff7b2162d0878761a5fda6f9d026fbeaef34c0ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:45:51 GMT
content-encoding: gzip
via: 1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 04:23:43 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 249
x-amz-server-side-encryption: AES256
etag: W/"c6a94cb46d8753f365405e99cf7185f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 8dq-rLTlceUGzVNuhOpsx2l12DNkmd03OoaBjkxDlrWfjArn-XEeig==
expires: Wed, 15 Jan 2025 04:56:47 GMT

GET
H/1.1 200
OK img_ne1t3f9r0u_08048fc4632ce75ad3d808f95cf41433732d88329a1f9bdd4e6f350c48e27348.png
fc-use1-00-pics-bkt-00.s3.amazonaws.com/6995213326f2258357e55e5a3e67f9fb18cfcb6a9aed627f76cd5bff26b3e316/f_appLevelPicFull/ Frame 55B4 5 KB
6 KB 111ms
111ms Image
image/png 52.217.198.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fc-use1-00-pics-bkt-00.s3.amazonaws.com/6995213326f2258357e55e5a3e67f9fb18cfcb6a9aed627f76cd5bff26b3e316/f_appLevelPicFull/img_ne1t3f9r0u_08048fc4632ce75ad3d808f95cf41433732d88329a1f9bdd4e6f350c48e27348.png
Requested by: Host: paystubs.freshchat.com
URL: https://paystubs.freshchat.com/home/308313
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.198.25 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 950e5d26b2d9708a731ba0f4e45e5c68c4bdfdbc6fbe98990f9f8b2082677fcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://paystubs.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Thu, 18 Jan 2024 22:49:55 GMT
x-amz-version-id: XRvFICigRU7ZhKHHuCAe1FJPjg3UBWIS
Last-Modified: Tue, 10 Oct 2023 10:06:08 GMT
Server: AmazonS3
x-amz-request-id: 7Y0FM9F99Q27DADT
ETag: "90fb2607bfd1173b10b94de4a58b70db"
x-amz-server-side-encryption: AES256
Content-Type: image/png
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Length: 5266
x-amz-id-2: YH7Xdmynqu0gxA54dAhL97Zo0Z/0AWL1nFMWCAhjnWwwDMy4Dj8U8fx6MaAIcekB9jpEBSmzXvs=

POST
H2 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
82 B 274ms
257ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=MCM6B&UserId=4bd8944b-4f7a-4efb-b2ae-b88fde00dfa2&SessionId=b9fa2eea-d697-4487-901e-8d6cc3214f20&PageId=88c37c12-1149-4808-8975-282e5322bf5a&Seq=1&PageStart=1705618193283&PrevBundleTime=0&LastActivity=874&IsNewSession=true
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.64.0/bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: cd9ecf513e964dd3dbd3c2f4b2e86aa6e8800e7d38311de45d2e5722d8bf9f57

Request headers

Referer: https://www.thepaystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thepaystubs.com
date: Thu, 18 Jan 2024 22:49:54 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 fc_logo.png
434059818173913.webpush.freshchat.com/ Frame 6EDA 4 KB
4 KB 10ms
10ms Image
image/png 18.66.248.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://434059818173913.webpush.freshchat.com/fc_logo.png
Requested by: Host: 434059818173913.webpush.freshchat.com
URL: https://434059818173913.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-17.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://434059818173913.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly93d3cudGhlcGF5c3R1YnMuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 01:05:12 GMT
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 78283
etag: "e87df9f10dcf497ae292dc234200465c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: JlIk024T_jr13pU8rk9nigfX2YfrAZt5Hkvx-sOAYBCpjUUWPPl4HQ==

GET
H2 200 btf-home.css
www.thepaystubs.com/assets/thepaystubswebsite/css/ 36 KB
6 KB 16ms
16ms Stylesheet
text/css 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thepaystubs.com/assets/thepaystubswebsite/css/btf-home.css?version=df21740048
Requested by: Host: www.thepaystubs.com
URL: https://www.thepaystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f210982809717e345699c61f91a0bdea9444563d387fe065bac3fea79835501a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 350196
cf-bgj: minify
last-modified: Thu, 14 Dec 2023 18:29:52 GMT
server: cloudflare
etag: W/"657b49a0-8ec1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LZrX4H%2BHgPXcg6isA2z40%2Baj1ibbh7ebltHVkd8PEHvTGznxvjRXfxTvBX%2BwlpYiOlFYZS13hXUzPFooJh0j%2BTqbfxTeYgxsq1VEZpO8w7MCscojhfd7XpLlXxC%2FvzSp%2BGd9AutJsSY6AL9C%2FJo1lw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000, public
cf-ray: 847a64d52c7cbb55-FRA
expires: Mon, 13 Jan 2025 21:33:17 GMT

GET
H2 200 64cfb15ea04fc210743014.jpg
www.thepaystubs.com/cms-uploads/media/cache/blog_article_small/files/cms/standalone-content/thumbnail/ 9 KB
10 KB 203ms
202ms Image
image/jpeg 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/cms-uploads/media/cache/blog_article_small/files/cms/standalone-content/thumbnail/64cfb15ea04fc210743014.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6495232310d04c4765024c654d4fff55753e11cdbfa919e0153f463968d5e0bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
via: 1.1 google
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
content-length: 9461
cf-bgj: imgq:100,h2pri
last-modified: Sun, 06 Aug 2023 14:42:49 GMT
server: cloudflare
etag: "64cfb169-24f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QE8XSKCJcTIaYh6YEqbH4HXP5ohYINnR0u%2FRFv5N2QcJE275zF3TiSolOEsPmg%2BzOigDwSNWVYQcnx6dX8xl65NYAOXz538saqWjhSO%2F%2FE40kw4F1U%2BID3So5hZiPh0qDdcLoOw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64d56ca7bb55-FRA
expires: Tue, 14 Jan 2025 15:41:51 GMT

GET
H2 200 paystubs-live-chat-icon.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 2 KB
2 KB 142ms
141ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/paystubs-live-chat-icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 856e7f5c507ecd123e8a15ed99f1a73a34a24b7709203e218dbdba54437503b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65a58f78-6ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSvWCI5IYBebSL4Ir27MdPaegp5iGVoZ%2F304FRAvpqWu811w4GcoCv6jpDcj73Pz09PdqTW9uy%2BFudcdU3Ap2OV3lrqc0JpBYmpP94MO3%2FR7KEqYTgM%2FP%2BvunLqGK%2BV1RNDlQfQVZbcFFfM4B8QMzWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64d56ca8bb55-FRA
content-length: 1707
expires: Fri, 17 Jan 2025 22:49:54 GMT

GET
H2 200 paystubs-call-service-icon.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 2 KB
2 KB 143ms
142ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/paystubs-call-service-icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3a744c2244f37693ca4d24584d717822318c7d02db7ec76514392361b317004

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65a58f78-6e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9c4nqtX75m1HdrGzOdQHxZqriNRZ%2BLb6IfSRLnOJAzquNOUBAb1OQb6SGH0bja3%2F1zAzprwHFjBsXPDZbUnVihjdjab%2BzECfyQwLpbUg5wno%2FxdoEJRSr6AoQMQFSw1vsKTDRuzs%2B11ZmFBBoBr1T00%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64d56ca9bb55-FRA
content-length: 1765
expires: Fri, 17 Jan 2025 22:49:54 GMT

GET
H2 200 paystubs-email-icon.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/ 1 KB
2 KB 130ms
129ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/paystubs-email-icon.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 495e0373d1ae52cbf1e89d93817731446418b09f4c54030ca055174e84eb83fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65a58f78-55a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2B72TFheQfGf6cQNZ37uLtHicYglPFTCWuZhLeM6D27qMAfhiJs7FcIksmprLyMfbeuCx%2FRaGbg8v0gPhU%2FrHAr%2FNjqMx0tKJ0kUZvynUjPX%2FTIK1GKE52XF%2BMAtPd3ITiEYQ%2B%2FY7HliH0HQNuMkPmU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64d56caabb55-FRA
content-length: 1370
expires: Fri, 17 Jan 2025 22:49:54 GMT

GET
H2 200 blue-stub-img.png
www.thepaystubs.com/bundles/thepaystubswebsite/images/landing-page/ 91 KB
91 KB 144ms
144ms Image
image/png 2606:4700:20::ac43:4b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thepaystubs.com/bundles/thepaystubswebsite/images/landing-page/blue-stub-img.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9104b1dbd33bc181b53326f32114a6ea26834becba4bc77d0b164650e32cc641

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.thepaystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 22:49:54 GMT
via: 1.1 google
cf-cache-status: MISS
last-modified: Mon, 15 Jan 2024 20:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65a58f78-16bb7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyBvz0KMdm7zEeZkJoRT3arJTdGZ9s31UWc0sT2RfnWnVT1%2BPvQTetr9ZqAwE504%2BsAuZ71T7PZN%2BKVrpu34HGvyx3eokDVm5NVhUbZCRfKFYEagc%2F7GCrx3gTeLQKDan1UDb8xnldVskrJmf9ejDJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 847a64d56cacbb55-FRA
content-length: 93111
expires: Fri, 17 Jan 2025 22:49:54 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 139ms
137ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=MCM6B&UserId=4bd8944b-4f7a-4efb-b2ae-b88fde00dfa2&SessionId=b9fa2eea-d697-4487-901e-8d6cc3214f20&PageId=88c37c12-1149-4808-8975-282e5322bf5a&Seq=2&PageStart=1705618193283&PrevBundleTime=1705618194412&LastActivity=4858&IsNewSession=true
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/7.64.0/bundle.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: ed85eacb7548711499e359a66f419d7c81adb68edb6b99560942a8bf8850840e

Request headers

Referer: https://www.thepaystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.thepaystubs.com
date: Thu, 18 Jan 2024 22:49:58 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

50 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 18:30:10	Name: _li_ss Value: CggKBgjdARCAFw
www.thepaystubs.com/	1969-12-31 23:59:59	Name: isUserFirstSession Value: 1
.thepaystubs.com/	1970-01-20 17:48:24	Name: _gid Value: GA1.2.1375360813.1705618193
.thepaystubs.com/	1970-01-21 03:22:58	Name: _ga_WKLDCQDLSP Value: GS1.1.1705618193.1.0.1705618193.60.0.0
.thepaystubs.com/	1970-01-21 03:22:58	Name: _ga Value: GA1.1.1360234621.1705618193
.thepaystubs.com/	1970-01-20 19:56:34	Name: _gcl_au Value: 1.1.2054129729.1705618193
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: UHmqxMFb8Nw
.youtube.com/	1970-01-20 22:06:10	Name: VISITOR_INFO1_LIVE Value: GQV4QK5WdcI
.thepaystubs.com/	1970-01-21 03:22:58	Name: _ga_DDDH7RGZM6 Value: GS1.1.1705618193.1.0.1705618193.0.0.0
.thepaystubs.com/	1970-01-20 17:46:58	Name: _gat_gtag_UA_71604044_1 Value: 1
.tiktok.com/	1970-01-21 03:08:34	Name: _ttp Value: 2b9D2WNpBLapBRJfbG5L71Zta1n
.thepaystubs.com/	1970-01-20 19:56:34	Name: _fbp Value: fb.1.1705618193167.637640776
.thepaystubs.com/	1970-01-21 03:08:34	Name: _tt_enable_cookie Value: 1
.thepaystubs.com/	1970-01-21 03:08:34	Name: _ttp Value: sgVnaCIlT-E7xrOFHbx7ku_Hw7b
.thepaystubs.com/	1970-01-20 17:46:59	Name: fs_lua Value: 1.1705618193282
.thepaystubs.com/	1970-01-21 02:32:34	Name: fs_uid Value: #MCM6B#4bd8944b-4f7a-4efb-b2ae-b88fde00dfa2:b9fa2eea-d697-4487-901e-8d6cc3214f20:1705618193282::1#/1737154192
.thepaystubs.com/	1970-01-20 17:48:24	Name: _uetsid Value: e4d69560b65311ee9d3c194e6cdc73d0
.linkedin.com/	1970-01-20 19:56:34	Name: li_sugr Value: dd4d1929-51da-459c-aead-64780f76de65
.linkedin.com/	1970-01-21 02:32:34	Name: bcookie Value: "v=2&02c9a775-b352-4787-8605-686b4c75284f"
.linkedin.com/	1970-01-20 17:48:24	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3107:u=1:x=1:i=1705618193:t=1705704593:v=2:sig=AQF8npaB6Mrhr-Wpeap2YvuYyPm-fYQ6"
.thepaystubs.com/	1970-01-21 03:08:34	Name: _uetvid Value: e4d6ca10b65311eebff1ed6fbce06314
.bing.com/	1970-01-21 03:08:34	Name: MUID Value: 1550735593C86B1A0522675F92A36A00
www.thepaystubs.com/	1969-12-31 23:59:59	Name: _na Value: 108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
.linkedin.com/	1970-01-20 22:06:10	Name: li_gc Value: MTswOzE3MDU2MTgxOTM7MjswMjHD/E8Db5Wz+b5QqppkpKfqVhY8LjTgTmvM4dxnM4bazA==
.thepaystubs.com/	1970-01-21 02:32:34	Name: _fw_crm_v Value: 43650b8e-da92-4a33-980b-befc34f0c145
.thepaystubs.com/	1970-01-21 03:22:58	Name: FPID Value: FPID2.2.wxZBlApv44xGngc%2BVBA7JA66nLNvDnu%2BFFr8YoWXXs0%3D.1705618193
.thepaystubs.com/	1970-01-20 17:48:10	Name: FPLC Value: vad9SH6CxQE04AZR1RzO2CYV1yO8Hub9VrQSdoPogx5UjGmoPu1xx6gVDnCkfvVIj6lSBzFez%2BVmdbqJYcUzLAqri4bWvTggvHo%2F2yFwZnX4u1EvLb7UHdgGim0Ilg%3D%3D
.adnxs.com/	1970-01-20 19:56:34	Name: uuid2 Value: 2826800844529132169
.adnxs.com/	1970-01-20 19:56:34	Name: anj Value: dTM7k!M4.FD>6NRF']wIg2GTzh1U?e!]tbPl@/6w9Z@H7eV+GI2RKI8:.]0G3QY1IfmY8'3f8OR4/5Ix41f5u5Vf9gKaz/?5D8-@P)[Q]P)j.gfIWOn
.adnxs.com/	1970-01-21 03:22:58	Name: XANDR_PANID Value: F7cZYzj5roBxO-Ge_etCUj6toKuDPkyWV0uANvs5WU05X4xSPrZjDKkumlqrsuga6aPZJEoEtCINf-G9Xb5HUjK55ADWNAPQOyYclMjVEYY.
.doubleclick.net/	1970-01-21 03:08:34	Name: IDE Value: AHWqTUlaLIy55VpDUfqZ7EtDF2qdQZgNX-NaIeJjwSuMNk_SIcmjo72Jq_8dQ2xF4cw
.casalemedia.com/	1970-01-21 02:32:34	Name: CMID Value: ZamrEQYqzuF7QCG.SXw4dgAA
.casalemedia.com/	1970-01-20 19:56:34	Name: CMPS Value: 2161
.casalemedia.com/	1970-01-20 19:56:34	Name: CMPRO Value: 2161
.media.net/	1970-01-21 02:32:34	Name: visitor-id Value: 3486197935428159000V10
.media.net/	1970-01-20 18:30:10	Name: data-c-ts Value: 1705618193
.media.net/	1970-01-20 18:30:10	Name: data-c Value: 108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78~~3
exchange.mediavine.com/	1970-01-20 18:07:07	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%22e541f570-b653-11ee-8759-39297982b556%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:07:07	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22e541f570-b653-11ee-8759-39297982b556%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:07:07	Name: am_tokens Value: %7B%22mv_uuid%22%3A%22e541f570-b653-11ee-8759-39297982b556%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:07:07	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%22e541f570-b653-11ee-8759-39297982b556%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 18:07:07	Name: niva Value: %7B%22id%22%3A%22108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78%22%2C%22version%22%3A%22niva%22%7D
.c.bing.com/	1970-01-20 17:57:02	Name: MR Value: 0
.postrelease.com/	1970-01-21 02:32:34	Name: opt_out Value: 1
.omnitagjs.com/	1970-01-20 18:30:10	Name: ayl_visitor Value: 581ded1e5b7cc3eff8d6d33e1f51ad8f
.tpmn.co.kr/	1970-01-20 18:30:10	Name: criteo Value: 108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
.tremorhub.com/	1970-01-21 02:32:55	Name: tvid Value: dee802c5629744dca0c8bd1824c85dc5
.tremorhub.com/	1970-01-20 18:30:10	Name: tv_UICR Value: 108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78
.liadm.com/	1970-01-21 03:22:58	Name: lidid Value: 5620ecb5-5868-428d-ac0c-61244d141089
.tpmn.io/	1970-01-20 18:30:10	Name: criteo Value: 108fcfe4-1e1f-4b08-ad1f-4246cb4d5c78

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://connect.facebook.net/signals/config/1424169681749488?v=2.9.141&r=stable&domain=www.thepaystubs.com(Line 127) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

434059818173913.webpush.freshchat.com
ad.360yield.com
ad.tpmn.co.kr
ad.tpmn.io
ade.clmbtech.com
analytics.tiktok.com
api.nivaai.com
assetscdn-wchat.freshchat.com
bat.bing.com
browser.sentry-cdn.com
c.bing.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
eb2.3lift.com
edge.fullstory.com
exchange.mediavine.com
fc-use1-00-pics-bkt-00.s3.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtm.thepaystubs.com
i.liadm.com
ib.adnxs.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
partner.mediawallahscript.com
paystubs.freshchat.com
pixel.rubiconproject.com
px.ads.linkedin.com
px4.ads.linkedin.com
r.casalemedia.com
region1.analytics.google.com
rs.fullstory.com
rtb-csync.smartadserver.com
rts-static-prod.freshworksapi.com
secure.adnxs.com
snap.licdn.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tg.socdm.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.clickcease.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.nivaai.com
www.thepaystubs.com
www.youtube.com
x.bidswitch.net
104.126.37.177
104.18.36.155
104.198.8.50
108.157.4.91
124.146.153.165
13.107.42.14
13.248.221.98
141.226.228.48
143.204.215.62
172.217.16.194
178.250.1.9
18.173.233.125
18.66.248.17
185.255.84.152
2.16.97.41
2001:4860:4802:34::36
2600:1f18:612b:4232:950e:aa8c:14aa:701
2600:9000:2315:e200:15:a0d3:77c0:93a1
2606:4700:20::681a:7c2
2606:4700:20::ac43:4b53
2620:1ec:21::14
2620:1ec:c11::200
2a00:1450:4001:802::2004
2a00:1450:4001:811::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9d
2a02:26f0:3500:16::215:149b
2a02:26f0:480:c::210:f195
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42::729
3.208.240.1
3.75.62.37
34.102.166.132
34.117.157.22
34.248.4.62
35.158.11.2
35.158.87.169
35.186.194.58
35.201.112.186
35.214.149.91
37.252.171.149
52.210.27.230
52.217.198.25
52.48.249.53
54.154.71.202
64.202.112.127
69.173.144.165
76.223.111.18
76.76.21.22
81.17.55.117
95.101.148.20
026ec34ee7182761d2fb237607d5a946e0273591165a9f3444c60b46d3ee2f96
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
031697f8deb6b9ac3156d702e86503929c656219e7f68c4f4c0170903934a130
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
08986577afb5ec60577a1ce35175147bede79ff0c4462d9a1d84eb42aeccce7b
09c9319809418451640ee5e266c0fdb038616386b00637f6886d5cf5a0bf2929
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf54eff1a3332fe3be1aa8e54fceac1fb29e8ff699149d9f482a65c279d6fc0
10b333cfe996b32a7404da2c95667e5078680962a3b7eeb1fef1cf126ee9890e
112b64ac296ce964e5853dc03192a0f24e7eb7db8e1c944176c1549579f73179
11c77804a35baaa7ba7e5bc9242739a1bdaa8daf6e3ccdc14b5d7bdedc00040b
12a3ff43036d2887a7b7ef989bdb63a3c05d75d2e591eb1c9352175095de2cdc
150b881d5c2aaa4c63a987b79051c8f591f386d66da99db6f7120993a77a674e
164e219fdf64004e7213e90b3d4fd19463971870e4b51fdd6030446bd6ef5e65
1746b268addac39a01bc462c8e85434841637a136be1c0234b2eae14988e3d3c
1e10e9493470eb296ba1ba705a39455e226be2906bd24a41e1f2b8287ff8f62b
1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30b1081c83147ad20d44c90d586a0120bd844102248593e3cd7558e07248f2e1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3605d4bc67047529d3ce273628484e8de46167327aa910c47adc753e10df63fd
360ecb3dcdbea27e801bcb66fcf1e1818d54c6d3e8d3538ab97181e16ba3a44e
387623d1e78c3b5d1a75cc2d6c586a5be756f463b17b115c7def4e513570b4ad
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
41823b426edc9b6d0bfd90d8ca3273327e435b55cb43946e3acfd8a945b66dcb
42c1c61fcae62de4981b839c879f79f24b8a62a10daa95e3716c3236561134e2
42cb0f92535b4c62050d17be72e101aa35c407fca55044d33e8ad9c0e5d8e9df
44c7b3c33a1d28e0360f7b972e222118b5c746c1c774c67f3fd6ab9e53e9974f
495e0373d1ae52cbf1e89d93817731446418b09f4c54030ca055174e84eb83fe
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4de87507e05ccb1504b746587edafbd5546b1a2d9d24ca82194b1a455b27379d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52a64558e7d0d7e73cd2fea7064fc02b849852b98e3c344f25fc6a5f1d449b8b
53ddf8929cc709ae29868c0ddcc9d4fc35ebb547430683dfbc6225240e7241b7
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5936b3730015c46ef27548aff7b2162d0878761a5fda6f9d026fbeaef34c0ed3
59b88b470fc642d0122092317ec4ada7d66ae1e161a850e9b0b8ad36bc5e0c16
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5f0d6a7fb9a4d18a11f390b401dc2b7a337dcc8cf46634f8709eb2e339756347
6433a43310293748cf1fddd99a260723f22d8202abe6c37e736716eb1f0a7c05
6495232310d04c4765024c654d4fff55753e11cdbfa919e0153f463968d5e0bf
667ba7b0d3a169eb6c53843f1f7dbc6add57735ca806f8168a0d0294cfc9508f
68120ca24215c1b206fcb772b03ba7f682df147e078b727bac3476262239b22d
6867603baf94f4a4d130bffdce2e4ba556e6669eaa71da764daaeef94af49357
6d62ee91004dab6abf7252a81dd7789b0c48bce6a284850a823c10e69efe2003
74c9144e92580dd4c72f885076c3fc2242102b6a60874bf0a169b3aef3c90c8f
74d6cb4a2d2fcffe0efc528c81be5916b17b126eb18af8d4711d11f29cdaf92f
7aa4d5de5abdae4603540b48171e45742399584aa06f8ddefe4bdc547de20e35
7da8768afec5745e78b76cc73f6b28d5d711eb345b23c2f55309203430f3d58d
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
842cc4b7277aa4070e812687e553c32ebc03920c3a188cc0c7efcafa056e5453
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856e7f5c507ecd123e8a15ed99f1a73a34a24b7709203e218dbdba54437503b8
8779ea02c05847c1209231f40c56422c447c523ba2b512a5f904cdd426f295ed
8791270626b8a4fed6d34bc6cc2b10b5a682ce66d8b5016ed60fe711b5d2d016
889794fd02992011c4b843a05190531656d4c6148e6d4375be6bab3432b580d0
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8adf8092ae01a2b4d6ce8dd7c73cbf6b29caa0813e10a167f094ccec1b5c7442
9037e86768130186d676f65444b051b348944719247563d521046bca6af241b4
9104b1dbd33bc181b53326f32114a6ea26834becba4bc77d0b164650e32cc641
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb
950e5d26b2d9708a731ba0f4e45e5c68c4bdfdbc6fbe98990f9f8b2082677fcc
973a453289e4d3b851e778b1c006dbeb8fb2d3b20e9c20ea953b30aa59b8fb3b
99a5d4ac8414258cf38ceba08a7e7b8af17a4ff308b7fd1129dacd8fa773f429
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a024505bf72e1df12a5a8b3cee3d207b251e08197119b2233e75f173c03d08ae
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a29c186251d21bb83017f30d099897d00bab03d5946a3a0b655e6d7cab7f6111
a36a2d059128bbc8b66d7c35dd5d424e628bdce0c02c7a884db15ee9d91eab58
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2
a758246f43df5cf0f88a3c46a95cb7e962ec2e16327f7fc6b70d2150981b86df
a7fecbfe24b0884ff617e8bb7bd0871397a39e6de70a6d2ff276743988f532bd
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
ab41db38480e169b9394fbe7f2c8ee070a493172ce844f7e823255307f7a6b51
ad942dfd4032f2ea326ed5e0b1ef7b44bcf36a9eae2cdddad66561098f286627
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a744c2244f37693ca4d24584d717822318c7d02db7ec76514392361b317004
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b9ab167fb4bf6ab63b9f20538f2a3ed1d5668ee7eef1ad6f0cda7441d752b5d6
bad68467a01ea68fc441d62b6fd98e7e61624f71a808d67912db17a20bb186bf
bae1f759fd4cd9055a14e9384f474c8e53358ea04bffda92bde1e11b0599c61c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd2cc2c0627793a55434e6ba75c2d298d41cc4f07eeb42a87e088e8be2cbee27
bd3079952fe13806d893765b1850c99b543c0078278ccd0a7cdb959866ac9457
c2298c686ba969a528699392a9cd1a4e2f164f851f9fcde82c7bb35070a46621
c3d4ebc3465fa3d11b92b8fa90b24c91b1f67e9088e17642fb4186e9e1db563f
cd9ecf513e964dd3dbd3c2f4b2e86aa6e8800e7d38311de45d2e5722d8bf9f57
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d3bf5a597ef938dbe72bbcf72df7c7eff713ba1f5ebfc9a2bd6d90f493373ef8
d602c114540663b11443cab58000824b1fa4081095f887de9508c048a7cead5a
d80f7d395cf93c58d93197e7ab338b45c4a88d853ce0917d54df119ecb80ab22
dc5b317fb9227022b7f1d3ccc84082bc1ba7f6031a2ef31258a44c3842570c76
dd753929e7a89dc5eb305117944eb32a455a950fffb7d8bddb66dcc896a77d3b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e09ecb1edd388bb4eaab28555454c5c83471bc962d78927fccdf3aa9e842453e
e2eb688699e5ec04f1ad35dc7dbc2d65e9a47237843e826815fa27e5dc32a685
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58895c844053854d89a346df3e6e4d1619df4d215060e6c673a846e4b0a7f23
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e88e5db12226555063bcc410731fccdb0ab4e4bc0268dbaaa830e7ec903e2b3c
e8e8cc4bc4ce23e1ba245602f799e939460720db5b448fb7fc051b468e15c215
e950961cc6faed3c799900c940626107297c064ce78da5ddf03014dd6fba5f50
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ed85eacb7548711499e359a66f419d7c81adb68edb6b99560942a8bf8850840e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f210982809717e345699c61f91a0bdea9444563d387fe065bac3fea79835501a
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3
f3f58bfd58e523048bb6300a784f778bee377b60ee34d3a0c88005650694fcf2
f845e5f77db57867a7e0efd812d29930da49ffea368eb9bd4357cd404780c65d
fe4ed9f86c98b8d95ec06e53cad3551fedcc68e72f0019281b37e6761923e097

www.thepaystubs.com Open in urlscan Pro 2606:4700:20::ac43:4b53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

145 Requests

79 %HTTPS

37 %IPv6

48 Domains

59 Subdomains

55 IPs

8 Countries

2390 kBTransfer

7643 kBSize

50 Cookies

10 Outgoing links

Page URL History

Redirected requests

145 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thepaystubs.com Open in urlscan Pro
2606:4700:20::ac43:4b53 Public Scan

Screenshot
Live screenshot

Full Image

145
Requests

79 %
HTTPS

37 %
IPv6

48
Domains

59
Subdomains

55
IPs

8
Countries

2390 kB
Transfer

7643 kB
Size

50
Cookies

145 HTTP transactions
1 data transactions