urlscan.io logo urlscan.io
SecurityTrails logo

www.paynewest.com Open in urlscan Pro
64.207.180.218  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.paynewest.com/
Submission: On March 01 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 18 domains to perform 129 HTTP transactions. The main IP is 64.207.180.218, located in Ashburn, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.paynewest.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on February 25th 2020. Valid for: a year.
This is the only time www.paynewest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

60    64.207.180.218 (Ashburn, United States)

ASN398110 (GO-DADDY-COM-LLC, US)
www.paynewest.com
9    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
4    18.195.42.228 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
nexus.ensighten.com
9    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    2606:4700:20::681a:6db (United States)

ASN13335 (CLOUDFLARENET, US)
paynewest.quiq-api.com
1    2600:9000:211e:7800:1b:7d8f:c640:93a1 (United States)

ASN16509 (AMAZON-02, US)
cf.rocketreferrals.com
3    104.75.88.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-112.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
3    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
7    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
z.moatads.com
12    2606:4700:20::681a:b81 (United States)

ASN13335 (CLOUDFLARENET, US)
static.quiq-cdn.com
1    2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    3.95.105.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-105-156.compute-1.amazonaws.com
cs.choozle.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    54.77.184.190 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-184-190.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
4    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
60 www.paynewest.com www.paynewest.com
12 static.quiq-cdn.com paynewest.quiq-api.com
static.quiq-cdn.com
9 www.google.com www.paynewest.com
www.gstatic.com
www.google.com
9 use.typekit.net www.paynewest.com
7 www.gstatic.com www.google.com
www.gstatic.com
7 paynewest.quiq-api.com 1 redirects www.paynewest.com
static.quiq-cdn.com
4 fonts.gstatic.com www.google.com
4 nexus.ensighten.com www.paynewest.com
nexus.ensighten.com
3 www.facebook.com www.paynewest.com
3 connect.facebook.net www.paynewest.com
connect.facebook.net
2 insight.adsrvr.org 1 redirects d1eoo1tco6rr5e.cloudfront.net
2 www.google-analytics.com www.paynewest.com
www.google-analytics.com
2 s7.addthis.com www.paynewest.com
s7.addthis.com
1 d1eoo1tco6rr5e.cloudfront.net nexus.ensighten.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cs.choozle.com www.paynewest.com
1 p.typekit.net www.paynewest.com
1 v1.addthisedge.com s7.addthis.com
1 z.moatads.com s7.addthis.com
1 cf.rocketreferrals.com www.paynewest.com
129 20
Subject Issuer Validity Valid
paynewest.com
Starfield Secure Certificate Authority - G2		 2020-02-25 -
2021-03-01		 a year crt.sh
use.typekit.net
DigiCert SHA2 Secure Server CA		 2020-01-28 -
2022-02-01		 2 years crt.sh
nexus.ensighten.com
DigiCert SHA2 Secure Server CA		 2020-09-09 -
2021-10-11		 a year crt.sh
www.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-17 -
2021-07-17		 a year crt.sh
*.rocketreferrals.com
AlphaSSL CA - SHA256 - G2		 2019-04-08 -
2021-05-29		 2 years crt.sh
*.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
odc-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-01-10 -
2021-04-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-02-10 -
2021-05-10		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA		 2019-12-06 -
2021-12-10		 2 years crt.sh
*.choozle.com
Sectigo RSA Domain Validation Secure Server CA		 2019-06-07 -
2021-06-06		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh

This page contains 5 frames:

Primary Page: https://www.paynewest.com/
Frame ID: 510E518B831C14F9498E32619713656C
Requests: 100 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
Frame ID: 546472F0D080CD40131A97E72004DF90
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
Frame ID: 0EC2966ED1ABDFFB3E9DCBA8B2E55329
Requests: 9 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
Frame ID: 3A6F0C89E7ECD8F0D6B8F340F06FCB50
Requests: 2 HTTP requests in this frame

Frame: https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
Frame ID: 2949EAB291BE2F8B1E1189C763EDFC33
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/nexus\.ensighten\.com\//i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

129
Requests

53 %
HTTPS

63 %
IPv6

18
Domains

20
Subdomains

20
IPs

4
Countries

8439 kB
Transfer

13990 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://paynewest.quiq-api.com/app/webchat/index.js HTTP 307
  • https://paynewest.quiq-api.com/app/webchat/v1/bootloader-1.7.262-hotfix.1-651e9c00.js
Request Chain 103
  • https://insight.adsrvr.org/tags/v6sgpuv/2d1y2pp/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe

129 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.paynewest.com/ 		71 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PHP/7.3.27 PleskLin
Resource Hash
929cff77dfb41a2bacc6e8fb95c95393f9dd98da057120e13ff10fc743afdbe0

Request headers

:method
GET
:authority
www.paynewest.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Mon, 01 Mar 2021 17:29:06 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.27 PleskLin
link
<https://www.paynewest.com/wp-json/>; rel="https://api.w.org/", <https://www.paynewest.com/wp-json/wp/v2/pages/11>; rel="alternate"; type="application/json", <https://www.paynewest.com/>; rel=shortlink
ms-author-via
DAV
content-encoding
gzip
qla1nle.js
use.typekit.net/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qla1nle.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
994d6c2bce04581d5cf2ab2293807090f476a394c0551986113dbd1db0145f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Mon, 01 Mar 2021 17:29:06 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
6983
style.min.css
www.paynewest.com/wp-includes/css/dist/block-library/ 		50 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Mon, 22 Feb 2021 17:34:06 GMT
server
nginx
etag
W/"6033eb0e-c88a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
styles.css
www.paynewest.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
996 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 16:54:20 GMT
server
nginx
etag
W/"5ff499bc-780"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
wpcf7-redirect-frontend.min.css
www.paynewest.com/wp-content/plugins/wpcf7-redirect/build/css/ 		316 B
338 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/plugins/wpcf7-redirect/build/css/wpcf7-redirect-frontend.min.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 17:50:11 GMT
server
nginx
etag
W/"6026bfd3-13c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
bootstrap.min.css
www.paynewest.com/wp-content/themes/paynewest2/css/ 		109 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/css/bootstrap.min.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
3db8832eb6f01a358f132faccd9f71dfad359c7263b9c5e441a185d201d67146

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:03:20 GMT
server
nginx
etag
W/"58b5c978-1b2fb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
font-awesome.min.css
www.paynewest.com/wp-content/themes/paynewest2/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/css/font-awesome.min.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:03:23 GMT
server
nginx
etag
W/"58b5c97b-7917"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
owl.carousel.css
www.paynewest.com/wp-content/themes/paynewest2/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/css/owl.carousel.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:03:23 GMT
server
nginx
etag
W/"58b5c97b-1206"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
classic.css
www.paynewest.com/wp-content/themes/paynewest2/css/datepicker/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/css/datepicker/classic.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
f7152f7c366a59b3d7e0093f6c259a85af6ccad2a1d355fc99eb92e3b59751a0

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:03:20 GMT
server
nginx
etag
W/"58b5c978-ada"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
classic.date.css
www.paynewest.com/wp-content/themes/paynewest2/css/datepicker/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/css/datepicker/classic.date.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
178bcbfafbb734c9e49276f0be034f935fe9f53eda7d8b00fcfe1537b3c679cf

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:03:21 GMT
server
nginx
etag
W/"58b5c979-179c"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
lightgallery.css
www.paynewest.com/wp-content/themes/paynewest2/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/css/lightgallery.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
8fcdc7f93bc4789659becb9b7d361d888e6e5069654a30b0ab7684291a801842

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 16:15:09 GMT
server
nginx
etag
W/"5e8df88d-4e8a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
lg-transitions.min.css
www.paynewest.com/wp-content/themes/paynewest2/css/ 		38 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/css/lg-transitions.min.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
d2fb6f79d7a4ab0226ce9634cc960a4430c488459219c956d350868b39f20783

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 16:15:10 GMT
server
nginx
etag
W/"5e8df88e-98c4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
style.css
www.paynewest.com/wp-content/themes/paynewest2/ 		73 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/style.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
e5b2ed1f6401b3666681adfa98e0ffe7c908f6eec612bccb3779dce20b24687b

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Wed, 06 Jan 2021 18:28:55 GMT
server
nginx
etag
W/"5ff60167-1222b"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
plugin.css
www.paynewest.com/wp-content/themes/paynewest2/css/ 		1 KB
805 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/css/plugin.css?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
eec273c6b05e149ef3dcaf0165c98b7668d7bd5c10460abb14f8001b99ee5609

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Wed, 09 Jan 2019 20:07:55 GMT
server
nginx
etag
W/"5c36549b-5ab"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
jquery.min.js
www.paynewest.com/wp-includes/js/jquery/ 		87 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 16:55:27 GMT
server
nginx
etag
W/"5ff499ff-15d98"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
jquery-migrate.min.js
www.paynewest.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 16:55:27 GMT
server
nginx
etag
W/"5ff499ff-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
modernizr.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/modernizr.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e136e38378cfd4a3b7961e9f2f6218a9ab7841b373e46b9a89fa266501321b5

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Thu, 11 May 2017 21:16:31 GMT
server
nginx
etag
W/"5914d4af-4116"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
Bootstrap.js
nexus.ensighten.com/choozle/6784/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/6784/Bootstrap.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
331e28331399f0bb400e8fe8e3c1100050817871865395b84ad59bbc30eb74bb

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Wed, 08 Jul 2020 11:17:45 GMT
server
nginx
etag
W/"5f05ab59-7212"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
api.js
www.google.com/recaptcha/ 		884 B
679 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3186203aba0cdf0d885a4187ba5064580209435f4eddd9ecf3f8259c0f187f2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Mon, 01 Mar 2021 17:29:06 GMT
bootloader-1.7.262-hotfix.1-651e9c00.js
paynewest.quiq-api.com/app/webchat/v1/
Redirect Chain
  • https://paynewest.quiq-api.com/app/webchat/index.js
  • https://paynewest.quiq-api.com/app/webchat/v1/bootloader-1.7.262-hotfix.1-651e9c00.js
104 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paynewest.quiq-api.com/app/webchat/v1/bootloader-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5de58512afb9ab808e101c5897d78c0d3dd844b3eed4cdbe92e7c603bf855b8
Security Headers
Name Value
Content-Security-Policy report-uri https://sentry.goquiq.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'none'; base-uri 'self'; block-all-mixed-content; img-src 'self' data: blob: https://*; style-src 'self' 'unsafe-inline' https://*; script-src 'self' 'unsafe-inline' https://static.quiq-cdn.com https://static.goquiq.com https://js.stripe.com https://js.cobrowse.io; connect-src 'self' https://*.goquiq.com wss://*.goquiq.com https://*.quiq-api.com https://*.braintree-api.com https://*.braintreegateway.com https://quiq-assets-prod.s3.us-west-2.amazonaws.com https://assets-prod.goquiq.com; font-src 'self' data: https://*; frame-src https://*; media-src 'self' https://static.quiq-cdn.com https://static.goquiq.com https://quiq-assets-prod.s3.us-west-2.amazonaws.com https://assets-prod.goquiq.com; form-action 'self'; report-uri https://sentry.goquiq.com/r/d/csp/reportOnly;
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-request-id
08906f39d90000e00b03b05000000001
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6NNncFU%2F5%2BmaJnLcKAgSXOMEv9JGpD8n7qd4%2BMJyQXOs%2BZBR45sFJC%2FoMPma%2FGuK%2BaN96i1Hs0D8VR%2FpwjHEYVAMcWhHFL2M8z8biKXt%2FlG784IBE0cxby1p4f3iqm5DlGdY"}],"max_age":604800}
content-type
application/javascript
x-xss-protection
1; mode=block
cache-control
max-age=360, public, s-maxage=300
content-security-policy
report-uri https://sentry.goquiq.com/r/d/csp/enforce;
cf-ray
62941b095d7fe00b-FRA
expires
Mon, 01 Mar 2021 17:35:07 GMT

Redirect headers

date
Mon, 01 Mar 2021 17:29:06 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
default-src 'none'; base-uri 'self'; block-all-mixed-content; img-src 'self' data: blob: https://*; style-src 'self' 'unsafe-inline' https://*; script-src 'self' 'unsafe-inline' https://static.quiq-cdn.com https://static.goquiq.com https://js.stripe.com https://js.cobrowse.io; connect-src 'self' https://*.goquiq.com wss://*.goquiq.com https://*.quiq-api.com https://*.braintree-api.com https://*.braintreegateway.com https://quiq-assets-prod.s3.us-west-2.amazonaws.com https://assets-prod.goquiq.com; font-src 'self' data: https://*; frame-src https://*; media-src 'self' https://static.quiq-cdn.com https://static.goquiq.com https://quiq-assets-prod.s3.us-west-2.amazonaws.com https://assets-prod.goquiq.com; form-action 'self'; report-uri https://sentry.goquiq.com/r/d/csp/reportOnly;
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WcPmfvBOZqrTvVSwtgAKFTOjiTlwhGXIlZG1TdDVzvMCZU%2B%2Bo7jflA%2Biz474ehskDhnItWfhlf0d5Z7xJPRffq7mDymh15zO29iDp8AOaeHF3UhzQflpuG3tGcfXQHJ%2BAccb"}],"max_age":604800}
content-type
text/html
location
/app/webchat/v1/bootloader-1.7.262-hotfix.1-651e9c00.js
cache-control
max-age=360, public, s-maxage=300
content-security-policy
report-uri https://sentry.goquiq.com/r/d/csp/enforce;
cf-request-id
08906f37cd0000e00b62bfe000000001
cf-ray
62941b061980e00b-FRA
expires
Mon, 01 Mar 2021 17:35:06 GMT
paynewest_logo_header.png
www.paynewest.com/wp-content/themes/paynewest2/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/paynewest_logo_header.png
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
e7f9c17f15224fe85fc466b2281bd22169213a260c26953d362d869915f5e377

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Thu, 11 May 2017 19:36:53 GMT
server
nginx
etag
"5914bd55-1796"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
6038
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Auto.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Auto.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
f595ea2df1e9202def2716b9a1b2b69c00dcccb07396ea3978acb7641b3dbcee

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 21 Sep 2018 22:53:36 GMT
server
nginx
etag
"5ba57670-cc3"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3267
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Health.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Health.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
9af9be4ff3a3b36ed436b449b4105ddee2b6e46a03605e60c31479579625ed8e

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 21 Sep 2018 22:53:37 GMT
server
nginx
etag
"5ba57671-b70"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2928
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Home.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Home.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
2cf10237f90a0dcc3e39fecd37144b6ea6502f79c32b530edaeb6e488e8e3dc2

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 21 Sep 2018 22:53:36 GMT
server
nginx
etag
"5ba57670-c7d"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3197
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Condo.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Condo.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
c2d3e053485c3653b2c9129c399d898f5de937357c6ffb1e6192d13780e8bca2

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 22 Mar 2019 19:09:03 GMT
server
nginx
etag
"5c9532cf-c4c"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3148
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Life.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Life.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
4199924074a0d79b585b57c46be13bf7e07752e6119aa31654bbbb465adc51e6

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 21 Sep 2018 22:53:36 GMT
server
nginx
etag
"5ba57670-c25"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3109
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_RecVehicle.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_RecVehicle.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
d39cb521a397fd2ed8be09a6384df48929e13a1e69f7f3de4e9fc51bc8caca46

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 21 Sep 2018 22:53:37 GMT
server
nginx
etag
"5ba57671-c45"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3141
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Renter.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Renter.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
aefd2ba82e661761b0c567f8516d2310a6c904a4b473ce827385bf47d5d26ef8

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 22 Mar 2019 19:08:59 GMT
server
nginx
etag
"5c9532cb-a46"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2630
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Umbrella.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Umbrella.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
f8d1e50c9bd4211108efc275a6092b34934e864264d768b67cc0eb3bcc09e3fd

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 21 Sep 2018 22:53:37 GMT
server
nginx
etag
"5ba57671-b8b"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2955
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Watercraft.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Watercraft.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
7fabee3c86cefc3dd5d9f0e16401b5d883ef655f143df5d5c95a165580b0c9b1

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 21 Sep 2018 22:53:37 GMT
server
nginx
etag
"5ba57671-cd2"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3282
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Wedding.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Wedding.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
cd4b74aee793b8abc6901c816b03da56e5b580c7d7cfb8ab3cb4d2ca5edf3bfa

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 21 Sep 2018 22:53:38 GMT
server
nginx
etag
"5ba57672-aee"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2798
expires
Wed, 31 Mar 2021 17:29:07 GMT
PW_Icon_Business.jpg
www.paynewest.com/wp-content/themes/paynewest2/img/icons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/icons/PW_Icon_Business.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
13aba939a779f2f0e74ff4e187c1fb48b5a67a233662f516c683e0d95d7af5c7

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 22 Mar 2019 19:09:02 GMT
server
nginx
etag
"5c9532ce-995"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2453
expires
Wed, 31 Mar 2021 17:29:07 GMT
qpaMIjYA6I1oZzz6o-Zorw.js
cf.rocketreferrals.com/testimonialwidget/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cf.rocketreferrals.com/testimonialwidget/qpaMIjYA6I1oZzz6o-Zorw.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:7800:1b:7d8f:c640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
49e8ac01038683b42782a6f6b425c55109bdf3c6ff8731ca52cbd7d1d6498fe2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 19:31:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
1807036
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
x-request-id
2f541353-7096-483e-9596-b0ebb138dd59
x-runtime
0.075644
referrer-policy
strict-origin-when-cross-origin
server
nginx
etag
W/"49e8ac01038683b42782a6f6b425c551"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
via
1.1 103eb504d36d97c9f30550032223d996.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
IA7V9ulHrri9-MKkcZJ2WlngVegHCyWljuch0tvUeSXjRF3gkOyjQg==
indicator.white.gif
www.paynewest.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/images/indicator.white.gif
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
e008bc0bca2fa6f9b9c113fad73551230961baec88c06b20997ec50171bb2b6b

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Mon, 31 Jul 2017 17:32:07 GMT
server
nginx
etag
"597f6997-606"
content-type
image/gif
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1542
expires
Wed, 31 Mar 2021 17:29:07 GMT
scripts.js
www.paynewest.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 16:54:20 GMT
server
nginx
etag
W/"5ff499bc-37c8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
wpcf7-redirect-frontend-script.js
www.paynewest.com/wp-content/plugins/wpcf7-redirect/build/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/plugins/wpcf7-redirect/build/js/wpcf7-redirect-frontend-script.js?ver=1.1
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
c4f1a413e47f90162ead328b5fe465ece8c0e32a1625bce9598d76c420a92f32

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:06 GMT
content-encoding
gzip
last-modified
Fri, 12 Feb 2021 17:50:11 GMT
server
nginx
etag
W/"6026bfd3-1fe4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:06 GMT
api.js
www.google.com/recaptcha/ 		884 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&ver=3.0
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3186203aba0cdf0d885a4187ba5064580209435f4eddd9ecf3f8259c0f187f2b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
1; mode=block
expires
Mon, 01 Mar 2021 17:29:07 GMT
script.js
www.paynewest.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 		1 KB
725 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/plugins/contact-form-7/modules/recaptcha/script.js?ver=5.3.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
aef711d1643073ab593de1d958ee854d6f63339cb216eda43666fb9dfcebffd0

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Tue, 05 Jan 2021 16:54:20 GMT
server
nginx
etag
W/"5ff499bc-4f3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
bootstrap.min.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/bootstrap.min.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
80104785aecd32b7f61bae57b83e9ad49465a160a1c3bec54df86a00c421f1dd

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:06:53 GMT
server
nginx
etag
W/"58b5ca4d-90bf"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
owl.carousel.min.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/owl.carousel.min.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:06:58 GMT
server
nginx
etag
W/"58b5ca52-9dd1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
picker.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/picker.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
7f29bbb17091fd140c20bc525a78b48c50535b35432e05ef7626c6a2c3979e2d

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Thu, 11 May 2017 21:17:30 GMT
server
nginx
etag
W/"5914d4ea-317b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
picker.date.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/picker.date.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
2b8b68abf70dd09f37c96091c1a3fd7e16bb0b393fe1743e91651768f4d31082

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Thu, 11 May 2017 21:17:04 GMT
server
nginx
etag
W/"5914d4d0-54c5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
jquery.cookie.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		1 KB
906 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cookie.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:06:55 GMT
server
nginx
etag
W/"58b5ca4f-4f3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
lightgallery.min.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/lightgallery.min.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
ec6e7ab000381705ed92199657dc66badf7e794a3c06df5e85b54ac1b674d622

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 16:14:37 GMT
server
nginx
etag
W/"5e8df86d-42eb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
lg-pager.min.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		2 KB
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/lg-pager.min.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
32fc92559b3650a7e3190d8f764884f3c5813ce58243b67c015d6af9c01dcacd

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 16:14:35 GMT
server
nginx
etag
W/"5e8df86b-6e1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
lg-thumbnail.min.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/lg-thumbnail.min.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
c9004f4fece6ff8fe474db9e65394ce4ecdd6045ba64ec97f17e3fcedf5e2eda

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Wed, 08 Apr 2020 16:14:36 GMT
server
nginx
etag
W/"5e8df86c-1c53"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
jquery.cycle2.min.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.min.js?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
737ba2ba9cf1d8733c8865f99edd983f1918c3aeb3cccf30300b17b397351409

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:06:56 GMT
server
nginx
etag
W/"58b5ca50-59a1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
jquery.cycle2.swipe.min.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		1 KB
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.swipe.min.js?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
6f880743faab910830a492f0609d6acc5cfeb6ee023d1a0635c35bcf5593b1c5

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Tue, 28 Feb 2017 19:06:56 GMT
server
nginx
etag
W/"58b5ca50-4fd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
app.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		34 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/app.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
63a3b0fb35f847fc2ff3f597cd02c36cc713f529220e64d1032ac11112fc417d

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Wed, 10 Feb 2021 20:56:58 GMT
server
nginx
etag
W/"6024489a-88dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
plugins.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		733 B
606 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/plugins.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
267f86b986829cb9a3c46b9fcdbc56783bb923005ba5ef5b27efce504e72ecfa

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Fri, 14 Jul 2017 18:47:59 GMT
server
nginx
etag
W/"596911df-2dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
main.js
www.paynewest.com/wp-content/themes/paynewest2/js/ 		2 KB
808 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/js/main.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
778e852a19385f3c8f1dc4966d5cb67c1c2126ff0b44ef5308ccf23b5e093d85

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Mon, 24 Jul 2017 17:24:27 GMT
server
nginx
etag
W/"59762d4b-7bc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
wp-embed.min.js
www.paynewest.com/wp-includes/js/ 		1 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-includes/js/wp-embed.min.js?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 05:34:15 GMT
server
nginx
etag
W/"601b8757-592"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
date
Mon, 01 Mar 2021 17:29:07 GMT
x-host
s7.addthis.com
content-length
116325
wp-emoji-release.min.js
www.paynewest.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.2
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 05:34:15 GMT
server
nginx
etag
W/"601b8757-3795"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000, public
expires
Wed, 31 Mar 2021 17:29:07 GMT
l
use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/af96c8/00000000000000003b9aefc0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:06 GMT
server
nginx
etag
"625d31c6ff36363142e14c9d9cf9f2747ce3803a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
31984
fbevents.js
connect.facebook.net/en_US/ 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23762
x-fb-rlafr
0
pragma
public
x-fb-debug
gXvw2Hii9A+vXg0VtBvkHPraItfqURV+G6i2wyY+E2E9k1sgeFeqtQ2FipLL3By4gSosjd88FbyZkF5Bfl0hBA==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 01 Mar 2021 17:29:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
origin-trial
AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
cross-origin-opener-policy-report-only
same-origin-allow-popups;report-to="coop_report"
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ 		331 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:25:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
242
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132194
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Mar 2022 17:25:05 GMT
serverComponent.php
nexus.ensighten.com/choozle/6784/ 		399 B
541 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/6784/serverComponent.php?r=692.7830906667001&ClientID=923&PageID=https%3A%2F%2Fwww.paynewest.com%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/6784/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
83d59b1fc3405ac04cb1e9cacc0c83916a90326fc7a4a4f6358e2a898b6f2be8

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:07 GMT
cache-control
no-cache, no-store
server
nginx
content-type
text/javascript
content-length
399
expires
Mon, 01 Mar 2021 17:29:06 GMT
homepage2021.01-1920x1080-1.jpg
www.paynewest.com/wp-content/uploads/ 		903 KB
904 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/homepage2021.01-1920x1080-1.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
00c2b07f68012ed34338615bb433e5e064d46c2012ecdc54b4a9dbc7aca8e584

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Mon, 04 Jan 2021 23:47:17 GMT
server
nginx
etag
"5ff3a905-e1a67"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
924263
expires
Wed, 31 Mar 2021 17:29:07 GMT
flying-wedge400-right.png
www.paynewest.com/wp-content/themes/paynewest2/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/flying-wedge400-right.png
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/wp-content/themes/paynewest2/style.css?ver=5.6.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
e495b37c775f71f69ce3771d2d516222ad3c540d33ad071ea2e662642b862b3d

Request headers

Referer
https://www.paynewest.com/wp-content/themes/paynewest2/style.css?ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Fri, 12 May 2017 16:22:28 GMT
server
nginx
etag
"5915e144-dce"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
3534
expires
Wed, 31 Mar 2021 17:29:07 GMT
pwi-logomark-pattern-45x45.png
www.paynewest.com/wp-content/themes/paynewest2/img/ 		557 B
760 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/pwi-logomark-pattern-45x45.png
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/wp-content/themes/paynewest2/style.css?ver=5.6.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
6673bd709d9003857044e0d9e10e44541484c29a0e6e0d3821d9231efc84b590

Request headers

Referer
https://www.paynewest.com/wp-content/themes/paynewest2/style.css?ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Tue, 28 Feb 2017 19:06:40 GMT
server
nginx
etag
"58b5ca40-22d"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
557
expires
Wed, 31 Mar 2021 17:29:07 GMT
business-grn-640x426-1.jpg
www.paynewest.com/wp-content/uploads/ 		43 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/business-grn-640x426-1.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
36f32c4cbc83986422cec18111cc26724c8933aaa83aba652f6e8d042174d042

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Thu, 17 Sep 2020 20:23:35 GMT
server
nginx
etag
"5f63c5c7-ad78"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
44408
expires
Wed, 31 Mar 2021 17:29:07 GMT
benefits-blugrn-640x426-1.jpg
www.paynewest.com/wp-content/uploads/ 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/benefits-blugrn-640x426-1.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
4aec0d8af31bb151c8f694987d4b845af579fd6dbff33d6781fc92ab8a77a540

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Thu, 17 Sep 2020 18:39:21 GMT
server
nginx
etag
"5f63ad59-fb9b"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
64411
expires
Wed, 31 Mar 2021 17:29:07 GMT
personal-blu-640x426-1.jpg
www.paynewest.com/wp-content/uploads/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/personal-blu-640x426-1.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
a41ca2028fb01845ff7af34b179774af5a00f5b1ade8c60b14aa3d134f1cfbe1

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Thu, 17 Sep 2020 20:30:55 GMT
server
nginx
etag
"5f63c77f-10f18"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
69400
expires
Wed, 31 Mar 2021 17:29:07 GMT
plane-gry-800x533-1-e1600368202598.jpg
www.paynewest.com/wp-content/uploads/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/plane-gry-800x533-1-e1600368202598.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
8afb9b5af4db51a3db343ecddc585f8fefbf8feca070340eab505cbac510a381

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Thu, 17 Sep 2020 18:43:22 GMT
server
nginx
etag
"5f63ae4a-7ba2"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
31650
expires
Wed, 31 Mar 2021 17:29:07 GMT
shutterstock_1656821971-1.png
www.paynewest.com/wp-content/uploads/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/shutterstock_1656821971-1.png
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
861e7fa35b9e169a8114d32322fe795d39e2ed299718b2ade9244e7740ae935a

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Mon, 16 Mar 2020 21:20:48 GMT
server
nginx
etag
"5e6fedb0-144ede"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1330910
expires
Wed, 31 Mar 2021 17:29:07 GMT
yakima_blue_1920x1080.jpg
www.paynewest.com/wp-content/uploads/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/yakima_blue_1920x1080.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
85f053a897e1f9dbf748a0a9441cc5e341f3df5c3c2fb1c989a6564960abf698

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Tue, 30 Jan 2018 15:25:53 GMT
server
nginx
etag
"5a708e81-182cb1"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1584305
expires
Wed, 31 Mar 2021 17:29:07 GMT
findangent_grn_1920x1080.jpg
www.paynewest.com/wp-content/uploads/ 		299 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/findangent_grn_1920x1080.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
dc0fe4596f78127a565afc80a82bc24ad3767350f496f2619ac771003d2f4709

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Thu, 17 Sep 2020 20:46:52 GMT
server
nginx
etag
"5f63cb3c-4ac8c"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
306316
expires
Wed, 31 Mar 2021 17:29:07 GMT
tim-graf-229428.jpg
www.paynewest.com/wp-content/uploads/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/uploads/tim-graf-229428.jpg
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
d1f5cfd8560694b80491774752038f892f86468801e6af9d8b359b77ccae97b6

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Thu, 14 Sep 2017 15:53:43 GMT
server
nginx
etag
"59baa607-18c707"
content-type
image/jpeg
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
1623815
expires
Wed, 31 Mar 2021 17:29:07 GMT
fontawesome-webfont.woff2
www.paynewest.com/wp-content/themes/paynewest2/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/wp-content/themes/paynewest2/css/font-awesome.min.css?ver=5.6.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/wp-content/themes/paynewest2/css/font-awesome.min.css?ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:07 GMT
last-modified
Tue, 28 Feb 2017 19:03:29 GMT
server
nginx
x-powered-by
PleskLin
etag
"58b5c981-12d68"
content-type
font/woff2
accept-ranges
bytes
content-length
77160
l
use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/f80f1d/00000000000000003b9aefb8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4a85a057330bbc6272c3dd4c02a15317b08a92b4de7514d9fda7d8cbf82a3cac

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:07 GMT
server
nginx
etag
"5b1424bf708a1baf048831772af7891cda52e1e0"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
32980
l
use.typekit.net/af/7f382d/00000000000000003b9aefbc/27/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7f382d/00000000000000003b9aefbc/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
41bb54c5e41bfff348c98ec5a29df6dff1b3f220e5b25284943907efaf7cd041

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:07 GMT
server
nginx
etag
"ea616992231df2d40c94b1b866fc6ab1d7531d99"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
31812
l
use.typekit.net/af/be199d/00000000000000003b9aefba/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/be199d/00000000000000003b9aefba/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ada81abb95d635868d07308331f057eada526ec62a787024512c97d71c8859e6

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:07 GMT
server
nginx
etag
"356d9de0c980e8ed23bf65b52414d061c70ca3f5"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33420
l
use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/20aa1e/00000000000000003b9aefc1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:07 GMT
server
nginx
etag
"0a37e0f13f84c73347be23130bb6d2063bc1d8a8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33796
paynewest_logomark_footer.png
www.paynewest.com/wp-content/themes/paynewest2/img/ 		907 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paynewest.com/wp-content/themes/paynewest2/img/paynewest_logomark_footer.png
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/wp-content/themes/paynewest2/style.css?ver=5.6.2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.207.180.218 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
be7e5a98a8de5559cb2d5dc2ec07443831e3dba46c4841e97095ab6c1a4720ab

Request headers

Referer
https://www.paynewest.com/wp-content/themes/paynewest2/style.css?ver=5.6.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
public
date
Mon, 01 Mar 2021 17:29:08 GMT
last-modified
Thu, 11 May 2017 19:44:24 GMT
server
nginx
etag
"5914bf18-38b"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
907
expires
Wed, 31 Mar 2021 17:29:08 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
6111
date
Mon, 01 Mar 2021 15:47:17 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Mon, 01 Mar 2021 17:47:17 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=18728
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-58b058746e0599b7/ 		1 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-58b058746e0599b7/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0c0cbf9da5c74df2ab0c803af95e03905ba87cc1aaca7f52a88e9e8d3302a0d0

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
content-encoding
gzip
etag
383487527--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=60, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
524
l
use.typekit.net/af/29352b/00000000000000003b9aefb9/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/29352b/00000000000000003b9aefb9/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
39492f3c9f87d34d4d53b7fa1fc66d5003f986552288bb55ac10e7507d4c69dd

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
server
nginx
etag
"41bd63e072fcddb931e4f5c670a122a6ae75b1a8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
34024
l
use.typekit.net/af/26b8f9/00000000000000003b9aefbb/27/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/26b8f9/00000000000000003b9aefbb/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i8&v=3
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
6e75b6efb3e4fbde58859530a19a749234cb09034aea3d04b792355ca60bdeea

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
server
nginx
etag
"f3ed886dcbd9ec6f3d7a3e80caef72ffc4543e22"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
34272
l
use.typekit.net/af/0fcc66/00000000000000003b9aefbd/27/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/0fcc66/00000000000000003b9aefbd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
94d36a200338fd4f2829cbf0d25058b7203645aef75c82dc2e235c41efb53e22

Request headers

Origin
https://www.paynewest.com
Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
server
nginx
etag
"7a6cb74e65a2a0fa4d5f36d4a0dc354daca065e9"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
33792
common-core-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ 		146 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/common-core-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: paynewest.quiq-api.com
URL: https://paynewest.quiq-api.com/app/webchat/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fdcb2a7390f997b0f86297997bb3df423c9739e55b3303b8fd6b3d7943d1983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4766
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
x-amz-request-id
66S2QDBXSPGPANMW
x-amz-id-2
LCpj4cwur+7Ll0jT86V3BAD/P/qF0Tw4FEUQ6//F1H3qVFkAQUmtOa2Qc+26t3H7/r0lZ6RwLAA=
last-modified
Wed, 24 Feb 2021 21:32:13 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202259/ctime:1614202259/gid:65534/gname:nogroup/md5:7aca57ab14207e6680940b323996fd99/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"7aca57ab14207e6680940b323996fd99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2hIllu5fAHhSMMYI0rEY6KD5TIZMz4WedJ3CEvyK%2BHGK7zd7pd3bQqW%2BTJA83yu0glhdSiCBwSR4Vs%2BgFl%2Bi0gbJvAgOB%2BuIxqOxrpM2vjtsGh15A30w1tN67b9ikB%2Bs"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
UvUK_lWjSbxPEMjBUKpYzcvmrcWpw7jB
cf-request-id
08906f401600004a9ee02b3000000001
cf-ray
62941b1359f64a9e-FRA
common-icons-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/common-icons-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: paynewest.quiq-api.com
URL: https://paynewest.quiq-api.com/app/webchat/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bace0f6fe59e0ccc667a3e715835718ff770c4ddedb20773f95405c4c771fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4766
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
x-amz-request-id
66S9A0Q9FYMGD7Y5
x-amz-id-2
Mj7a/EsYsXASCk50OKffAuWraWSYUf3h8yYS5uE2ef6LM8ulTbkOodOYojq/DtWY34SRb4eVVJM=
last-modified
Wed, 24 Feb 2021 21:32:14 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202260/ctime:1614202259/gid:65534/gname:nogroup/md5:1e5121ae95de4e79198300b7c6fd47f3/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"1e5121ae95de4e79198300b7c6fd47f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sHtxyGFNFH4mWqdnje8hydEKdPliO9%2BXpKQ3a0%2BDNO%2B4DMlrjWYURmqfrCVgN6Teuy5CaXFC%2Bgm2UL2gtxm68oynbYBYw30KfVhdPKlD5SzLRvzxNCwh2relY95%2BsP5y"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
Y16KXdXefqrF_lWG4DM2L_LzYrcnUMkU
cf-request-id
08906f401700004a9ee02b4000000001
cf-ray
62941b1359fa4a9e-FRA
common-dependencies-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ 		683 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/common-dependencies-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: paynewest.quiq-api.com
URL: https://paynewest.quiq-api.com/app/webchat/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d097eaf8a4614ee25bc4db5ce514dfa97cce2879683221f3f62e62481ce8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4765
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
x-amz-request-id
66S5GHNPCS9WR1N5
x-amz-id-2
qpId49TtVEQZHrV5itb2vjOKsRYQmNLrzYJFLkfad50b9DoBnGbxYnAoulsGhoLeEHoot2WmWP0=
last-modified
Wed, 24 Feb 2021 21:32:14 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202260/ctime:1614202259/gid:65534/gname:nogroup/md5:ee6d8125157edb5f77c2fab4572dcc31/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"ee6d8125157edb5f77c2fab4572dcc31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rMNKlefyMjcgf0RIeEryMrTch0DocwGWOMVpNN2IKwsLXo%2FmNsHzyC3jeREyVs0%2BVDnKwNSHsEy1AlX9lcAOZ1giyB5rUQc7AW%2FfIERSrtKrM8Qlr1b78MTUpd3FZna6"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
iAOjUUnUqxuDrk_g8D34bw.X3_TMnfzf
cf-request-id
08906f401600004a9e5d130000000001
cf-ray
62941b1359fb4a9e-FRA
common-webchat-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ 		361 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/common-webchat-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: paynewest.quiq-api.com
URL: https://paynewest.quiq-api.com/app/webchat/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110d9210d0c9411fdd707190d08b3b11e6ec7561f1a52c104569b743ffeb3b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6763
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
x-amz-request-id
QBQNSJGSAXR0WWFS
x-amz-id-2
8bmkkWQ44zWWt4uKgzw+7bdiNd5x79ajbfzDXObS/9eSwl5rVq2CkgVyCMPyILHJcf49ZJ7/O40=
last-modified
Wed, 24 Feb 2021 21:32:14 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202260/ctime:1614202259/gid:65534/gname:nogroup/md5:3d0c88839e7cbfe031c5d22d2ea4ff66/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"3d0c88839e7cbfe031c5d22d2ea4ff66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vsfiI%2Fyr%2FPR%2BujGlS1DbawlbEnW0QtJ%2BbSFdsrmhRVaRRl4ryOuoS4GgrkF%2BhSiQ9or2Y68SiktYnyerVHaegqCzcXa6HfzP0bdBiktjFsNpbSCvwi4FBBQ4ZhsmKc0G"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
2HZgsPKsLKgTR6OFD2w2MEw1L6J3OKGi
cf-request-id
08906f401700004a9edf85c000000001
cf-ray
62941b1359fc4a9e-FRA
sdk-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ 		394 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/sdk-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: paynewest.quiq-api.com
URL: https://paynewest.quiq-api.com/app/webchat/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a6bdfc07b80c8ece7cb8e58c77d97ed125581016647766861f31c266917f41d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4764
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
vary
Accept-Encoding
x-amz-request-id
66S10DRKJ7CTQ8QC
x-amz-id-2
fG5pat9JEJZ1iBGHCXSuUKwPHtN3j6m7Iv2LV+dehrgs8BP1aJyc2pUb9YFl02d1NHtU63vNC6E=
last-modified
Wed, 24 Feb 2021 21:32:15 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202260/ctime:1614202259/gid:65534/gname:nogroup/md5:51839cdbf145ddde6c223988bc39d702/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"51839cdbf145ddde6c223988bc39d702"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AYjBL%2Flvig10orXMTRAfH9JAMldjZ%2FunX1RjUyRVWLFSIukTF1csri1PZ52z3e8ECTeo0amr4fhLX7qyEeVC0EKEjFRvwWHBOf96Sl91x4tVAymXulaULVw6FeX3rHJg"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
x-amz-version-id
IaXWHXe6AoK7eR49FhmoKdvAoBf0hnwl
cf-request-id
08906f401600004a9e25904000000001
cf-ray
62941b1359fe4a9e-FRA
305112770243745
connect.facebook.net/signals/config/ 		241 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/305112770243745?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b03a60d8b3a10ffdc61cdc3106c886538130baaf15ed91086eb1f252a99c0888
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
wJfNmhF46Gmgt0GMsTEZDgBapZCoTLBlzoYSGA5wUMc1734N/5U4q529UztBBAJELeAQB0EqP0VNCiW9IcOBbQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 01 Mar 2021 17:29:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame 5464 		19 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7f5c5be33e854eda84252600adaa63bac5b40bbfaba2325bbf37e60137062ff9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-djUHXdcjRkjlj5hKzj9d9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paynewest.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paynewest.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 01 Mar 2021 17:29:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-djUHXdcjRkjlj5hKzj9d9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9931
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
anchor
www.google.com/recaptcha/api2/ Frame 0EC2 		19 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5cad23123d333225d3cf2e14d18ce4cc630ebf32c8911c9bb85725fa2aa3bdc8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-la+HgbL9HoP5Pxz6K9njUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paynewest.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paynewest.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 01 Mar 2021 17:29:08 GMT
content-security-policy
script-src 'report-sample' 'nonce-la+HgbL9HoP5Pxz6K9njUQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
9925
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
24df353f4f799a7289de6fea6cfa7ae3.js
nexus.ensighten.com/choozle/6784/code/ 		799 B
982 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/6784/code/24df353f4f799a7289de6fea6cfa7ae3.js?conditionId0=421905
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/6784/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5907f5afebdcdc19988b353d3cf27ab115aa5853c46742be2bc2057ad29d032f

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
last-modified
Wed, 08 Jul 2020 11:17:45 GMT
server
nginx
etag
"5f05ab59-31f"
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
accept-ranges
bytes
content-length
799
9bd9e807f3648707fa534bf40950bcdf.js
nexus.ensighten.com/choozle/6784/code/ 		1 KB
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/6784/code/9bd9e807f3648707fa534bf40950bcdf.js?conditionId0=4822376&conditionId1=4822346
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/6784/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.42.228 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
77247a540e9a2e6057238feaf2595c128e4efa01b451c98bdae47006e1a17465

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
content-encoding
gzip
last-modified
Wed, 10 Jul 2019 20:51:57 GMT
server
nginx
etag
W/"5d264fed-5c6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
p.gif
p.typekit.net/ 		35 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=qla1nle&ht=tk&h=www.paynewest.com&f=139.140.169.170.175.176.5474.5475&a=26253&js=1.20.0&app=typekit&e=js&_=1614619748650
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
last-modified
Wed, 02 Sep 2020 00:55:11 GMT
server
nginx
etag
"5f4eed6f-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
35
collect
www.google-analytics.com/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=45165655&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paynewest.com%2F&ul=en-us&de=UTF-8&dt=PayneWest%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1308581873&gjid=812967678&cid=367761861.1614619749&tid=UA-92545998-1&_gid=1019617312.1614619749&_r=1&_slc=1&z=228809832
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 01 Mar 2021 17:29:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.paynewest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
11701
cs.choozle.com/dp/chz/ 		35 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.choozle.com/dp/chz/11701?d=www.paynewest.com&cb=1677056725
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.105.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-105-156.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
35
Content-Type
image/gif
365194407426103
connect.facebook.net/signals/config/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/365194407426103?v=2.9.33&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
51c447096782a3b9b21ec336bc7a97ba9e7f19812e80eeeaa752000e6434f7bb
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
DspAl5dldZOqc5l6O2Cv94ecYXydPjhh0PLZZlzi/ALbBsgiPEKYlqAJtdP8J0o64qNFuO6lrdZIFQ4dMrB9iQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 01 Mar 2021 17:29:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=305112770243745&ev=PageView&dl=https%3A%2F%2Fwww.paynewest.com%2F&rl=&if=false&ts=1614619748759&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1614619748750.1909229107&it=1614619748365&coo=false&rqm=GET
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 01 Mar 2021 17:29:08 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-92545998-1&cid=367761861.1614619749&jid=1308581873&gjid=812967678&_gid=1019617312.1614619749&_u=IEBAAEAAAAAAAC~&z=58737916
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 01 Mar 2021 17:29:08 GMT
content-type
text/plain
access-control-allow-origin
https://www.paynewest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 5464 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
age
739
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Tue, 01 Mar 2022 17:16:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 5464 		331 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:25:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132194
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Mar 2022 17:25:05 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 0EC2 		50 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:16:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
age
739
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25479
x-xss-protection
0
expires
Tue, 01 Mar 2022 17:16:50 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/ Frame 0EC2 		331 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:25:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132194
x-xss-protection
0
last-modified
Mon, 22 Feb 2021 03:04:57 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 01 Mar 2022 17:25:05 GMT
layers.fa6cd1947ce26e890d3d.js
s7.addthis.com/static/ 		263 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.88.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-112.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
W/"5f971164-41cf5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86313600
date
Mon, 01 Mar 2021 17:29:08 GMT
x-host
s7.addthis.com
timing-allow-origin
*
content-length
77617
configuration
paynewest.quiq-api.com/api/v1/messaging/chat/+14065778228/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://paynewest.quiq-api.com/api/v1/messaging/chat/+14065778228/configuration?trackingId=noAssociatedTrackingId&quiqVersion=2.16.82
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/common-core-1.7.262-hotfix.1-651e9c00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2e7a9d654c5d5182cb90e4cd150dfca89dfb4484505f2f052ed31a2e0a66db0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-Quiq-Line
2
X-Quiq-Client-Id
Quiq-Chat-Client
X-Quiq-Client-Version
2.16.82
X-Quiq-Time-Zone
Europe/Berlin
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Quiq-Access-Token
undefined
Referer
https://www.paynewest.com/
x-centricient-correlation-id
778675ba-cfe4-068b-3477-36170f3286e5

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
vary
Origin, Accept-Encoding
cf-request-id
08906f44a200004dd662095000000001
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dwT%2B%2F3yVqf0E1NcVpzjp%2F4RhUbCsF4y3ayDCmWnwFc8XI5FL3R0U%2BJU47YzMVrWjiLsGR%2BQ2Ip3%2F4UiJBT6GpxbcPPXk%2BD369Caf5f2M3PynaLiFU1l%2F9j2mwB4oM5HWFjIc"}]}
content-type
application/json
access-control-allow-origin
https://www.paynewest.com
x-xss-protection
1; mode=block
cache-control
max-age=360, public, s-maxage=30
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
cf-ray
62941b1a9fcf4dd6-FRA
expires
Mon, 01 Mar 2021 17:35:10 GMT
configuration
paynewest.quiq-api.com/api/v1/messaging/chat/+14065778228/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://paynewest.quiq-api.com/api/v1/messaging/chat/+14065778228/configuration?trackingId=noAssociatedTrackingId&quiqVersion=2.16.82
Protocol
H2
Server
2606:4700:20::681a:6db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-centricient-correlation-id,x-quiq-access-token,x-quiq-client-id,x-quiq-client-version,x-quiq-line,x-quiq-time-zone
Origin
https://www.paynewest.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 01 Mar 2021 17:29:09 GMT
content-length
0
access-control-allow-origin
https://www.paynewest.com
vary
Origin
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,HEAD,DELETE,PUT,PATCH
access-control-allow-headers
X-Centricient-Correlation-Id,Accept,Content-Type,X-Quiq-Line,Origin,X-Quiq-Client-Id,X-Quiq-Client-Version,X-Quiq-Access-Token,X-Quiq-Referrer,X-Quiq-Time-Zone
cache-control
max-age=360 public, s-maxage=30
expires
Mon, 01 Mar 2021 17:35:09 GMT
content-security-policy
frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
cf-request-id
08906f429e00004dd6a42a3000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=INE%2BDXXxgQtS4uBQgthaTvi1l%2F9M44gn5zC8mTeHl92ujpxOYm5%2BtgGPdU3oF2o3gaMBGbs0Chabd8PTFbR68aGkAwiRJ9nQ8czNKwlQAis%2BID7LVuGeDK94EmMpOSw3bLXz"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
62941b1769ee4dd6-FRA
iframe
d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/ Frame 3A6F
Redirect Chain
  • https://insight.adsrvr.org/tags/v6sgpuv/2d1y2pp/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
133 B
613 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/6784/code/9bd9e807f3648707fa534bf40950bcdf.js?conditionId0=4822376&conditionId1=4822346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc566b627ce2f3c3f3df65710317f6c704cd4ecfdb8d423ed1900c45edeb7fcd

Request headers

Host
d1eoo1tco6rr5e.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.paynewest.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paynewest.com/

Response headers

Content-Type
text/html
Content-Length
133
Connection
keep-alive
Date
Mon, 01 Mar 2021 17:29:10 GMT
Last-Modified
Tue, 11 Sep 2018 21:47:40 GMT
ETag
"e4b425383a5f2ddfdc98a1279549ec90"
Cache-Control
max-age=86400
Accept-Ranges
bytes
Server
AmazonS3
X-Cache
Miss from cloudfront
Via
1.1 04ce5a607a98db6d08257633417b84d7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
olM2cpE3HFOcufWZoSH6xUIu-3wXo-cUUntzznP1sdZvgFRSkhYi_w==

Redirect headers

date
Mon, 01 Mar 2021 17:29:09 GMT
content-type
text/html; charset=UTF-8
content-length
183
location
https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=365194407426103&ev=PageView&dl=https%3A%2F%2Fwww.paynewest.com%2F&rl=&if=false&ts=1614619749012&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=28&fbp=fb.1.1614619748750.1909229107&it=1614619748365&coo=false&rqm=GET
Requested by
Host: www.paynewest.com
URL: https://www.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:09 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 01 Mar 2021 17:29:09 GMT
OO1-U3lU0dAcjgy9Mul1Jwiij773bxCQH26zOKTm-Ow.js
www.google.com/js/bg/ Frame 0EC2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/OO1-U3lU0dAcjgy9Mul1Jwiij773bxCQH26zOKTm-Ow.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38ed7e537954d1d01c8e0cbd32e9752708a28fbef76f10901f6eb338a4e6f8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 14:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
9302
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6301
x-xss-protection
0
expires
Tue, 01 Mar 2022 14:54:07 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 0EC2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 15:40:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
438531
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Wed, 03 Mar 2021 15:40:18 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EC2 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
306211
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10748
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:38 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0EC2 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:00:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
296943
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10788
x-xss-protection
0
expires
Sat, 26 Feb 2022 07:00:06 GMT
OO1-U3lU0dAcjgy9Mul1Jwiij773bxCQH26zOKTm-Ow.js
www.google.com/js/bg/ Frame 5464 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/OO1-U3lU0dAcjgy9Mul1Jwiij773bxCQH26zOKTm-Ow.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
38ed7e537954d1d01c8e0cbd32e9752708a28fbef76f10901f6eb338a4e6f8ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 14:54:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 11:00:00 GMT
server
sffe
age
9302
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6301
x-xss-protection
0
expires
Tue, 01 Mar 2022 14:54:07 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5464 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/styles__ltr.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 24 Feb 2021 15:40:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
438531
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Wed, 03 Mar 2021 15:40:18 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5464 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 04:25:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
306211
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10748
x-xss-protection
0
expires
Sat, 26 Feb 2022 04:25:38 GMT
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5464 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 26 Feb 2021 07:00:06 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
296943
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10788
x-xss-protection
0
expires
Sat, 26 Feb 2022 07:00:06 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 0EC2 		102 B
183 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 01 Mar 2021 17:29:09 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 5464 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=98cn499s03i
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Mon, 01 Mar 2021 17:29:09 GMT
reload
www.google.com/recaptcha/api2/ Frame 0EC2 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jxFQ7RQ9s9HTGKeWcoa6UQdD/recaptcha__en.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f906ed281ceda1306fbd860385088c758bcde9998b699217067c90fbbd5807a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5G60UAAAAAMD1HxqukCS3lWU3tliqVsU88O6Z&co=aHR0cHM6Ly93d3cucGF5bmV3ZXN0LmNvbTo0NDM.&hl=en&v=jxFQ7RQ9s9HTGKeWcoa6UQdD&size=invisible&cb=mhedhjd3jy5k
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 01 Mar 2021 17:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6710
x-xss-protection
1; mode=block
expires
Mon, 01 Mar 2021 17:29:09 GMT
/
insight.adsrvr.org/track/evnt/ Frame 3A6F 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=v6sgpuv&ct=0:2d1y2pp&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.184.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-184-190.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Mar 2021 17:29:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
agents-available
paynewest.quiq-api.com/api/v1/messaging/ 		86 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://paynewest.quiq-api.com/api/v1/messaging/agents-available?contactPoint=+14065778228&platform=Chat
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/sdk-1.7.262-hotfix.1-651e9c00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25cc21e36fab99b3e937a1aadb74cbc5fbec4db6c7e86a32b975f0ed54800452
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
x-content-type-options
nosniff
cf-cache-status
BYPASS
nel
{"report_to":"cf-nel","max_age":604800}
vary
Origin, Accept-Encoding
content-length
86
cf-request-id
08906f471100004dd6710f4000000001
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ghsG48kB7DReC9Reds31iU4A5AigxEjjZGtqZtuQDOVK%2FdTsZQk2E4X2LaLD7aAk4PkAqzvFRh%2BU2JKhnxZC8XQyYDyu4W1%2BXG9Bv6saxNuR%2B1JwHQ6poCUSYkfAbm2GaSWl"}]}
content-type
application/json
access-control-allow-origin
https://www.paynewest.com
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
cf-ray
62941b1e8f384dd6-FRA
expires
0
webchat-1.7.262-hotfix.1-651e9c00.html
static.quiq-cdn.com/webchat/ Frame 2949 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/common-dependencies-1.7.262-hotfix.1-651e9c00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
723e4df1e48e965be303878a0c410a26f39cb84b502f3344dea5ad157337759b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
static.quiq-cdn.com
:scheme
https
:path
/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paynewest.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.paynewest.com/

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
content-type
text/html
set-cookie
__cfduid=dfa6a9f96f29349ea30e0cd9678107c681614619750; expires=Wed, 31-Mar-21 17:29:10 GMT; path=/; domain=.quiq-cdn.com; HttpOnly; SameSite=Lax; Secure
x-amz-id-2
aHiwevTfkdGoSvgD9EyD9GgjvUkNdjh4hUxbViNKaivanykmodanJz3ARTtoWak2ZeF6+berB3Y=
x-amz-request-id
096A0PMVN5Y319TV
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 Feb 2021 21:32:16 GMT
x-amz-server-side-encryption
AES256
x-amz-meta-s3cmd-attrs
atime:1614202320/ctime:1614202320/gid:65534/gname:nogroup/md5:72fc71fd7e38f6c623947926979d97b7/mode:33188/mtime:1614202320/uid:1000/uname:jenkins
x-amz-version-id
AD0vTYLitlIQ9pp4JANdTRih0ovvNQjQ
cache-control
max-age=14400
cf-cache-status
HIT
age
3945
cf-request-id
08906f473900004a9e4eb5d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zcCtw0xdzN%2BLQ4znVbQ3VLqPs86PldwBmt1ycXTQM%2F9o%2FafJfl7C58lfSm50U3vmmsyCRkZ5FmADcoiNcB1OxjuD8APb2LUwermpJms0Aqsq08lQDDXl1HYlaAPtqIMh"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
62941b1ecfd44a9e-FRA
content-encoding
br
common-core-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ Frame 2949 		146 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/common-core-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fdcb2a7390f997b0f86297997bb3df423c9739e55b3303b8fd6b3d7943d1983
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://static.quiq-cdn.com
Referer
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6927
x-amz-server-side-encryption
AES256
cf-ray
62941b1ee80e4a9e-FRA
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
JTG4FASMEMC5FRQR
x-amz-id-2
RJWQ3B4uFee9jFfO4F9UsJvvyZidNgH2P3oNKTJoVSTnMfbNG0Y6abzGQ2hjQsCeaW/jgcebJV0=
last-modified
Wed, 24 Feb 2021 21:32:13 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202259/ctime:1614202259/gid:65534/gname:nogroup/md5:7aca57ab14207e6680940b323996fd99/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"7aca57ab14207e6680940b323996fd99"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o9WYChcNawwTBxyj1xGgLIOR7mortC3%2BOAMvbcCwMm%2B9Q5yhhEdoCNSRx1eSbbnvevqM%2FHzzNF2hzgqbTvuLp5%2BGobt0KhJ1CZHV64pyUMTGVDX4rXAoAj6XOIN0CfY1"}],"max_age":604800}
x-amz-version-id
UvUK_lWjSbxPEMjBUKpYzcvmrcWpw7jB
access-control-allow-origin
*
cache-control
max-age=14400
cf-request-id
08906f474d00004a9e5d1ba000000001
content-type
application/javascript
common-icons-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ Frame 2949 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/common-icons-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bace0f6fe59e0ccc667a3e715835718ff770c4ddedb20773f95405c4c771fae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://static.quiq-cdn.com
Referer
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6927
x-amz-server-side-encryption
AES256
cf-ray
62941b1ee80f4a9e-FRA
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
JTG19A0VMY8CX7P8
x-amz-id-2
9xEQB2+yGeAdC4WaiGbwE1h/ld0HfjtiOWS+1WEGm9JzO//Oo26rNQbpIicYhKa5dE2S4HCbOuw=
last-modified
Wed, 24 Feb 2021 21:32:14 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202260/ctime:1614202259/gid:65534/gname:nogroup/md5:1e5121ae95de4e79198300b7c6fd47f3/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"1e5121ae95de4e79198300b7c6fd47f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Nq%2FSBQ3GWyY3EwcjRtySWMAFc04HueqOPLqXSBJSeC1CCDg%2FXqn3WO%2Fr8EsRJDmSnXAPmdh343ntoXDk97B4OLO2SRvBojhbBSssue3rlsi20cjOageHmaFookW3FpM7"}],"max_age":604800}
x-amz-version-id
Y16KXdXefqrF_lWG4DM2L_LzYrcnUMkU
access-control-allow-origin
*
cache-control
max-age=14400
cf-request-id
08906f474d00004a9efbbeb000000001
content-type
application/javascript
common-dependencies-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ Frame 2949 		683 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/common-dependencies-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d097eaf8a4614ee25bc4db5ce514dfa97cce2879683221f3f62e62481ce8b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://static.quiq-cdn.com
Referer
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6927
x-amz-server-side-encryption
AES256
cf-ray
62941b1ee8104a9e-FRA
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
JTG3Q0RHMRRHZSJX
x-amz-id-2
InERD61oFDmIIzaR9x3dgXhLili1M0nd90SJs6S/h5/mQJm/bEhhg3OqZAaYKflcVHPQhKx/dvs=
last-modified
Wed, 24 Feb 2021 21:32:14 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202260/ctime:1614202259/gid:65534/gname:nogroup/md5:ee6d8125157edb5f77c2fab4572dcc31/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"ee6d8125157edb5f77c2fab4572dcc31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WQhJ2D8ma%2FHsNkW3wraR5Lt3Zm9V3VIDqyUDCTGOrLA3rBi112dQt9RvYH7U1mb%2BUYLRk7W5OsyMJZdIQ1%2Flxh%2B1kB2WqZ9E%2BpPdCjYsXecni%2FZVKGOxVEEgEDVLp18y"}],"max_age":604800}
x-amz-version-id
iAOjUUnUqxuDrk_g8D34bw.X3_TMnfzf
access-control-allow-origin
*
cache-control
max-age=14400
cf-request-id
08906f474d00004a9e1e0d4000000001
content-type
application/javascript
common-webchat-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ Frame 2949 		361 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/common-webchat-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
110d9210d0c9411fdd707190d08b3b11e6ec7561f1a52c104569b743ffeb3b1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://static.quiq-cdn.com
Referer
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
6927
x-amz-server-side-encryption
AES256
cf-ray
62941b1ee8124a9e-FRA
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
6AFVVJ4PQ2110ZWC
x-amz-id-2
KDgWWY4lBPXOjskOWU1zA5NpYm/SIAGT+wGkoHEDiKlWIWpuUV2FvZs7UIVzJ4Ab6turVQOY44s=
last-modified
Wed, 24 Feb 2021 21:32:14 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202260/ctime:1614202259/gid:65534/gname:nogroup/md5:3d0c88839e7cbfe031c5d22d2ea4ff66/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"3d0c88839e7cbfe031c5d22d2ea4ff66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qgRgaIyk3PKGVg1bp1mZKyu%2BmDrd7qDE1rDny3ro9xcb21x4KWqPO4ih1kEICqLH5U%2BQlSIwWVmLYgLjfrqwO0e4lAgbN%2F19XbFeO9rJnT%2BiTjueIuWefWEaDlvcD9Jb"}],"max_age":604800}
x-amz-version-id
2HZgsPKsLKgTR6OFD2w2MEw1L6J3OKGi
access-control-allow-origin
*
cache-control
max-age=14400
cf-request-id
08906f474e00004a9e02bd4000000001
content-type
application/javascript
webchatMain-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ Frame 2949 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/webchatMain-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00931260b211b191ca24b62c19402fe194cb4fc080a7b29f0adca7cdb7c3e9e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://static.quiq-cdn.com
Referer
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3825
x-amz-server-side-encryption
AES256
cf-ray
62941b1ee8134a9e-FRA
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
0969KCFN4JM9Y6EM
x-amz-id-2
jTBqEXSCH9wEpXSrBEYvWPAqQoSQBPBKjhebSYZWDAM38l2tSm1ZECgmGy7Na9rvUJzqF5SASqA=
last-modified
Wed, 24 Feb 2021 21:32:17 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202261/ctime:1614202259/gid:65534/gname:nogroup/md5:cdb8a16e0b04e3212d053b3834d6c81d/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"cdb8a16e0b04e3212d053b3834d6c81d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iw8ywVr6MTxiRk8cEi76jRpNeTo9YkmrAuAMfbbTr9lRSLWDmBBYEyBlLCukE8DotIwecGsbmHkElkLNrwfshi%2B%2F2Atp%2BbBVelLPIUbsHUCvJ7M%2Ff7%2FXmjqI7Z7smwRy"}],"max_age":604800}
x-amz-version-id
4t8elIFnmW09kK29ntKTmSgKrYNBdQYJ
access-control-allow-origin
*
cache-control
max-age=14400
cf-request-id
08906f474d00004a9e0c38d000000001
content-type
application/javascript
webchat-1.7.262-hotfix.1-651e9c00.js
static.quiq-cdn.com/webchat/ Frame 2949 		2 MB
318 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.js
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/webchatMain-1.7.262-hotfix.1-651e9c00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ba3e7b6b100d70455336b877277c446abd9371d4aaf7f8954600fdcdae1bfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://static.quiq-cdn.com
Referer
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
3744
x-amz-server-side-encryption
AES256
cf-ray
62941b1f69074a9e-FRA
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id
Z3GEDMYVCGSDC5BG
x-amz-id-2
uZtbl6qbLTqXvwvtWtulsKgod8zGubR3oplE5dLRZPNitKwCf6uUmuF8EH8W1JFkAjOWuibUi0o=
last-modified
Wed, 24 Feb 2021 21:32:16 GMT
server
cloudflare
x-amz-meta-s3cmd-attrs
atime:1614202261/ctime:1614202259/gid:65534/gname:nogroup/md5:35e12c99f477e44169bb6362c1282a57/mode:33188/mtime:1614202259/uid:1000/uname:jenkins
etag
W/"35e12c99f477e44169bb6362c1282a57"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
0
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5xhbWhCqKK9%2Bs6azTVzCE7UuJETaJ1fYBHlObaJPTZ3Xe1ZdKs9smWG%2FAQtbt6PAM%2BiQmbDNj5Y4lblilzonYvbtzl9R2eKIUqmMeeF0w3y%2BsAGjyRQtXAnovoeXA7ON"}],"max_age":604800}
x-amz-version-id
arqXVQT5QcHiaxWxgDEF2G5ZBwYSpIsf
access-control-allow-origin
*
cache-control
max-age=14400
cf-request-id
08906f47a500004a9ef0046000000001
content-type
application/javascript
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=305112770243745&ev=Microdata&dl=https%3A%2F%2Fwww.paynewest.com%2F&rl=&if=false&ts=1614619750346&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22PayneWest%20Insurance%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1614619748750.1909229107&it=1614619748365&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 01 Mar 2021 17:29:10 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 01 Mar 2021 17:29:10 GMT
truncated
/ Frame 2949 		321 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
110de86e5e4aeb9b195bf9e581add1410c70b8a29e51cb8d20a550aa5ee5bfee

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/jpeg
agents-available
paynewest.quiq-api.com/api/v1/messaging/ Frame 2949 		18 B
779 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://paynewest.quiq-api.com/api/v1/messaging/agents-available?platform=Chat&contactPoint=%2B14065778228
Requested by
Host: static.quiq-cdn.com
URL: https://static.quiq-cdn.com/webchat/common-core-1.7.262-hotfix.1-651e9c00.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
631f4d836f9d199ee9721cc528112d8b61d2b90455bb214dd364596b487fe6b6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-Quiq-Line
2
X-Quiq-Client-Id
Quiq-Chat-Client
X-Quiq-Client-Version
2.16.82
X-Quiq-Referrer
https://www.paynewest.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Quiq-Access-Token
undefined
Referer
https://static.quiq-cdn.com/webchat/webchat-1.7.262-hotfix.1-651e9c00.html
x-centricient-correlation-id
30629d70-5471-613a-7f6e-2070ea6463b4
X-Quiq-Time-Zone
Europe/Berlin

Response headers

date
Mon, 01 Mar 2021 17:29:11 GMT
x-content-type-options
nosniff
cf-cache-status
EXPIRED
nel
{"report_to":"cf-nel","max_age":604800}
vary
Origin, Accept-Encoding
content-length
18
cf-request-id
08906f4bc700004dd68f9c8000000001
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r5J75vpKWWo5%2BSz%2BBprPkEy27jmkkt83xZFJq0l5CjPHiG9c1MA4tJoidksoFBY2cLijv9vLBppNRUxuXaLGa0B59oPgBOU%2BJ0bsV4dux9YbQ%2FLW1LpdrNlmY8Tn%2FQbZrpoi"}]}
content-type
application/json
access-control-allow-origin
https://static.quiq-cdn.com
x-xss-protection
1; mode=block
cache-control
max-age=20, public
access-control-allow-credentials
true
content-security-policy
frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
accept-ranges
bytes
cf-ray
62941b260e744dd6-FRA
expires
Mon, 01 Mar 2021 17:29:31 GMT
agents-available
paynewest.quiq-api.com/api/v1/messaging/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://paynewest.quiq-api.com/api/v1/messaging/agents-available?platform=Chat&contactPoint=%2B14065778228
Protocol
H2
Server
2606:4700:20::681a:6db , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-centricient-correlation-id,x-quiq-access-token,x-quiq-client-id,x-quiq-client-version,x-quiq-line,x-quiq-referrer,x-quiq-time-zone
Origin
https://static.quiq-cdn.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Mon, 01 Mar 2021 17:29:11 GMT
content-length
0
access-control-allow-origin
https://static.quiq-cdn.com
vary
Origin
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,HEAD,DELETE,PUT,PATCH
access-control-allow-headers
X-Centricient-Correlation-Id,Accept,Content-Type,X-Quiq-Line,Origin,X-Quiq-Client-Id,X-Quiq-Client-Version,X-Quiq-Access-Token,X-Quiq-Referrer,X-Quiq-Time-Zone
cache-control
max-age=20 public
expires
Mon, 01 Mar 2021 17:29:31 GMT
content-security-policy
frame-ancestors 'none'; report-uri https://sentry.goquiq.com/r/d/csp/enforce;
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-cache-status
DYNAMIC
cf-request-id
08906f49c500004dd6c3157000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rno0WvRT5uFL2zhBX%2FwdYHeu7VzC2ty%2BkrEioS3Q73ZNqO975OpTctks1g8QfhWLzt5fl0nRpXc2QunE8hTDLL3N1xyjMnqMRh9PM%2BQC6DXvkYrajOENgXn2IdbZilewvZ6p"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
62941b22cf814dd6-FRA

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| Typekit object| _wpemojiSettings undefined| $ function| jQuery object| html5 object| Modernizr function| fbq function| _fbq object| ensBootstraps object| Bootstrapper object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| __quiq__ object| __core-js_shared__ object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime function| Quiq object| RRAPI object| wpcf7 object| wpcf7r object| wpcf7_redirect object| wpcf7_recaptcha function| Picker function| getUrlVars function| getQuoteform function| getQuoteformbusiness function| getOnlinequoteauto function| getOnlinequotehome function| getOnlinequotecondo function| getOnlinequoterenter function| showProgress function| show_row function| personalQuote function| personal1 function| personal2 function| personal3 function| personal4 function| personal5 function| personalHealthQuote function| personalHealth1 function| personalHealth2 function| personalHealth3 function| personalHealth4 function| businessQuote function| business1 function| business2 function| business3 function| business4 function| business5 function| stiegQuote function| stieg1 function| stieg2 function| stieg3 function| stieg4 function| stieg5 function| personallinesQuote function| personallinesauto function| personallineshealth function| personallineshome function| personallineslife function| personallinesrv function| personallinesrenter function| personallinesumbrella function| personallineswatercraft function| personallineswedding function| personallines1 function| personallines2 function| personallines3 function| personallines4 function| personallines5 function| collapse1 function| collapse2 function| collapse3 function| collapse4 function| collapse5 function| collapse6 function| collapse7 function| collapse8 function| collapse9 function| collapse10 function| collapse11 function| collapse12 function| collapse13 function| school_collapse1 function| school_collapse2 function| school_collapse3 function| school_collapse4 function| school_collapse5 function| school_collapse6 function| school_collapse7 function| school_collapse8 function| school_collapse9 function| school_collapse10 function| school_collapse11 function| school_collapse12 function| school_collapse13 function| school_collapse14 function| school_collapse15 function| school_collapse16 object| wp object| chat string| GoogleAnalyticsObject function| ga function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_share object| addthis_config function| initAddThis object| recaptcha object| closure_lm_454418 object| twemoji object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp_quiq_ boolean| __@@##MUH object| QuiqUtils undefined| _ object| __SECRET_EMOTION__ number| __mobxInstanceCount object| __mobxGlobals object| __postRobot__quiq__ object| FontAwesomeConfig object| ___FONT_AWESOME___ object| _atw string| addthis_exclude boolean| addthis_use_personalization string| addthis_options_default string| addthis_options_rank string| addthis_options object| __callbacks

9 Cookies

Domain/Path Name / Value
www.paynewest.com/ Name: loglevel
Value: WARN
.paynewest.com/ Name: _gid
Value: GA1.2.1019617312.1614619749
.paynewest.com/ Name: _ga
Value: GA1.2.367761861.1614619749
www.paynewest.com/ Name: __atuvs
Value: 603d24640c9bc339000
.paynewest.com/ Name: _gat
Value: 1
.google.com/recaptcha Name: _GRECAPTCHA
Value: 09AAb-fcxEhWyqGfJwEKy-4eI-rfq6wzvFlZvkIoOJ3VXbnxX3MY3jypIBlli9kgs-eMNvbSNWkfQ59mrux0VL4r8
www.paynewest.com/ Name: covid19popup
Value: 1
.paynewest.com/ Name: _fbp
Value: fb.1.1614619748750.1909229107
www.paynewest.com/ Name: __atuvc
Value: 1%7C9

9 Console Messages

Source Level URL
Text
console-api log URL: https://www.paynewest.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2
console-api log URL: https://www.paynewest.com/wp-content/themes/paynewest2/js/app.js(Line 267)
Message:
undefined
console-api log URL: https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.min.js?ver=5.6.2(Line 6)
Message:
[cycle2] --c2 init--
console-api log URL: https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.min.js?ver=5.6.2(Line 6)
Message:
[cycle2] next: .cycle-next (string)
console-api log URL: https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.min.js?ver=5.6.2(Line 6)
Message:
[cycle2] prev: .cycle-prev (string)
console-api log URL: https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.min.js?ver=5.6.2(Line 6)
Message:
[cycle2] autoHeight: container (string)
console-api log URL: https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.min.js?ver=5.6.2(Line 6)
Message:
[cycle2] slides: li (string)
console-api log URL: https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.min.js?ver=5.6.2(Line 6)
Message:
[cycle2] timeout: 6500 (number)
console-api log URL: https://www.paynewest.com/wp-content/themes/paynewest2/js/jquery.cycle2.min.js?ver=5.6.2(Line 6)
Message:
[cycle2] fx: fade (string)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cf.rocketreferrals.com
connect.facebook.net
cs.choozle.com
d1eoo1tco6rr5e.cloudfront.net
fonts.gstatic.com
insight.adsrvr.org
nexus.ensighten.com
p.typekit.net
paynewest.quiq-api.com
s7.addthis.com
static.quiq-cdn.com
stats.g.doubleclick.net
use.typekit.net
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.gstatic.com
www.paynewest.com
z.moatads.com
104.75.88.112
13.225.83.200
18.195.42.228
2.18.235.40
2600:9000:211e:7800:1b:7d8f:c640:93a1
2606:4700:20::681a:6db
2606:4700:20::681a:b81
2a00:1450:4001:802::2003
2a00:1450:4001:810::2003
2a00:1450:4001:813::2004
2a00:1450:4001:827::200e
2a00:1450:400c:c1b::9b
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.95.105.156
54.77.184.190
64.207.180.218
00931260b211b191ca24b62c19402fe194cb4fc080a7b29f0adca7cdb7c3e9e0
00c2b07f68012ed34338615bb433e5e064d46c2012ecdc54b4a9dbc7aca8e584
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
0c0cbf9da5c74df2ab0c803af95e03905ba87cc1aaca7f52a88e9e8d3302a0d0
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
110d9210d0c9411fdd707190d08b3b11e6ec7561f1a52c104569b743ffeb3b1c
110de86e5e4aeb9b195bf9e581add1410c70b8a29e51cb8d20a550aa5ee5bfee
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
13aba939a779f2f0e74ff4e187c1fb48b5a67a233662f516c683e0d95d7af5c7
178bcbfafbb734c9e49276f0be034f935fe9f53eda7d8b00fcfe1537b3c679cf
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ccdbe5fba95906eb04fed55b6d5fe05d4130f09d1ef62a2a195b07bfcd20d98
1e71dfd2075bdd8ab13805b0c9bc396c00c1a3d982d3e9ddde63ccfaf4f2eaaf
25cc21e36fab99b3e937a1aadb74cbc5fbec4db6c7e86a32b975f0ed54800452
267f86b986829cb9a3c46b9fcdbc56783bb923005ba5ef5b27efce504e72ecfa
29ba3e7b6b100d70455336b877277c446abd9371d4aaf7f8954600fdcdae1bfc
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b8b68abf70dd09f37c96091c1a3fd7e16bb0b393fe1743e91651768f4d31082
2cf10237f90a0dcc3e39fecd37144b6ea6502f79c32b530edaeb6e488e8e3dc2
3186203aba0cdf0d885a4187ba5064580209435f4eddd9ecf3f8259c0f187f2b
32fc92559b3650a7e3190d8f764884f3c5813ce58243b67c015d6af9c01dcacd
331e28331399f0bb400e8fe8e3c1100050817871865395b84ad59bbc30eb74bb
36f32c4cbc83986422cec18111cc26724c8933aaa83aba652f6e8d042174d042
38ed7e537954d1d01c8e0cbd32e9752708a28fbef76f10901f6eb338a4e6f8ec
39492f3c9f87d34d4d53b7fa1fc66d5003f986552288bb55ac10e7507d4c69dd
3db8832eb6f01a358f132faccd9f71dfad359c7263b9c5e441a185d201d67146
4199924074a0d79b585b57c46be13bf7e07752e6119aa31654bbbb465adc51e6
41bb54c5e41bfff348c98ec5a29df6dff1b3f220e5b25284943907efaf7cd041
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
46c97699759b3239f2306f7d09df96131fb1044315b07cfdd62b66c2e4c0125b
49e8ac01038683b42782a6f6b425c55109bdf3c6ff8731ca52cbd7d1d6498fe2
4a85a057330bbc6272c3dd4c02a15317b08a92b4de7514d9fda7d8cbf82a3cac
4aec0d8af31bb151c8f694987d4b845af579fd6dbff33d6781fc92ab8a77a540
4e136e38378cfd4a3b7961e9f2f6218a9ab7841b373e46b9a89fa266501321b5
51c447096782a3b9b21ec336bc7a97ba9e7f19812e80eeeaa752000e6434f7bb
52d097eaf8a4614ee25bc4db5ce514dfa97cce2879683221f3f62e62481ce8b6
5907f5afebdcdc19988b353d3cf27ab115aa5853c46742be2bc2057ad29d032f
5a6bdfc07b80c8ece7cb8e58c77d97ed125581016647766861f31c266917f41d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cad23123d333225d3cf2e14d18ce4cc630ebf32c8911c9bb85725fa2aa3bdc8
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
631f4d836f9d199ee9721cc528112d8b61d2b90455bb214dd364596b487fe6b6
63a3b0fb35f847fc2ff3f597cd02c36cc713f529220e64d1032ac11112fc417d
6673bd709d9003857044e0d9e10e44541484c29a0e6e0d3821d9231efc84b590
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b08ea3a348838bc942ad470a757575975bd09459b63c1872c6e1129a6ca1939
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bace0f6fe59e0ccc667a3e715835718ff770c4ddedb20773f95405c4c771fae
6e75b6efb3e4fbde58859530a19a749234cb09034aea3d04b792355ca60bdeea
6f880743faab910830a492f0609d6acc5cfeb6ee023d1a0635c35bcf5593b1c5
6fdcb2a7390f997b0f86297997bb3df423c9739e55b3303b8fd6b3d7943d1983
723e4df1e48e965be303878a0c410a26f39cb84b502f3344dea5ad157337759b
737ba2ba9cf1d8733c8865f99edd983f1918c3aeb3cccf30300b17b397351409
77247a540e9a2e6057238feaf2595c128e4efa01b451c98bdae47006e1a17465
778e852a19385f3c8f1dc4966d5cb67c1c2126ff0b44ef5308ccf23b5e093d85
7f29bbb17091fd140c20bc525a78b48c50535b35432e05ef7626c6a2c3979e2d
7f5c5be33e854eda84252600adaa63bac5b40bbfaba2325bbf37e60137062ff9
7fabee3c86cefc3dd5d9f0e16401b5d883ef655f143df5d5c95a165580b0c9b1
80104785aecd32b7f61bae57b83e9ad49465a160a1c3bec54df86a00c421f1dd
83553d22ccd56e5576d544f6ba93475c712b3c02d312893eea2acc16de5fcf91
83d59b1fc3405ac04cb1e9cacc0c83916a90326fc7a4a4f6358e2a898b6f2be8
85f053a897e1f9dbf748a0a9441cc5e341f3df5c3c2fb1c989a6564960abf698
861e7fa35b9e169a8114d32322fe795d39e2ed299718b2ade9244e7740ae935a
8afb9b5af4db51a3db343ecddc585f8fefbf8feca070340eab505cbac510a381
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fcdc7f93bc4789659becb9b7d361d888e6e5069654a30b0ab7684291a801842
929cff77dfb41a2bacc6e8fb95c95393f9dd98da057120e13ff10fc743afdbe0
94d36a200338fd4f2829cbf0d25058b7203645aef75c82dc2e235c41efb53e22
994d6c2bce04581d5cf2ab2293807090f476a394c0551986113dbd1db0145f89
9af9be4ff3a3b36ed436b449b4105ddee2b6e46a03605e60c31479579625ed8e
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c0647c53dde19cd56b2dfd0626db41f3db20c92984e1e6a4d469c19e4823adf
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a41ca2028fb01845ff7af34b179774af5a00f5b1ade8c60b14aa3d134f1cfbe1
a63ad5db399cbf133df4954868d069a0438e0f43082a25b09bd884deb1fe77c3
ab1e16c1b3f793e0aec723c7a7add9e179781105d1646ced630af7007ca52720
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ada81abb95d635868d07308331f057eada526ec62a787024512c97d71c8859e6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef711d1643073ab593de1d958ee854d6f63339cb216eda43666fb9dfcebffd0
aefd2ba82e661761b0c567f8516d2310a6c904a4b473ce827385bf47d5d26ef8
b03a60d8b3a10ffdc61cdc3106c886538130baaf15ed91086eb1f252a99c0888
b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
be7e5a98a8de5559cb2d5dc2ec07443831e3dba46c4841e97095ab6c1a4720ab
c2d3e053485c3653b2c9129c399d898f5de937357c6ffb1e6192d13780e8bca2
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
c4f1a413e47f90162ead328b5fe465ece8c0e32a1625bce9598d76c420a92f32
c9004f4fece6ff8fe474db9e65394ce4ecdd6045ba64ec97f17e3fcedf5e2eda
cd4b74aee793b8abc6901c816b03da56e5b580c7d7cfb8ab3cb4d2ca5edf3bfa
d1f5cfd8560694b80491774752038f892f86468801e6af9d8b359b77ccae97b6
d2fb6f79d7a4ab0226ce9634cc960a4430c488459219c956d350868b39f20783
d39cb521a397fd2ed8be09a6384df48929e13a1e69f7f3de4e9fc51bc8caca46
d5de58512afb9ab808e101c5897d78c0d3dd844b3eed4cdbe92e7c603bf855b8
dc0fe4596f78127a565afc80a82bc24ad3767350f496f2619ac771003d2f4709
dc566b627ce2f3c3f3df65710317f6c704cd4ecfdb8d423ed1900c45edeb7fcd
dd7b97c7ad9d7b3eb79bdc728bcbc6a7ab8e3d5db0421fb0dd16d34f3dc88277
e008bc0bca2fa6f9b9c113fad73551230961baec88c06b20997ec50171bb2b6b
e495b37c775f71f69ce3771d2d516222ad3c540d33ad071ea2e662642b862b3d
e5b2ed1f6401b3666681adfa98e0ffe7c908f6eec612bccb3779dce20b24687b
e7f9c17f15224fe85fc466b2281bd22169213a260c26953d362d869915f5e377
ec6e7ab000381705ed92199657dc66badf7e794a3c06df5e85b54ac1b674d622
eec273c6b05e149ef3dcaf0165c98b7668d7bd5c10460abb14f8001b99ee5609
f2e7a9d654c5d5182cb90e4cd150dfca89dfb4484505f2f052ed31a2e0a66db0
f595ea2df1e9202def2716b9a1b2b69c00dcccb07396ea3978acb7641b3dbcee
f7152f7c366a59b3d7e0093f6c259a85af6ccad2a1d355fc99eb92e3b59751a0
f8d1e50c9bd4211108efc275a6092b34934e864264d768b67cc0eb3bcc09e3fd
f906ed281ceda1306fbd860385088c758bcde9998b699217067c90fbbd5807a7
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40