paybackpages.com Open in urlscan Pro
34.96.116.138 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://paybackpages.com/
Submission: On February 01 via automatic, source certstream-suspicious (February 1st 2021, 4:37:29 am UTC)

Summary HTTP 89 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 10 domains to perform 89 HTTP transactions. The main IP is 34.96.116.138, located in United States and belongs to GOOGLE, US. The main domain is paybackpages.com.
TLS certificate: Issued by R3 on December 2nd 2020. Valid for: 3 months.

This is the only time paybackpages.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	34.96.116.138 34.96.116.138	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2014	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:818::2013	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (HIGHWINDS3) (HIGHWINDS3)
50	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
8	2606:4700:10:... 2606:4700:10::ac43:2642	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2010	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
89	13

1 34.96.116.138 (United States)

ASN15169 (GOOGLE, US)
PTR: 138.116.96.34.bc.googleusercontent.com

paybackpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imos006-dot-im--os.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:818::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.paybackpages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::ac43:2642 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vsb31.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:3::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googleusercontent.com lh3.googleusercontent.com themes.googleusercontent.com	4 MB
11	googleapis.com fonts.googleapis.com storage.googleapis.com	33 KB
10	paybackpages.com paybackpages.com www.paybackpages.com	96 KB
8	tawk.to embed.tawk.to static-v.tawk.to va.tawk.to vsb31.tawk.to	117 KB
3	jsdelivr.net cdn.jsdelivr.net	54 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	youtube.com www.youtube.com	39 KB
1	gstatic.com fonts.gstatic.com	12 KB
1	jquery.com code.jquery.com	29 KB
1	appspot.com imos006-dot-im--os.appspot.com	2 KB
89	10

	Domain	Requested by
49	lh3.googleusercontent.com	paybackpages.com
10	fonts.googleapis.com	www.paybackpages.com static-v.tawk.to
9	www.paybackpages.com	paybackpages.com
3	vsb31.tawk.to	static-v.tawk.to
3	cdn.jsdelivr.net	static-v.tawk.to
3	va.tawk.to	static-v.tawk.to
2	www.google-analytics.com	paybackpages.com www.google-analytics.com
2	www.youtube.com	paybackpages.com www.youtube.com
1	static-v.tawk.to	embed.tawk.to
1	themes.googleusercontent.com	www.paybackpages.com
1	storage.googleapis.com	paybackpages.com
1	fonts.gstatic.com	fonts.googleapis.com
1	embed.tawk.to	paybackpages.com
1	code.jquery.com	paybackpages.com
1	imos006-dot-im--os.appspot.com	paybackpages.com
1	paybackpages.com
89	16

This site contains links to these domains. Also see Links.

Domain
www.tawk.to
www.paybackpages.com
facebook.com
instagram.com
twitter.com
linkedin.com

Subject Issuer	Validity	Valid
paybackpages.com R3	`2020-12-02` - `2021-03-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.appspot.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.paybackpages.com GTS CA 1D2	`2020-12-07` - `2021-03-07`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh

This page contains 4 frames:

Primary Page: https://paybackpages.com/
Frame ID: 26A5E5E9284E4CBC73E385422CCB62CA
Requests: 83 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 9BDC4AD3B41E005C7F57083682502AAF
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 823232DA28C74238FAF6602E64AEDEEE
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 755B599039AB600AB01C06CE961BFF21
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /\/\/embed\.tawk\.to/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

89
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

16
Subdomains

13
IPs

4
Countries

4087 kB
Transfer

5382 kB
Size

4
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.tawk.to/
Title: tawk.to

Search URL Search Domain Scan URL

URL: https://www.paybackpages.com/start
Title: Get started

Search URL Search Domain Scan URL

URL: https://www.paybackpages.com/themes
Title: Templates

Search URL Search Domain Scan URL

URL: https://facebook.com/paybackpages
Title: Facebook

Search URL Search Domain Scan URL

URL: https://instagram.com/paybackpages
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/paybackpages
Title: Twitter

Search URL Search Domain Scan URL

URL: http://linkedin.com/company/paybackpages
Title: LinkedIn

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
paybackpages.com/ 179 KB
32 KB 324ms
174ms Document
text/html 34.96.116.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.96.116.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 138.116.96.34.bc.googleusercontent.com
Software: openresty/1.17.8.2 /
Resource Hash: 5e8d03af278882b7739136ba7bab695fead53266d6417e3571dd8308735a7969

Request headers

:method: GET
:authority: paybackpages.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: openresty/1.17.8.2
date: Mon, 01 Feb 2021 04:37:04 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
x-cloud-trace-context: 01faf9e70047c98e0e969b0f75a71b14
x-cache: HIT
content-encoding: gzip

GET
H2 200 iframe_api Show response
www.youtube.com/ 810 B
1 KB 42ms
22ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d6de80de5e0ae52ef1ad216786b952b781b7c95f4297675dd2a81d70985bedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control: private, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
content-type: text/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Feb 2021 04:37:04 GMT

GET
H2 200 imos.js Show response
imos006-dot-im--os.appspot.com/js/ 6 KB
2 KB 159ms
119ms Script
application/javascript 2a00:1450:4001:82b::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://imos006-dot-im--os.appspot.com/js/imos.js?v=1.5.5a
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 884663c1137f80922a8e50d96df7b23ba59ea46caf3bf6cd89b38e231decf4e5

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:04 GMT
content-encoding: gzip
server: Google Frontend
etag: "NjoVCA"
content-type: application/javascript
x-cloud-trace-context: c8310d5817eb93e34f3b90cbada515bb
cache-control: public, max-age=600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 01 Feb 2021 04:47:04 GMT

GET
H2 200 fonts.css
www.paybackpages.com/css/ 5 KB
2 KB 56ms
13ms Stylesheet
text/css 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9a125df1d257d6cc1f82f703c40b513df8a6cfa1b710c5f7955e97aaebb496aa

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 19:00:36 GMT
content-encoding: gzip
server: Google Frontend
age: 34588
etag: "kU2fsw"
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 239eb30854c01bf0858e3fab99f0158c
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 1657
expires: Mon, 31 Jan 2022 19:00:36 GMT

GET
H2 200 static_style
www.paybackpages.com/ 51 KB
5 KB 4715ms
4675ms Stylesheet
text/css 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/static_style?v=1.5.5a&vbid=vbid-85854344-abbmfckb&caller=live
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 5e3ea5d67c2e5ea5baf0ca91a3fe48af307b503341667bd95f0136fd46593fc7

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/css; charset=utf-8
x-cloud-trace-context: dc8a10b887ce0cdf4444d06adccc82ae
cache-control: no-cache
content-length: 4635

GET
H2 200 jquery-2.x-git.min.js Show response
code.jquery.com/ 84 KB
29 KB 26ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:3b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.x-git.min.js
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 22af5bc82c5abf9d2d53d5252b2ae15c04c39b2e67d39d9150ace8b3b9fe6809

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:04 GMT
content-encoding: gzip
last-modified: Wed, 22 Jun 2016 11:41:26 GMT
server: nginx
etag: W/"576a7966-14e1f"
vary: Accept-Encoding
x-hw: 1612154224.dop212.fr8.t,1612154224.cds228.fr8.hn,1612154224.cds160.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public
accept-ranges: bytes
content-length: 29834

GET
H2 200 xprs_helper.js Show response
www.paybackpages.com/js/ 35 KB
11 KB 54ms
14ms Script
application/javascript 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/js/xprs_helper.js?v=1.5.5a
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 16236a16a95009024cebc75718409ad144ef5dd78a3227a44b4f642ae2cfff07

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 19:00:36 GMT
content-encoding: gzip
server: Google Frontend
age: 34588
etag: "kU2fsw"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 10cb456b47a9a8bb8e9c2d19eb42e9eb
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 10845
expires: Mon, 31 Jan 2022 19:00:36 GMT

GET
H2 200 all_js.js Show response
www.paybackpages.com/ 91 KB
14 KB 328ms
289ms Script
text/javascript 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/all_js.js?v=1.5.5a
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0231fb205e734ab88f10ac166de4310ad47e2cd136ac51edc9e67e0b6d717f92

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:04 GMT
content-encoding: gzip
server: Google Frontend
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 35b66e9d9244135f19c63d6f0a18591e
cache-control: no-cache
content-length: 14489

GET
H2 200 jquery.mobile.custom.min.js Show response
www.paybackpages.com/js/lib/touchswipe/ 8 KB
3 KB 53ms
14ms Script
application/javascript 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/js/lib/touchswipe/jquery.mobile.custom.min.js
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 7cb4efd75d841420c32a07f5880f53c1b59a78a2ca21e4c805a6a10c0f1ad429

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 07:26:34 GMT
content-encoding: gzip
server: Google Frontend
age: 76230
etag: "kU2fsw"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: efe825c9c9cdcfbfa3389e4f55c4c62f
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 3099
expires: Mon, 31 Jan 2022 07:26:34 GMT

GET
H2 200 qb-w6aeqHYk-_RZ-jdJ6I2bD4L9CkHqEUT_lurYsbhnJfOVZaYnB2oCkx5DiHlQcyT7Un1H3vhy9OkdDNx4
lh3.googleusercontent.com/ 12 KB
13 KB 43ms
23ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/qb-w6aeqHYk-_RZ-jdJ6I2bD4L9CkHqEUT_lurYsbhnJfOVZaYnB2oCkx5DiHlQcyT7Un1H3vhy9OkdDNx4

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

683a33fe781f40e8cd50572a31d2abb55e91a211a4b31d04aaa200f9e940f261

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:05 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12781
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:05 GMT

GET
H3-Q050 200 EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50
lh3.googleusercontent.com/ 579 B
962 B 34ms
21ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/EWqW7DEI4kOTRMLjK2-ObFHp-EYBt5apFYZ1LVFAhLtTLjigCRfx5hCCTKbIjIm68VQ00p9twloHJ9w8=s50

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a333cdf6c3ad96cd6a310a52c96467e71aabbe4bb091db62db9989587df38753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 00:51:40 GMT
x-content-type-options: nosniff
age: 13525
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 579
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 00:51:40 GMT

GET
H3-Q050 200 TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50
lh3.googleusercontent.com/ 206 B
285 B 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TgRyMQvJ3_h9RmOnu7AlhIE7NLOOBsRoBounARrs8fQv8HCRPaFtpBneSqJOSZpI6l7He_bAZKN179JBig=s50

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f20e26f58626bee6c98e4ae3b104bbf633079c4127beff649dd57afbbd6444e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:30:50 GMT
x-content-type-options: nosniff
age: 375
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Feb 2021 20:29:16 GMT

GET
H3-Q050 200 43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50
lh3.googleusercontent.com/ 265 B
295 B 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/43-pXHjwrpmVO8Oean-6BD0uzARvcqUQrpdi7Yw2bxaXwEoP21UdN5kW6Ks9pdOxf7ropMUrh0djgYPwYPU=s50

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9060a290f229a10d3358d3fb1d89df6eb0e085ce49e1e14a751febb50c27f69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 00:51:40 GMT
x-content-type-options: nosniff
age: 13525
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 00:51:40 GMT

GET
H3-Q050 200 9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50
lh3.googleusercontent.com/ 262 B
341 B 7ms
7ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/9rwgVnDglPdPFugSu98fhDmxzjXC9KovZ_7BuHkXPIv6jvg9S96flGnhL_e4y8mIpPpZQstfqEV-WitY=s50

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bce587a05f16dcc4c6160c77318f9cbc0253c0c178469bdf4dcb3ee74a4c6009

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 02:04:38 GMT
x-content-type-options: nosniff
age: 9147
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 262
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Mon, 01 Feb 2021 18:03:49 GMT

GET
H2 200 lightbox.js Show response
www.paybackpages.com/js/ 16 KB
4 KB 129ms
129ms Script
application/javascript 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/js/lightbox.js?v=1.5.5a
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 4d0043cf27b66c2a38040edf85abca8596be2d9368c73bef172a668160e50665

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:04 GMT
content-encoding: gzip
server: Google Frontend
etag: "kU2fsw"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 2e9d3984aad3977a934a51bacc329035
cache-control: public, max-age=31536000
access-control-allow-credentials: true
expires: Tue, 01 Feb 2022 04:37:04 GMT

GET
H2 200 spimeengine.js Show response
www.paybackpages.com/js/ 75 KB
21 KB 13ms
12ms Script
application/javascript 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/js/spimeengine.js?v=1.5.5a
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 0e052a42588678115282200dfcf7a9e187ac63bcc6828521886de793221b2c24

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 19:00:36 GMT
content-encoding: gzip
server: Google Frontend
age: 34589
etag: "kU2fsw"
content-type: application/javascript
access-control-allow-origin: *
x-cloud-trace-context: 3d08c516f3861df7a735ee5e4aa069fe
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 21630
expires: Mon, 31 Jan 2022 19:00:36 GMT

GET
H3-Q050 200 www-widgetapi.js Show response
www.youtube.com/s/player/7bc032d0/www-widgetapi.vflset/ 103 KB
38 KB 33ms
21ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/7bc032d0/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71792b5773205a4c4bd25309ddc60397218c2f94f989686cba479df1195d3421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 17:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 01:22:36 GMT
server: sffe
age: 39135
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38038
x-xss-protection: 0
expires: Mon, 31 Jan 2022 17:44:50 GMT

GET
H2 200 css
fonts.googleapis.com/ 71 KB
5 KB 20ms
19ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paybackpages.com
URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99035e8daf3882d8587a0b37f3b4bbe3d9d5e02c1ab8353dcd0fe323d2e33832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 04:37:04 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
636 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: www.paybackpages.com
URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 03:39:17 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 763 B
443 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Baskerville:400italic

Requested by

Host: www.paybackpages.com
URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a161403c902e2d09ec6bccc2b6b878042106910ca721dfef5704667dd4d800c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 04:37:04 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 405 B
402 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Slab

Requested by

Host: www.paybackpages.com
URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2b7143314c5743afae6d03151cec7e91b5a809bc1cb534606427a0192d42b10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 04:37:04 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
827 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Inconsolata|Ubuntu+Mono|Fira+Mono

Requested by

Host: www.paybackpages.com
URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eedd352f8d2f1d480ed624c7c587be46404e6318001f059838baaa18ecf8682d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 04:37:04 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 19 KB
2 KB 24ms
23ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.paybackpages.com
URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

34b0d845d41d3e72767411bcb3fe6930015539d8b2339706d191db60d7cb98a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 04:33:44 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
734 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cairo|Changa|Lalezar|Reem+Kufi

Requested by

Host: www.paybackpages.com
URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05a63960df2f631833b1dca602953e7ad93172c0f924db349216eea5fb64f08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 04:37:04 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4986
date: Mon, 01 Feb 2021 03:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 01 Feb 2021 05:14:03 GMT

GET
H2 200 default Show response
embed.tawk.to/5d506ff777aa790be32e6df1/ 11 KB
4 KB 458ms
443ms Script
application/x-javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5d506ff777aa790be32e6df1/default

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cad8b633b2473968c24cefa9e645cae054a2e5c2bf2c62053c36c7ea5bf2912c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://paybackpages.com
Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
server: cloudflare
etag: W/"stable-v3-709-en"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=14400, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 61a8f9bd5e8ed6b9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07fd7a6a570000d6b9e28ec000000001

GET
H3-Q050 200 pK49DNFhG6-3cjK5HIIqh3JV-1Fw3SiYfQ8cwrl2XanDTziqo1NhHIG1MdFXblCnwn-SqEUYFQ2S-wsG=s300
lh3.googleusercontent.com/ 16 KB
16 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pK49DNFhG6-3cjK5HIIqh3JV-1Fw3SiYfQ8cwrl2XanDTziqo1NhHIG1MdFXblCnwn-SqEUYFQ2S-wsG=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a115a526160ecf9309e4cf8d9c1d25430dba6b18705e0883ee085a25858a916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 ivMgBb-a7vuq8ikBgYiWDqRyHKbvSRFn7NDE3qdg2OoujCOy_Ve4ita2OK5y_X7AwpsuZrefhept1grAuA=s300
lh3.googleusercontent.com/ 9 KB
9 KB 545ms
545ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ivMgBb-a7vuq8ikBgYiWDqRyHKbvSRFn7NDE3qdg2OoujCOy_Ve4ita2OK5y_X7AwpsuZrefhept1grAuA=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2744bf2c88546b794b6fe7bffcf324ec027d4e1d0ab7d5db44bc0ca20533516c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9501
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 d1WJH0DzHKTNdCyKVB1Z7_8s5xEBSswker6aKcj0sOVDHXSy62tdWZ7gaN8iw21nlarNM_iZyVZvoPjeMg=s300
lh3.googleusercontent.com/ 21 KB
21 KB 500ms
499ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/d1WJH0DzHKTNdCyKVB1Z7_8s5xEBSswker6aKcj0sOVDHXSy62tdWZ7gaN8iw21nlarNM_iZyVZvoPjeMg=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cc249d8edbd61c0889539b046d4fa32d6c1406a1e5980ec144e735e88a1317cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21113
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 avIbiZp5PaQz0A-cz0jvIKOy2vDZu6pt2OKCu_2cj7qaajdTalf4a_tcH86UPejyt_31tP-v2fqtYFvKRA=s300
lh3.googleusercontent.com/ 13 KB
13 KB 517ms
517ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/avIbiZp5PaQz0A-cz0jvIKOy2vDZu6pt2OKCu_2cj7qaajdTalf4a_tcH86UPejyt_31tP-v2fqtYFvKRA=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db7bec2301b318d6ea57afaebdb670ff7f6062d681f47faf64abb89faaaaf0ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13481
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 YRvqmOZWQ_0f6dF96_p0MVpxbMhX_D5UpvYZgHsFrNA2IGeDpNd4DOOCM25E3lYdHKSoY3G3ra8zytscPA=s300
lh3.googleusercontent.com/ 18 KB
18 KB 492ms
491ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YRvqmOZWQ_0f6dF96_p0MVpxbMhX_D5UpvYZgHsFrNA2IGeDpNd4DOOCM25E3lYdHKSoY3G3ra8zytscPA=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82229fbe326ea5a71d03fc761f7afe29765b7726d9b9d196136b70cb8bc21aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18595
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 _hNKD2GDt-lHt-U1qTbEsPy7xyREb978WiivtJV9o1gLJCwJtIfcH1MxLtiwEKc6eE9WKONZDbfsKysFJg=s300
lh3.googleusercontent.com/ 17 KB
17 KB 500ms
499ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_hNKD2GDt-lHt-U1qTbEsPy7xyREb978WiivtJV9o1gLJCwJtIfcH1MxLtiwEKc6eE9WKONZDbfsKysFJg=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a527d3967fa0acc1d9bbe75e7896112eaa601ab73a85e9c92730109a7d3dca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17081
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 45Pa0jQ3dAFWHxhB_Ra_44fE7zQTA0F7jRkIOL6Uy2LoygyDvP-IxMqZw4l6RPeWcnbQJkWkmxoCfQSy=s300
lh3.googleusercontent.com/ 15 KB
15 KB 498ms
497ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/45Pa0jQ3dAFWHxhB_Ra_44fE7zQTA0F7jRkIOL6Uy2LoygyDvP-IxMqZw4l6RPeWcnbQJkWkmxoCfQSy=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

de2d8a5902dd6ed5d0452092c3c6bfbd655ac576126b0b6033aeacd0ae9029e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 0e6Z4va0KByZXtzGjGiym5vjHVyquVibFgRIlVASG1zGg35aJ5-bAs2GfpycJ5fdSB-7hXXDzgRB382s5gA=s1000
lh3.googleusercontent.com/ 116 KB
116 KB 24ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/0e6Z4va0KByZXtzGjGiym5vjHVyquVibFgRIlVASG1zGg35aJ5-bAs2GfpycJ5fdSB-7hXXDzgRB382s5gA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f9992cd3147c2570504ae34a0f23db98202956ac73aaed08a809f716d1e9b346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118780
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 PSxwi2O1Y_cVJnWOOBGjcR16d-nF0NbfCfdnPtu64rLhpm_CiaE1o5CXrHcuK4i7-uri-HBJLSj4tIVaQA=s1000
lh3.googleusercontent.com/ 95 KB
95 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PSxwi2O1Y_cVJnWOOBGjcR16d-nF0NbfCfdnPtu64rLhpm_CiaE1o5CXrHcuK4i7-uri-HBJLSj4tIVaQA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3b917e532e561418fd4cbd9ed13d74c6fdcfe43760baba25b48646bee82c59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97617
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 kHYkZ6w17_up1wf68AjGMYY8ComAHEL3IU7xuHPy9HXboIkx7dyMlqPlu43U-iusc1AN-sAXkWkI_knHpA=s1000
lh3.googleusercontent.com/ 153 KB
153 KB 23ms
23ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/kHYkZ6w17_up1wf68AjGMYY8ComAHEL3IU7xuHPy9HXboIkx7dyMlqPlu43U-iusc1AN-sAXkWkI_knHpA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

072840d08b89e9dac7a82b707d9608f0ceb936b44e749aebcd3987856f91c5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156234
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 XCIJfDpchX6RfOVz_QBtX5V4eFj8CVoiFHc4QiJOwc6BrUuikKnQOikYNWgxXza5eQxrni1IwY32ZqLqbA=s300
lh3.googleusercontent.com/ 25 KB
25 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/XCIJfDpchX6RfOVz_QBtX5V4eFj8CVoiFHc4QiJOwc6BrUuikKnQOikYNWgxXza5eQxrni1IwY32ZqLqbA=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8b11e15adbacbab0f4ee02c6b7ccb3f3b47290fcc2b793f37eff7784fe5ab85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25552
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 12 KB
12 KB 6ms
5ms Font
font/woff 2a00:1450:4001:825::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paybackpages.com
Referer: https://fonts.googleapis.com/css?family=Teko:300,400,700|Dosis:200,400,800|Abel|Yellowtail|Permanent+Marker|Arvo:400,700|Playfair+Display:400,900,400italic,900italic|Codystar|Viga|Rozha+One|Fredericka+the+Great|Sail|Gravitas+One|Quicksand:300,400,700|Petit+Formal+Script|Wire+One|Mr+Dafoe|Oranienbaum|Bitter:400,700|Lobster|Kreon:400,700|Fugaz+One|Anton|Rokkitt|Libre+Baskerville:400,700,400italic|Copse|UnifrakturCook:700|Grand+Hotel|Muli|Monoton|Droid+Serif:400,700italic|Bangers|Pacifico|UnifrakturMaguntia|Francois+One|Rubik+Mono+One|Qwigley|Geo|Oswald|Passion+One|Chewy|Changa+One|Merriweather|Montserrat|Bevan|Damion|Play|Oxygen|Playfair+Display+SC:400,900,700,400italic|Love+Ya+Like+A+Sister|Hammersmith+One|Prata|Roboto+Condensed:400,300,700|Ultra|Six+Caps|Open+Sans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 01:43:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:12 GMT
server: sffe
age: 183236
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12672
x-xss-protection: 0
expires: Sun, 30 Jan 2022 01:43:13 GMT

GET
H2 200 helveticaneuethn-webfont.woff
storage.googleapis.com/xprs_resources/fonts/ 20 KB
21 KB 29ms
6ms Font
application/font-woff 2a00:1450:4001:829::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/xprs_resources/fonts/helveticaneuethn-webfont.woff
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a58dc6fb2f3b66f79f04117b0abcb7f84c01eddeee2336f2e63d601e5151c650

Request headers

Origin: https://paybackpages.com
Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 03:51:44 GMT
age: 2725
x-guploader-uploadid: ABg5-UxQ0b6Ka_yTE64vJ7D1aMKrzKLLlep2yNFefgX77a0c6AZldsQmcUiRsalpfyZenRTup6wMfJ_mMq_UiZTwi3pJ6g3KLg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20788
last-modified: Wed, 26 Oct 2016 15:08:53 GMT
server: UploadServer
etag: "e4c355bf7b632154c58592cd79e292c8"
x-goog-hash: crc32c=yTXBKQ==, md5=5MNVv3tjIVTFhZLNeeKSyA==
x-goog-generation: 1477494533839000
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 20788
accept-ranges: bytes
content-type: application/font-woff
expires: Mon, 01 Feb 2021 04:51:44 GMT

GET
H3-Q050 200 PKCRbVvRfd5n7BTjtGiFZBsxEYwM7FgeyaSgU71cLG0.woff
themes.googleusercontent.com/static/fonts/raleway/v7/ 37 KB
37 KB 35ms
20ms Font
font/woff 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.googleusercontent.com/static/fonts/raleway/v7/PKCRbVvRfd5n7BTjtGiFZBsxEYwM7FgeyaSgU71cLG0.woff

Requested by

Host: www.paybackpages.com
URL: https://www.paybackpages.com/css/fonts.css?v=1.5.5a

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95e72f4055ef6c3ca5a9bc1173a4ba7456d4bec635c003d935d4c45de562f6e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paybackpages.com
Referer: https://www.paybackpages.com/css/fonts.css?v=1.5.5a
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 13:46:57 GMT
x-content-type-options: nosniff
age: 571812
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37632
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jan 2022 13:46:57 GMT

GET
H3-Q050 200 Noh7kIm5kfqbPDsQ7iI6rTN4euBfQ7VMAlvb1SR-86_5iQtOVXQ3_UURL-N-97M-RWfKGNH6zjcbX9dCQW8=s30
lh3.googleusercontent.com/ 1020 B
1 KB 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Noh7kIm5kfqbPDsQ7iI6rTN4euBfQ7VMAlvb1SR-86_5iQtOVXQ3_UURL-N-97M-RWfKGNH6zjcbX9dCQW8=s30

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c0bf440c314408e0ed82a3c5dfea26822122c4d115ffd3db7a7dde897b9f3786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 01:45:24 GMT
x-content-type-options: nosniff
age: 10305
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1020
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 29 Jan 2021 09:20:00 GMT

GET
H3-Q050 200 qb-w6aeqHYk-_RZ-jdJ6I2bD4L9CkHqEUT_lurYsbhnJfOVZaYnB2oCkx5DiHlQcyT7Un1H3vhy9OkdDNx4=s240
lh3.googleusercontent.com/ 6 KB
6 KB 21ms
20ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/qb-w6aeqHYk-_RZ-jdJ6I2bD4L9CkHqEUT_lurYsbhnJfOVZaYnB2oCkx5DiHlQcyT7Un1H3vhy9OkdDNx4=s240

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4da14914ee43023c6edbaaaf1f10022b0c4ddbf61b2c10fbb65d1b051819e41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5868
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 ZMARmveTg1geksYKXZKdh71KW09XrhDLg8N-XrfXCGsDBEHnuKwhmYpHd55Y2-NwuwLX8qsyx26JNyJWtr1jEcxD=s50
lh3.googleusercontent.com/ 265 B
341 B 6ms
6ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ZMARmveTg1geksYKXZKdh71KW09XrhDLg8N-XrfXCGsDBEHnuKwhmYpHd55Y2-NwuwLX8qsyx26JNyJWtr1jEcxD=s50

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9060a290f229a10d3358d3fb1d89df6eb0e085ce49e1e14a751febb50c27f69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 02:24:41 GMT
x-content-type-options: nosniff
age: 7948
content-disposition: inline;filename="unnamed.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 265
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 28 Jan 2021 05:58:56 GMT

GET
H2 200 effects.css
www.paybackpages.com/css/ 30 KB
3 KB 133ms
133ms Stylesheet
text/css 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/css/effects.css?v=1.5.5a
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6ca1e190c06a9facaf508370778549501a67aa3dca501e2a6fc31f02ed559ee7

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
content-encoding: gzip
server: Google Frontend
etag: "kU2fsw"
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: eb3c29e09cde405afee1e1f89534ff41
cache-control: public, max-age=31536000
access-control-allow-credentials: true
expires: Tue, 01 Feb 2022 04:37:09 GMT

GET
H2 200 lightbox.css
www.paybackpages.com/css/ 2 KB
809 B 13ms
13ms Stylesheet
text/css 2a00:1450:4001:818::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.paybackpages.com/css/lightbox.css?v=1.5.5a
Requested by: Host: paybackpages.com
URL: https://paybackpages.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 23d3daa5d89b2aa01b7e0195a5880244221cadf5ecc84294981641dda32a9d50

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 19:00:37 GMT
content-encoding: gzip
server: Google Frontend
age: 34592
etag: "kU2fsw"
content-type: text/css
access-control-allow-origin: *
x-cloud-trace-context: 9ee0582afcfa4fcdfc8a2d4f858bc446
cache-control: public, max-age=31536000
access-control-allow-credentials: true
content-length: 697
expires: Mon, 31 Jan 2022 19:00:37 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
388 B 47ms
13ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=163069827&t=pageview&_s=1&dl=https%3A%2F%2Fpaybackpages.com%2F&ul=en-us&de=UTF-8&dt=Payback%20Pages%20%7C%20Website%20Builder&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1397317020&gjid=1884450415&cid=1388654907.1612154230&tid=UA-144971461-1&_gid=450160514.1612154230&_r=1&_slc=1&z=1590768370

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paybackpages.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 app.js Show response
static-v.tawk.to/709/ 503 KB
111 KB 478ms
474ms Script
application/javascript 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/709/app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5d506ff777aa790be32e6df1/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://paybackpages.com
Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07fd7a6c860000d6b9129d3000000001
last-modified: Fri, 15 Jan 2021 22:41:20 GMT
server: cloudflare
etag: W/"d4160b3dd3f8809cdee87d79588bd521"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 61a8f9c0d9a7d6b9-FRA

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1 KB 713ms
711ms XHR
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=5d506ff777aa790be32e6df1&widgetId=default

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf7f03c5daea20075a1893ae41f311610b72750ae7ecac6dc473097aea03ae38

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=0; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07fd7a6e9a0000d6b9e2915000000001
x-served-by: visitor-application-preemptive-9340
server: cloudflare
etag: W/"1-4-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400, s-maxage=14400
cf-ray: 61a8f9c42c78d6b9-FRA

POST
H2 200 1612154230431 Show response
va.tawk.to/register/ 686 B
1 KB 214ms
199ms XHR
application/json 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1612154230431

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83c517f7b3650437195b6081daa2ce50f36ccafffceba176bc6855526beb6cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 01 Feb 2021 04:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07fd7a6eb000002c325d02a000000001
x-served-by: visitor-application-preemptive-6kc5
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://paybackpages.com
vary: Accept-Encoding
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 61a8f9c448532c32-FRA
access-control-allow-headers: origin, content-type

GET
H3-Q050 200 pK49DNFhG6-3cjK5HIIqh3JV-1Fw3SiYfQ8cwrl2XanDTziqo1NhHIG1MdFXblCnwn-SqEUYFQ2S-wsG=s1600
lh3.googleusercontent.com/ 233 KB
233 KB 21ms
21ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pK49DNFhG6-3cjK5HIIqh3JV-1Fw3SiYfQ8cwrl2XanDTziqo1NhHIG1MdFXblCnwn-SqEUYFQ2S-wsG=s1600

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ed8647499de47c72d361d9a443a734a2f858af66ac48321061825a254e423eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238701
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 pK49DNFhG6-3cjK5HIIqh3JV-1Fw3SiYfQ8cwrl2XanDTziqo1NhHIG1MdFXblCnwn-SqEUYFQ2S-wsG=s300
lh3.googleusercontent.com/ 16 KB
16 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pK49DNFhG6-3cjK5HIIqh3JV-1Fw3SiYfQ8cwrl2XanDTziqo1NhHIG1MdFXblCnwn-SqEUYFQ2S-wsG=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1a115a526160ecf9309e4cf8d9c1d25430dba6b18705e0883ee085a25858a916

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 ivMgBb-a7vuq8ikBgYiWDqRyHKbvSRFn7NDE3qdg2OoujCOy_Ve4ita2OK5y_X7AwpsuZrefhept1grAuA=s1066
lh3.googleusercontent.com/ 69 KB
69 KB 240ms
239ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ivMgBb-a7vuq8ikBgYiWDqRyHKbvSRFn7NDE3qdg2OoujCOy_Ve4ita2OK5y_X7AwpsuZrefhept1grAuA=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3497ef16d6072cda11072f981f565c8475a73023594e32d7d7c62edafe00a954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70815
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 ivMgBb-a7vuq8ikBgYiWDqRyHKbvSRFn7NDE3qdg2OoujCOy_Ve4ita2OK5y_X7AwpsuZrefhept1grAuA=s300
lh3.googleusercontent.com/ 9 KB
9 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ivMgBb-a7vuq8ikBgYiWDqRyHKbvSRFn7NDE3qdg2OoujCOy_Ve4ita2OK5y_X7AwpsuZrefhept1grAuA=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2744bf2c88546b794b6fe7bffcf324ec027d4e1d0ab7d5db44bc0ca20533516c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9501
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 d1WJH0DzHKTNdCyKVB1Z7_8s5xEBSswker6aKcj0sOVDHXSy62tdWZ7gaN8iw21nlarNM_iZyVZvoPjeMg=s1066
lh3.googleusercontent.com/ 121 KB
122 KB 230ms
229ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/d1WJH0DzHKTNdCyKVB1Z7_8s5xEBSswker6aKcj0sOVDHXSy62tdWZ7gaN8iw21nlarNM_iZyVZvoPjeMg=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e90429b0a55a3d79082726a41040fa3f5c310fa78cab69921fde7e02e0024675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124415
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 d1WJH0DzHKTNdCyKVB1Z7_8s5xEBSswker6aKcj0sOVDHXSy62tdWZ7gaN8iw21nlarNM_iZyVZvoPjeMg=s300
lh3.googleusercontent.com/ 21 KB
21 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/d1WJH0DzHKTNdCyKVB1Z7_8s5xEBSswker6aKcj0sOVDHXSy62tdWZ7gaN8iw21nlarNM_iZyVZvoPjeMg=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cc249d8edbd61c0889539b046d4fa32d6c1406a1e5980ec144e735e88a1317cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21113
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 avIbiZp5PaQz0A-cz0jvIKOy2vDZu6pt2OKCu_2cj7qaajdTalf4a_tcH86UPejyt_31tP-v2fqtYFvKRA=s1066
lh3.googleusercontent.com/ 99 KB
99 KB 243ms
242ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/avIbiZp5PaQz0A-cz0jvIKOy2vDZu6pt2OKCu_2cj7qaajdTalf4a_tcH86UPejyt_31tP-v2fqtYFvKRA=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

08a89c21a32d47e74ff045af4f1f319d8f7d366866e66326a16444e161a95720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101451
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 avIbiZp5PaQz0A-cz0jvIKOy2vDZu6pt2OKCu_2cj7qaajdTalf4a_tcH86UPejyt_31tP-v2fqtYFvKRA=s300
lh3.googleusercontent.com/ 13 KB
13 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/avIbiZp5PaQz0A-cz0jvIKOy2vDZu6pt2OKCu_2cj7qaajdTalf4a_tcH86UPejyt_31tP-v2fqtYFvKRA=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db7bec2301b318d6ea57afaebdb670ff7f6062d681f47faf64abb89faaaaf0ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13481
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 YRvqmOZWQ_0f6dF96_p0MVpxbMhX_D5UpvYZgHsFrNA2IGeDpNd4DOOCM25E3lYdHKSoY3G3ra8zytscPA=s1066
lh3.googleusercontent.com/ 133 KB
133 KB 241ms
241ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YRvqmOZWQ_0f6dF96_p0MVpxbMhX_D5UpvYZgHsFrNA2IGeDpNd4DOOCM25E3lYdHKSoY3G3ra8zytscPA=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

527f9680b59667f80fe17f58f2b1540b770b28c0cd3055502465403e75364b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136655
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 YRvqmOZWQ_0f6dF96_p0MVpxbMhX_D5UpvYZgHsFrNA2IGeDpNd4DOOCM25E3lYdHKSoY3G3ra8zytscPA=s300
lh3.googleusercontent.com/ 18 KB
18 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YRvqmOZWQ_0f6dF96_p0MVpxbMhX_D5UpvYZgHsFrNA2IGeDpNd4DOOCM25E3lYdHKSoY3G3ra8zytscPA=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

82229fbe326ea5a71d03fc761f7afe29765b7726d9b9d196136b70cb8bc21aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18595
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 _hNKD2GDt-lHt-U1qTbEsPy7xyREb978WiivtJV9o1gLJCwJtIfcH1MxLtiwEKc6eE9WKONZDbfsKysFJg=s1066
lh3.googleusercontent.com/ 106 KB
106 KB 239ms
239ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_hNKD2GDt-lHt-U1qTbEsPy7xyREb978WiivtJV9o1gLJCwJtIfcH1MxLtiwEKc6eE9WKONZDbfsKysFJg=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d11d3c8b9733c7a4dc952570fb775f8c3bfded50743b5e27f03b91174a6b70a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108907
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 _hNKD2GDt-lHt-U1qTbEsPy7xyREb978WiivtJV9o1gLJCwJtIfcH1MxLtiwEKc6eE9WKONZDbfsKysFJg=s300
lh3.googleusercontent.com/ 17 KB
17 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_hNKD2GDt-lHt-U1qTbEsPy7xyREb978WiivtJV9o1gLJCwJtIfcH1MxLtiwEKc6eE9WKONZDbfsKysFJg=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

a527d3967fa0acc1d9bbe75e7896112eaa601ab73a85e9c92730109a7d3dca7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17081
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 45Pa0jQ3dAFWHxhB_Ra_44fE7zQTA0F7jRkIOL6Uy2LoygyDvP-IxMqZw4l6RPeWcnbQJkWkmxoCfQSy=s1066
lh3.googleusercontent.com/ 92 KB
93 KB 232ms
232ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/45Pa0jQ3dAFWHxhB_Ra_44fE7zQTA0F7jRkIOL6Uy2LoygyDvP-IxMqZw4l6RPeWcnbQJkWkmxoCfQSy=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8fb1ddc917cd52fc981579f4672c82120cbd490b2a434a0e5280f722f5893d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94705
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 45Pa0jQ3dAFWHxhB_Ra_44fE7zQTA0F7jRkIOL6Uy2LoygyDvP-IxMqZw4l6RPeWcnbQJkWkmxoCfQSy=s300
lh3.googleusercontent.com/ 15 KB
15 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/45Pa0jQ3dAFWHxhB_Ra_44fE7zQTA0F7jRkIOL6Uy2LoygyDvP-IxMqZw4l6RPeWcnbQJkWkmxoCfQSy=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

de2d8a5902dd6ed5d0452092c3c6bfbd655ac576126b0b6033aeacd0ae9029e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15463
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 0e6Z4va0KByZXtzGjGiym5vjHVyquVibFgRIlVASG1zGg35aJ5-bAs2GfpycJ5fdSB-7hXXDzgRB382s5gA=s1000
lh3.googleusercontent.com/ 116 KB
116 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/0e6Z4va0KByZXtzGjGiym5vjHVyquVibFgRIlVASG1zGg35aJ5-bAs2GfpycJ5fdSB-7hXXDzgRB382s5gA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f9992cd3147c2570504ae34a0f23db98202956ac73aaed08a809f716d1e9b346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118780
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 PSxwi2O1Y_cVJnWOOBGjcR16d-nF0NbfCfdnPtu64rLhpm_CiaE1o5CXrHcuK4i7-uri-HBJLSj4tIVaQA=s1000
lh3.googleusercontent.com/ 95 KB
95 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PSxwi2O1Y_cVJnWOOBGjcR16d-nF0NbfCfdnPtu64rLhpm_CiaE1o5CXrHcuK4i7-uri-HBJLSj4tIVaQA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3b917e532e561418fd4cbd9ed13d74c6fdcfe43760baba25b48646bee82c59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97617
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 9BDC 7 KB
620 B 44ms
31ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 03:45:39 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 8232 7 KB
1 KB 37ms
30ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 03:23:38 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 755B 7 KB
620 B 38ms
38ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 01 Feb 2021 03:49:59 GMT
server: ESF
date: Mon, 01 Feb 2021 04:37:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 01 Feb 2021 04:37:11 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 755B 192 B
286 B 18ms
17ms Stylesheet
text/css 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1741230
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 152
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
x-served-by: cache-fra19176-FRA
date: Mon, 01 Feb 2021 04:37:11 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 755B 295 KB
53 KB 18ms
18ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1132195
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 53889
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
x-served-by: cache-fra19176-FRA
date: Mon, 01 Feb 2021 04:37:11 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsb31.tawk.to/s/ 101 B
330 B 445ms
438ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsb31.tawk.to/s/?k=601785762affac39584cd884&u=ksGJPv6ku%2FyDNi0UxJtw74EJZ2R468WEosZNKsQEAX3xtY5X5oj%2B5TR9eZYic4y%2B&uv=2&a=5d506ff777aa790be32e6df1&cver=0&pop=false&jv=709&asver=53&ust=false&EIO=3&transport=polling&__t=NTRuLcE

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ce6d259b80d1613a7d7608605303e60076ec45dadd0ac9c486fb439f118674a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://paybackpages.com
access-control-allow-credentials: true
cf-ray: 61a8f9c8fe192c32-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 101
cf-request-id: 07fd7a719600002c326821d000000001

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 755B 413 B
539 B 7ms
6ms Image
image/png 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 2079030
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 413
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
x-served-by: cache-fra19176-FRA
date: Mon, 01 Feb 2021 04:37:11 GMT
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H3-Q050 200 kHYkZ6w17_up1wf68AjGMYY8ComAHEL3IU7xuHPy9HXboIkx7dyMlqPlu43U-iusc1AN-sAXkWkI_knHpA=s1000
lh3.googleusercontent.com/ 153 KB
153 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/kHYkZ6w17_up1wf68AjGMYY8ComAHEL3IU7xuHPy9HXboIkx7dyMlqPlu43U-iusc1AN-sAXkWkI_knHpA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

072840d08b89e9dac7a82b707d9608f0ceb936b44e749aebcd3987856f91c5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156234
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 XCIJfDpchX6RfOVz_QBtX5V4eFj8CVoiFHc4QiJOwc6BrUuikKnQOikYNWgxXza5eQxrni1IwY32ZqLqbA=s1600
lh3.googleusercontent.com/ 278 KB
278 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/XCIJfDpchX6RfOVz_QBtX5V4eFj8CVoiFHc4QiJOwc6BrUuikKnQOikYNWgxXza5eQxrni1IwY32ZqLqbA=s1600

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

915ca53bb8804a4fa96fa483c92908d0695e0b6d1251dcb0835659e1780cce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 285062
x-xss-protection: 0
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 XCIJfDpchX6RfOVz_QBtX5V4eFj8CVoiFHc4QiJOwc6BrUuikKnQOikYNWgxXza5eQxrni1IwY32ZqLqbA=s300
lh3.googleusercontent.com/ 25 KB
25 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/XCIJfDpchX6RfOVz_QBtX5V4eFj8CVoiFHc4QiJOwc6BrUuikKnQOikYNWgxXza5eQxrni1IwY32ZqLqbA=s300

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8b11e15adbacbab0f4ee02c6b7ccb3f3b47290fcc2b793f37eff7784fe5ab85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 2
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25552
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H2 200 / Show response
vsb31.tawk.to/s/ 77 B
186 B 438ms
438ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

278682a6fddd9119e35a06fe2f59d106c4624f8a656c428c48e3cda21b5e0c35

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://paybackpages.com
access-control-allow-credentials: true
cf-ray: 61a8f9cbb90d2c32-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77
cf-request-id: 07fd7a735000002c32a98f8000000001

GET
H3-Q050 200 pK49DNFhG6-3cjK5HIIqh3JV-1Fw3SiYfQ8cwrl2XanDTziqo1NhHIG1MdFXblCnwn-SqEUYFQ2S-wsG=s1600
lh3.googleusercontent.com/ 233 KB
233 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pK49DNFhG6-3cjK5HIIqh3JV-1Fw3SiYfQ8cwrl2XanDTziqo1NhHIG1MdFXblCnwn-SqEUYFQ2S-wsG=s1600

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ed8647499de47c72d361d9a443a734a2f858af66ac48321061825a254e423eeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 238701
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:11 GMT

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
245 B 241ms
241ms XHR
text/html 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 01 Feb 2021 04:37:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07fd7a750700002c3235a8b000000001
x-served-by: visitor-application-preemptive-7vpm
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://paybackpages.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 61a8f9ce7c152c32-FRA
access-control-allow-headers: origin, content-type

GET
H2 200 / Show response
vsb31.tawk.to/s/ 4 B
89 B 532ms
532ms XHR
application/octet-stream 2606:4700:10::ac43:2642
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static-v.tawk.to
URL: https://static-v.tawk.to/709/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2642 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://paybackpages.com
access-control-allow-credentials: true
cf-ray: 61a8f9ce7c182c32-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4
cf-request-id: 07fd7a750800002c322ca48000000001

GET
H3-Q050 200 ivMgBb-a7vuq8ikBgYiWDqRyHKbvSRFn7NDE3qdg2OoujCOy_Ve4ita2OK5y_X7AwpsuZrefhept1grAuA=s1066
lh3.googleusercontent.com/ 69 KB
69 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/ivMgBb-a7vuq8ikBgYiWDqRyHKbvSRFn7NDE3qdg2OoujCOy_Ve4ita2OK5y_X7AwpsuZrefhept1grAuA=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3497ef16d6072cda11072f981f565c8475a73023594e32d7d7c62edafe00a954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70815
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 d1WJH0DzHKTNdCyKVB1Z7_8s5xEBSswker6aKcj0sOVDHXSy62tdWZ7gaN8iw21nlarNM_iZyVZvoPjeMg=s1066
lh3.googleusercontent.com/ 121 KB
122 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/d1WJH0DzHKTNdCyKVB1Z7_8s5xEBSswker6aKcj0sOVDHXSy62tdWZ7gaN8iw21nlarNM_iZyVZvoPjeMg=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e90429b0a55a3d79082726a41040fa3f5c310fa78cab69921fde7e02e0024675

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124415
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 avIbiZp5PaQz0A-cz0jvIKOy2vDZu6pt2OKCu_2cj7qaajdTalf4a_tcH86UPejyt_31tP-v2fqtYFvKRA=s1066
lh3.googleusercontent.com/ 99 KB
99 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/avIbiZp5PaQz0A-cz0jvIKOy2vDZu6pt2OKCu_2cj7qaajdTalf4a_tcH86UPejyt_31tP-v2fqtYFvKRA=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

08a89c21a32d47e74ff045af4f1f319d8f7d366866e66326a16444e161a95720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101451
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 YRvqmOZWQ_0f6dF96_p0MVpxbMhX_D5UpvYZgHsFrNA2IGeDpNd4DOOCM25E3lYdHKSoY3G3ra8zytscPA=s1066
lh3.googleusercontent.com/ 133 KB
133 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/YRvqmOZWQ_0f6dF96_p0MVpxbMhX_D5UpvYZgHsFrNA2IGeDpNd4DOOCM25E3lYdHKSoY3G3ra8zytscPA=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

527f9680b59667f80fe17f58f2b1540b770b28c0cd3055502465403e75364b2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136655
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 _hNKD2GDt-lHt-U1qTbEsPy7xyREb978WiivtJV9o1gLJCwJtIfcH1MxLtiwEKc6eE9WKONZDbfsKysFJg=s1066
lh3.googleusercontent.com/ 106 KB
106 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_hNKD2GDt-lHt-U1qTbEsPy7xyREb978WiivtJV9o1gLJCwJtIfcH1MxLtiwEKc6eE9WKONZDbfsKysFJg=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d11d3c8b9733c7a4dc952570fb775f8c3bfded50743b5e27f03b91174a6b70a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108907
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 45Pa0jQ3dAFWHxhB_Ra_44fE7zQTA0F7jRkIOL6Uy2LoygyDvP-IxMqZw4l6RPeWcnbQJkWkmxoCfQSy=s1066
lh3.googleusercontent.com/ 92 KB
93 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/45Pa0jQ3dAFWHxhB_Ra_44fE7zQTA0F7jRkIOL6Uy2LoygyDvP-IxMqZw4l6RPeWcnbQJkWkmxoCfQSy=s1066

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8fb1ddc917cd52fc981579f4672c82120cbd490b2a434a0e5280f722f5893d67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94705
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:11 GMT

GET
H3-Q050 200 0e6Z4va0KByZXtzGjGiym5vjHVyquVibFgRIlVASG1zGg35aJ5-bAs2GfpycJ5fdSB-7hXXDzgRB382s5gA=s1000
lh3.googleusercontent.com/ 116 KB
116 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/0e6Z4va0KByZXtzGjGiym5vjHVyquVibFgRIlVASG1zGg35aJ5-bAs2GfpycJ5fdSB-7hXXDzgRB382s5gA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f9992cd3147c2570504ae34a0f23db98202956ac73aaed08a809f716d1e9b346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 3
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118780
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 PSxwi2O1Y_cVJnWOOBGjcR16d-nF0NbfCfdnPtu64rLhpm_CiaE1o5CXrHcuK4i7-uri-HBJLSj4tIVaQA=s1000
lh3.googleusercontent.com/ 95 KB
95 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PSxwi2O1Y_cVJnWOOBGjcR16d-nF0NbfCfdnPtu64rLhpm_CiaE1o5CXrHcuK4i7-uri-HBJLSj4tIVaQA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e3b917e532e561418fd4cbd9ed13d74c6fdcfe43760baba25b48646bee82c59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 3
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97617
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 kHYkZ6w17_up1wf68AjGMYY8ComAHEL3IU7xuHPy9HXboIkx7dyMlqPlu43U-iusc1AN-sAXkWkI_knHpA=s1000
lh3.googleusercontent.com/ 153 KB
153 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/kHYkZ6w17_up1wf68AjGMYY8ComAHEL3IU7xuHPy9HXboIkx7dyMlqPlu43U-iusc1AN-sAXkWkI_knHpA=s1000

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

072840d08b89e9dac7a82b707d9608f0ceb936b44e749aebcd3987856f91c5fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:09 GMT
x-content-type-options: nosniff
age: 3
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156234
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:09 GMT

GET
H3-Q050 200 XCIJfDpchX6RfOVz_QBtX5V4eFj8CVoiFHc4QiJOwc6BrUuikKnQOikYNWgxXza5eQxrni1IwY32ZqLqbA=s1600
lh3.googleusercontent.com/ 278 KB
278 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/XCIJfDpchX6RfOVz_QBtX5V4eFj8CVoiFHc4QiJOwc6BrUuikKnQOikYNWgxXza5eQxrni1IwY32ZqLqbA=s1600

Requested by

Host: paybackpages.com
URL: https://paybackpages.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

915ca53bb8804a4fa96fa483c92908d0695e0b6d1251dcb0835659e1780cce41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paybackpages.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 04:37:11 GMT
x-content-type-options: nosniff
age: 1
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 285062
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 02 Feb 2021 04:37:11 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paybackpages.com/	1970-01-19 15:49:14	Name: _gat Value: 1
.paybackpages.com/	1970-01-19 15:50:40	Name: _gid Value: GA1.2.450160514.1612154230
.paybackpages.com/	1970-01-20 09:20:26	Name: _ga Value: GA1.2.1388654907.1612154230
.paybackpages.com/	1970-01-20 00:34:50	Name: os_visitor Value: 47f6880fce92

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
code.jquery.com
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
imos006-dot-im--os.appspot.com
lh3.googleusercontent.com
paybackpages.com
static-v.tawk.to
storage.googleapis.com
themes.googleusercontent.com
va.tawk.to
vsb31.tawk.to
www.google-analytics.com
www.paybackpages.com
www.youtube.com
2001:4de0:ac19::1:b:3b
2606:4700:10::ac43:2642
2a00:1450:4001:803::200a
2a00:1450:4001:809::200a
2a00:1450:4001:812::200e
2a00:1450:4001:818::2013
2a00:1450:4001:821::200e
2a00:1450:4001:825::2003
2a00:1450:4001:829::2010
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2014
2a04:4e42:3::621
34.96.116.138
0231fb205e734ab88f10ac166de4310ad47e2cd136ac51edc9e67e0b6d717f92
05a63960df2f631833b1dca602953e7ad93172c0f924db349216eea5fb64f08d
072840d08b89e9dac7a82b707d9608f0ceb936b44e749aebcd3987856f91c5fc
08a89c21a32d47e74ff045af4f1f319d8f7d366866e66326a16444e161a95720
0e052a42588678115282200dfcf7a9e187ac63bcc6828521886de793221b2c24
16236a16a95009024cebc75718409ad144ef5dd78a3227a44b4f642ae2cfff07
1a115a526160ecf9309e4cf8d9c1d25430dba6b18705e0883ee085a25858a916
22af5bc82c5abf9d2d53d5252b2ae15c04c39b2e67d39d9150ace8b3b9fe6809
23d3daa5d89b2aa01b7e0195a5880244221cadf5ecc84294981641dda32a9d50
2744bf2c88546b794b6fe7bffcf324ec027d4e1d0ab7d5db44bc0ca20533516c
278682a6fddd9119e35a06fe2f59d106c4624f8a656c428c48e3cda21b5e0c35
2b7143314c5743afae6d03151cec7e91b5a809bc1cb534606427a0192d42b10a
3497ef16d6072cda11072f981f565c8475a73023594e32d7d7c62edafe00a954
34b0d845d41d3e72767411bcb3fe6930015539d8b2339706d191db60d7cb98a0
3d6de80de5e0ae52ef1ad216786b952b781b7c95f4297675dd2a81d70985bedf
4d0043cf27b66c2a38040edf85abca8596be2d9368c73bef172a668160e50665
4da14914ee43023c6edbaaaf1f10022b0c4ddbf61b2c10fbb65d1b051819e41e
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
527f9680b59667f80fe17f58f2b1540b770b28c0cd3055502465403e75364b2c
5ce6d259b80d1613a7d7608605303e60076ec45dadd0ac9c486fb439f118674a
5e3ea5d67c2e5ea5baf0ca91a3fe48af307b503341667bd95f0136fd46593fc7
5e8d03af278882b7739136ba7bab695fead53266d6417e3571dd8308735a7969
683a33fe781f40e8cd50572a31d2abb55e91a211a4b31d04aaa200f9e940f261
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
6ca1e190c06a9facaf508370778549501a67aa3dca501e2a6fc31f02ed559ee7
71792b5773205a4c4bd25309ddc60397218c2f94f989686cba479df1195d3421
7cb4efd75d841420c32a07f5880f53c1b59a78a2ca21e4c805a6a10c0f1ad429
82229fbe326ea5a71d03fc761f7afe29765b7726d9b9d196136b70cb8bc21aee
83c517f7b3650437195b6081daa2ce50f36ccafffceba176bc6855526beb6cad
884663c1137f80922a8e50d96df7b23ba59ea46caf3bf6cd89b38e231decf4e5
8b11e15adbacbab0f4ee02c6b7ccb3f3b47290fcc2b793f37eff7784fe5ab85d
8fb1ddc917cd52fc981579f4672c82120cbd490b2a434a0e5280f722f5893d67
8fe68a79ff7e8b9ccdce4e20adb572b32db90aad5e1b3b1bcb290ab357bb88c1
9060a290f229a10d3358d3fb1d89df6eb0e085ce49e1e14a751febb50c27f69a
915ca53bb8804a4fa96fa483c92908d0695e0b6d1251dcb0835659e1780cce41
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
95e72f4055ef6c3ca5a9bc1173a4ba7456d4bec635c003d935d4c45de562f6e7
99035e8daf3882d8587a0b37f3b4bbe3d9d5e02c1ab8353dcd0fe323d2e33832
9a125df1d257d6cc1f82f703c40b513df8a6cfa1b710c5f7955e97aaebb496aa
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a161403c902e2d09ec6bccc2b6b878042106910ca721dfef5704667dd4d800c4
a333cdf6c3ad96cd6a310a52c96467e71aabbe4bb091db62db9989587df38753
a527d3967fa0acc1d9bbe75e7896112eaa601ab73a85e9c92730109a7d3dca7c
a58dc6fb2f3b66f79f04117b0abcb7f84c01eddeee2336f2e63d601e5151c650
a64587179f88ce099e304e1aba99e844db374d0b49c6db9fcdb79f18fa72c889
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
bce587a05f16dcc4c6160c77318f9cbc0253c0c178469bdf4dcb3ee74a4c6009
bf7f03c5daea20075a1893ae41f311610b72750ae7ecac6dc473097aea03ae38
c0bf440c314408e0ed82a3c5dfea26822122c4d115ffd3db7a7dde897b9f3786
c68d781eeb01bd19249e5301c2e13974cf71f00e32efe05c043b14142c0d2a00
cad8b633b2473968c24cefa9e645cae054a2e5c2bf2c62053c36c7ea5bf2912c
cc249d8edbd61c0889539b046d4fa32d6c1406a1e5980ec144e735e88a1317cb
d11d3c8b9733c7a4dc952570fb775f8c3bfded50743b5e27f03b91174a6b70a0
db7bec2301b318d6ea57afaebdb670ff7f6062d681f47faf64abb89faaaaf0ca
de2d8a5902dd6ed5d0452092c3c6bfbd655ac576126b0b6033aeacd0ae9029e1
e3b917e532e561418fd4cbd9ed13d74c6fdcfe43760baba25b48646bee82c59c
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e90429b0a55a3d79082726a41040fa3f5c310fa78cab69921fde7e02e0024675
ed8647499de47c72d361d9a443a734a2f858af66ac48321061825a254e423eeb
eedd352f8d2f1d480ed624c7c587be46404e6318001f059838baaa18ecf8682d
f20e26f58626bee6c98e4ae3b104bbf633079c4127beff649dd57afbbd6444e8
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f9992cd3147c2570504ae34a0f23db98202956ac73aaed08a809f716d1e9b346

paybackpages.com Open in urlscan Pro 34.96.116.138 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

89 Requests

100 %HTTPS

92 %IPv6

10 Domains

16 Subdomains

13 IPs

4 Countries

4087 kBTransfer

5382 kBSize

4 Cookies

7 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paybackpages.com Open in urlscan Pro
34.96.116.138 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

100 %
HTTPS

92 %
IPv6

10
Domains

16
Subdomains

13
IPs

4
Countries

4087 kB
Transfer

5382 kB
Size

4
Cookies

89 HTTP transactions
0 data transactions