midweekpay.com Open in urlscan Pro
45.60.151.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rugare.net/
Effective URL:
https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Submission: On December 19 via api (December 19th 2023, 11:54:50 pm UTC) from US — Scanned from US

Summary HTTP 66 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 1 countries across 14 domains to perform 66 HTTP transactions. The main IP is 45.60.151.59, located in United States and belongs to INCAPSULA, US. The main domain is midweekpay.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 31st 2023. Valid for: a year.

This is the only time midweekpay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	13.56.47.109 13.56.47.109	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:800... 2a04:4e42:800::282	54113 (FASTLY) (FASTLY)
10	2607:f8b0:400... 2607:f8b0:4004:c1d::5f	15169 (GOOGLE) (GOOGLE)
17	45.60.151.59 45.60.151.59	19551 (INCAPSULA) (INCAPSULA)
3	2607:f8b0:400... 2607:f8b0:4004:c08::5e	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
8	52.9.25.214 52.9.25.214	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4004:c17::71	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c17::9a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:210b:3a00:14:6bfc:5740:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::9c	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4004:c1b::93	15169 (GOOGLE) (GOOGLE)
2	52.92.163.144 52.92.163.144	16509 (AMAZON-02) (AMAZON-02)
1	54.68.106.248 54.68.106.248	16509 (AMAZON-02) (AMAZON-02)
66	16

1 13.56.47.109 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-47-109.us-west-1.compute.amazonaws.com

rugare.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 45.60.151.59 (United States)

ASN19551 (INCAPSULA, US)

midweekpay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.consumerconnecting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c08::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.9.25.214 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-25-214.us-west-1.compute.amazonaws.com

recorder-api.myidentitycheck.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4004:c17::71 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::9a (Washington, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:3a00:14:6bfc:5740:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.ywxi.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::9c (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4004:c1b::93 (Washington, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.92.163.144 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.68.106.248 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-106-248.us-west-2.compute.amazonaws.com

www.trustedsite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	midweekpay.com midweekpay.com	111 KB
10	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 357	213 KB
8	myidentitycheck.net recorder-api.myidentitycheck.net	163 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	72 KB
6	gstatic.com maps.gstatic.com fonts.gstatic.com	26 KB
5	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	2 KB
5	consumerconnecting.com www.consumerconnecting.com	10 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	236 KB
2	amazonaws.com s3-us-west-2.amazonaws.com	2 KB
1	trustedsite.com www.trustedsite.com — Cisco Umbrella Rank: 18820	996 B
1	ywxi.net cdn.ywxi.net — Cisco Umbrella Rank: 11150	6 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1345	611 B
1	rugare.net rugare.net	5 KB
66	14

	Domain	Requested by
12	midweekpay.com	rugare.net midweekpay.com
10	maps.googleapis.com	rugare.net maps.googleapis.com
8	recorder-api.myidentitycheck.net	midweekpay.com
6	www.google-analytics.com	midweekpay.com www.google-analytics.com
5	www.consumerconnecting.com	midweekpay.com www.consumerconnecting.com
4	www.google.com	midweekpay.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
3	fonts.gstatic.com	midweekpay.com
3	www.googletagmanager.com	midweekpay.com www.googletagmanager.com
3	maps.gstatic.com	maps.googleapis.com
2	s3-us-west-2.amazonaws.com	cdn.ywxi.net
1	www.trustedsite.com	cdn.ywxi.net
1	analytics.google.com	www.googletagmanager.com
1	cdn.ywxi.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	polyfill.io	rugare.net
1	rugare.net
66	17

This site contains links to these domains. Also see Links.

Domain
ccpaconsumerportal.com

Subject Issuer	Validity	Valid
polyfill.io Certainly Intermediate R1	`2023-12-02` - `2024-01-01`	a month	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
midweekpay.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-31` - `2024-11-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.myidentitycheck.net Sectigo RSA Domain Validation Secure Server CA	`2023-09-15` - `2024-09-28`	a year	crt.sh
*.consumerconnecting.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-15` - `2024-06-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.ywxi.net Amazon RSA 2048 M02	`2023-06-05` - `2024-07-03`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-08-03`	10 months	crt.sh
*.trustedsite.com Amazon RSA 2048 M01	`2023-02-09` - `2024-02-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Frame ID: 146B408DD5FD05A9675F0464B7FEC057
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Midweekpay.com - Login

Page URL History Show full URLs

http://rugare.net/ Page URL
https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

66
Requests

98 %
HTTPS

69 %
IPv6

14
Domains

17
Subdomains

16
IPs

1
Countries

849 kB
Transfer

2290 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://ccpaconsumerportal.com/?pcu=https://midweekpay.com/PrivacyPolicy
Title: CCPA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rugare.net/ Page URL
https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

66 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
rugare.net/ 19 KB
5 KB 244ms
102ms Document
text/html 13.56.47.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rugare.net/
Protocol: HTTP/1.1
Server: 13.56.47.109 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-56-47-109.us-west-1.compute.amazonaws.com
Software: nginx/1.22.0 / ASP.NET
Resource Hash: 2fa0481439082dd6208268557881490f03e96d3c2075abe452782258ea6d4c54

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 19 Dec 2023 23:54:43 GMT
Server: nginx/1.22.0
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: ASP.NET

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 104 B
611 B 124ms
46ms Script
text/javascript 2a04:4e42:800::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=default

Requested by

Host: rugare.net
URL: http://rugare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 23:54:43 GMT
age: 34927
detected-user-agent: Chrome/120.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121
referrer-policy: origin-when-cross-origin
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/120.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 176 KB
60 KB 243ms
89ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&callback=initMap&v=weekly

Requested by

Host: rugare.net
URL: http://rugare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

78d125282dabf915b220557b2c321b159cc500e740fd56c0d5b022f9ae2e3b87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61555
x-xss-protection: 0

GET
H3 200 gen_204
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 198ms
78ms XHR
application/json 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&callback=initMap&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: http://rugare.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/55/4/ 256 KB
57 KB 63ms
60ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&callback=initMap&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:24:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57512
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 23:24:18 GMT

GET
H2 200 util.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ 173 KB
54 KB 101ms
100ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&callback=initMap&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55175
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 23:06:30 GMT

GET
H2 200 map.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ 71 KB
23 KB 133ms
132ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&callback=initMap&v=weekly

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23771
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 23:51:47 GMT

GET
H3 200 infowindow.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ 8 KB
3 KB 67ms
65ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/infowindow.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&callback=initMap&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 22:40:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2779
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 22:40:17 GMT

GET
H2 200 Primary Request login Show response
midweekpay.com/ 9 KB
4 KB 600ms
377ms Document
text/html 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Requested by

Host: rugare.net
URL: http://rugare.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.151.59 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

db8338df35620853cfae74535f6e123aa89b794ea2dd6aab341d1137233df109

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://rugare.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 19 Dec 2023 23:54:44 GMT
server: Kestrel
vary: Accept-Encoding
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 13-89949697-89949701 nNNN RT(1703030083686 46) q(0 0 1 0) r(3 3) U12
x-incap-sess-cookie-hdr: +AFAOaRoHGPZoznwHeENE0QtgmUAAAAAzoZ35q25ceFJV3AYneriHg==
x-powered-by: ASP.NET

GET
H2 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ 326 B
848 B 333ms
61ms Image
image/bmp 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 19 Dec 2023 23:54:44 GMT

POST
H3 200 GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ 45 KB
7 KB 151ms
150ms XHR
application/json+protobuf 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&callback=initMap&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json+protobuf
X-Goog-Maps-Client-Id
Referer: http://rugare.net/
X-Goog-Api-Key: AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg
X-Goog-Maps-API-Signature: 55913
X-Goog-Maps-API-Salt: TgpEbEd2cR

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: http://rugare.net
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7391
x-xss-protection: 0

GET
H3 200 onion.js
maps.googleapis.com/maps-api-v3/api/js/55/4/ 26 KB
9 KB 166ms
162ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/55/4/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&callback=initMap&v=weekly

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 21:33:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8900
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 22:55:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 18 Dec 2024 21:33:29 GMT

OPTIONS
H3 200 GetViewportInfo
maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/ 0
0 172ms
168ms Preflight
text/html 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/$rpc/google.internal.maps.mapsjs.v1.MapsJsInternalService/GetViewportInfo

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
Access-Control-Request-Method: POST
Origin: http://rugare.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-goog-maps-api-salt,x-goog-maps-api-signature,x-goog-maps-client-id,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: http://rugare.net
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Tue, 19 Dec 2023 23:54:44 GMT
server: scaffolding on HTTPServer2
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 233 B
215 B 83ms
82ms Script
text/javascript 2607:f8b0:4004:c1d::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttp%3A%2F%2Frugare.net%2F&4sAIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&7m2&1e85&5e0&8b1&callback=_xdc_._vz5oh0&key=AIzaSyB41DRUbKWJHPxaFjMAwdrzWzbVKartNGg&token=12425

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 193
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon_error.png
maps.gstatic.com/mapfiles/api-3/images/ 450 B
530 B 64ms
62ms Image
image/png 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/icon_error.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 450
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 19 Dec 2023 23:54:44 GMT

GET
H2 200 icon_error.png
maps.gstatic.com/mapfiles/api-3/images/ 450 B
518 B 62ms
61ms Image
image/png 2607:f8b0:4004:c08::5e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/icon_error.png

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/55/4/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://rugare.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 450
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Tue, 19 Dec 2023 23:54:44 GMT

GET
H2 200 plugins.min.css
midweekpay.com/css/ 919 B
688 B 134ms
132ms Stylesheet
text/css 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://midweekpay.com/css/plugins.min.css?v=xRXTnFMDHB-bJ9d9OBjGWl2xjlC1HYO0lowvCzjncus

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.151.59 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

c515d39c53031c1f9b27d77d3818c65a5db18e50b51d83b4968c2f0b38e772eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 14:27:04 GMT
server: Kestrel
x-cdn: Imperva
etag: "1d85b0c08096f97"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-iinfo: 13-89949697-89949701 pNNN RT(1703030083686 437) q(0 0 0 -1) r(1 1) U2
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 site.min.css
midweekpay.com/css/ 28 KB
8 KB 138ms
137ms Stylesheet
text/css 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://midweekpay.com/css/site.min.css?v=KsZyNDXYCzqWJlt3amKF2ofX6ZrZn1s4hsNNj-DlH38

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.151.59 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

2ac6723435d80b3a96265b776a6285da87d7e99ad99f5b3886c34d8fe0e51f7f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 17:11:10 GMT
server: Kestrel
x-cdn: Imperva
etag: "1da2f79b2e8bb33"
x-powered-by: ASP.NET
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
x-iinfo: 13-89949697-89949701 pNNN RT(1703030083686 441) q(0 0 0 -1) r(1 1) U2
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 174 KB
64 KB 228ms
84ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-87592445-1

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b48c7d9a3ca0fd7a26de3dec608227357a6d0c200785d340d96a28b555813e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64898
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 23:54:44 GMT

GET
H2 200 plugins.min.js Show response
midweekpay.com/js/ 112 KB
50 KB 38ms
37ms Script
application/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://midweekpay.com/js/plugins.min.js?v=NegVE-BNi7mweg-ZjPtfkHsbH26GngTnqMONLNi6_ys
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 35e81513e04d8bb9b07a0f998cfb5f907b1b1f6e869e04e7a8c38d2cd8baff2b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 14:27:04 GMT
x-cdn: Imperva
etag: "1d85b0c0808ad25"
content-type: application/javascript
x-iinfo: 13-89949697-0 0CNN RT(1703030083686 606) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=47143, public
content-length: 50820
expires: Wed, 20 Dec 2023 13:00:27 GMT

GET
H2 200 site.min.js Show response
midweekpay.com/js/ 7 KB
3 KB 104ms
98ms Script
application/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://midweekpay.com/js/site.min.js?v=L4GQ_OlQ9F_19kjUuv3Grk-c3fy9TL-Cm5EY6VmnMqY
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2f8190fce950f45ff5f648d4bafdc6ae4f9cddfcbd4cbf829b9118e959a732a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
last-modified: Fri, 15 Dec 2023 17:18:25 GMT
x-cdn: Imperva
etag: "1da2f7ab6309c57"
content-type: application/javascript
x-iinfo: 13-89949697-89949792 2CNN RT(1703030083686 616) q(0 0 0 -1) r(0 0)
cache-control: max-age=12932, public
content-length: 2485
expires: Wed, 20 Dec 2023 03:30:16 GMT

GET
H2 200 rrweb.js Show response
recorder-api.myidentitycheck.net/ 158 KB
159 KB 628ms
198ms Script
application/javascript 52.9.25.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recorder-api.myidentitycheck.net/rrweb.js
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.25.214 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-25-214.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: a8230fd6cb3e0c71d321a31f54efe02e87019002d5389f581cf56c9563111c14

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
last-modified: Mon, 25 Sep 2023 17:21:08 GMT
server: Microsoft-IIS/10.0
accept-ranges: bytes
etag: "1d9efd4abe0e3a0"
content-length: 162208
content-type: application/javascript

GET
H2 200 recorder Show response
recorder-api.myidentitycheck.net/scripts/ 4 KB
4 KB 529ms
100ms Script
text/javascript 52.9.25.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recorder-api.myidentitycheck.net/scripts/recorder
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.25.214 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-25-214.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 125b023a3c04729310eeb021d7393457a25b69427c5df267c029666410f1391c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:44 GMT
cache-control: no-store,no-cache
x-correlation-id: 3DD1F111-60C5-40BD-8B0D-2CF090FF814F
server: Microsoft-IIS/10.0
content-length: 3772
content-type: text/javascript

GET
H2 200 aws.png
midweekpay.com/images/ 3 KB
3 KB 337ms
331ms Image
image/png 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midweekpay.com/images/aws.png

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.151.59 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

8dd98e389d6b7b3c230fb8292b5dc92506691441c590a9f3f7f32b3207819b4e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
last-modified: Tue, 28 Nov 2023 11:30:36 GMT
server: Kestrel
x-cdn: Imperva
etag: "1da21ee4e461b1c"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 13-89949697-89903660 2NNN RT(1703030083686 620) q(0 0 0 -1) r(2 2) U2
cache-control: no-cache
accept-ranges: bytes
content-length: 3356

GET
H2 200 ssl.png
midweekpay.com/images/ 5 KB
5 KB 357ms
352ms Image
image/png 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midweekpay.com/images/ssl.png

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.151.59 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

6bd1c6a5798d4ec9bf81bfa09d7ad9b1f1d1491d62a9d406990912b3e95b56ab

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
last-modified: Tue, 28 Nov 2023 11:30:36 GMT
server: Kestrel
x-cdn: Imperva
etag: "1da21ee4e46040e"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/png
x-iinfo: 13-89949697-89949797 2NNN RT(1703030083686 622) q(0 0 0 -1) r(3 3) U2
cache-control: no-cache
accept-ranges: bytes
content-length: 4622

GET
H2 200 hit.core.js Show response
www.consumerconnecting.com/hitLN/ 16 KB
4 KB 238ms
115ms Script
application/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.consumerconnecting.com/hitLN/hit.core.js
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 4b79fc114f2b82c12d75007ca9c22af8c31422211a219db05e9f3ed29c3cc3f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 18:30:16 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
etag: "06ceb6af22dda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-iinfo: 11-64492685-64450739 pNNy RT(1703030084379 40) q(0 0 0 0) r(1 1) U24
x-incap-sess-cookie-hdr: EjDhL3VmaU9gpDnwHeENE0QtgmUAAAAAa3jhwVL2rjaSLhSD+2OdBg==
accept-ranges: bytes
content-length: 3766

GET
H2 200 jquery.validate.js Show response
midweekpay.com/lib/jquery-validation/dist/ 31 KB
9 KB 126ms
122ms Script
application/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://midweekpay.com/lib/jquery-validation/dist/jquery.validate.js
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e458140f067cc72ffb262045321dc78caa65bf1c2abd4ed1ea8ab2d91f7ef67a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 14:27:00 GMT
x-cdn: Imperva
etag: "1d85b0c05a7d7e3"
content-type: application/javascript
x-iinfo: 13-89949697-89949792 2CNN RT(1703030083686 626) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=47757, public
content-length: 8712
expires: Wed, 20 Dec 2023 13:10:41 GMT

GET
H2 200 additional-methods.min.js Show response
midweekpay.com/lib/jquery-validation/dist/ 22 KB
6 KB 152ms
149ms Script
application/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://midweekpay.com/lib/jquery-validation/dist/additional-methods.min.js
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 1ebab5d380014168f6904e4660ebb17a5803590170f2081d5b12254a8922c4bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
last-modified: Thu, 28 Apr 2022 14:27:00 GMT
x-cdn: Imperva
etag: "1d85b0c05a74a85"
content-type: application/javascript
x-iinfo: 13-89949697-89949792 2CNN RT(1703030083686 629) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=47757, public
content-length: 6300
expires: Wed, 20 Dec 2023 13:10:41 GMT

GET
H2 200 _Incapsula_Resource Show response
midweekpay.com/ 149 KB
21 KB 67ms
64ms Script
application/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://midweekpay.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=2002817199
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c0e8772c00467b320ddae343f54ddb571507462e072ffe70494c95b444f09fb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 21392
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 311 KB
89 KB 303ms
199ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M577JL7

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

718e8ffacdd17451168a8a64e0b95ac46ccf49127859c0827bce2dc87d90373d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90911
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 23:54:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 182ms
59ms Script
text/javascript 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 19 Dec 2023 22:05:16 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6568
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 20 Dec 2023 00:05:16 GMT

GET
H2 200 logo-green.svg
midweekpay.com/images/ 5 KB
2 KB 331ms
329ms Image
image/svg+xml 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://midweekpay.com/images/logo-green.svg

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/css/site.min.css?v=KsZyNDXYCzqWJlt3amKF2ofX6ZrZn1s4hsNNj-DlH38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.151.59 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Kestrel / ASP.NET

Resource Hash

c7e9c5c6b60f78e36ff4cbb70f226d4c26fd2905fc761da92e918a12b83d2c0e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/css/site.min.css?v=KsZyNDXYCzqWJlt3amKF2ofX6ZrZn1s4hsNNj-DlH38
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:44 GMT
content-encoding: gzip
last-modified: Wed, 01 Nov 2023 08:28:46 GMT
server: Kestrel
x-cdn: Imperva
etag: "1da0c9d6e40e06f"
x-powered-by: ASP.NET
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
x-iinfo: 13-89949697-89949805 nNYN RT(1703030083686 646) q(0 0 2 -1) r(2 2) U18
accept-ranges: bytes

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 207ms
64ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/css/site.min.css?v=KsZyNDXYCzqWJlt3amKF2ofX6ZrZn1s4hsNNj-DlH38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://midweekpay.com/
Origin: https://midweekpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 18:58:03 GMT
x-content-type-options: nosniff
age: 17801
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 18:58:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 212ms
71ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/css/site.min.css?v=KsZyNDXYCzqWJlt3amKF2ofX6ZrZn1s4hsNNj-DlH38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://midweekpay.com/
Origin: https://midweekpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 21:47:45 GMT
x-content-type-options: nosniff
age: 266819
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 21:47:45 GMT

GET
H2 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 281ms
141ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/css/site.min.css?v=KsZyNDXYCzqWJlt3amKF2ofX6ZrZn1s4hsNNj-DlH38

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://midweekpay.com/
Origin: https://midweekpay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 17:36:41 GMT
x-content-type-options: nosniff
age: 22683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 18 Dec 2024 17:36:41 GMT

GET
H2 200 _Incapsula_Resource
midweekpay.com/ 1 B
35 B 37ms
34ms Image
text/plain 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://midweekpay.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7819986310988876
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 81ms
78ms Script
text/javascript 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Fri, 30 Jun 2023 18:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Dec 2023 00:37:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 241 KB
83 KB 90ms
88ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HMGJDSNYED&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M577JL7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6c57fa68215c5ac3ec7539adc31914a973a144664b5b060401f6f9edde4a2e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 19 Dec 2023 23:54:45 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/973279547/ 2 KB
2 KB 201ms
74ms Script
text/javascript 2607:f8b0:4004:c17::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/973279547/?random=1703030085172&cv=11&fst=1703030085172&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830789602&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fmidweekpay.com%2Flogin%3Fcguid%3D7463C504-B814-49B7-8680-3C0D7E30D82F&ref=http%3A%2F%2Frugare.net%2F&label=Audience%20collect%20for%20adwords&hn=www.googleadservices.com&frm=0&tiba=Midweekpay.com%20-%20Login&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M577JL7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c17::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d9b769d196514dbe57ac7b6d859b166d7993fccaca8f164dda6b1dfc1d25fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1.js Show response
cdn.ywxi.net/js/ 20 KB
6 KB 248ms
69ms Script
text/javascript 2600:9000:210b:3a00:14:6bfc:5740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ywxi.net/js/1.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M577JL7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:3a00:14:6bfc:5740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache /

Resource Hash

e439ab908d5181dccc2a2994a2b3cc4d3232d1a77b906a8d366959f609850b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:09:45 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 48242c037992a87d34be1f3c114efc0a.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C3
age: 2700
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
x-cache: Hit from cloudfront
content-length: 4835
referrer-policy: strict-origin-when-cross-origin
server: Apache
x-trace: 2BEDAAEE1C0BB7A6BD923EC5CDF471388538E4CC94000000000000000000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: zGtdtBwpadQG9m_KVa5WUCNgpoa2owTzGT6_K5z48u_AKKZXu31Z3A==
expires: Wed, 20 Dec 2023 00:09:43 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 69ms
68ms XHR
text/plain 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=349510808&t=pageview&_s=1&dl=https%3A%2F%2Fmidweekpay.com%2Flogin%3Fcguid%3D7463C504-B814-49B7-8680-3C0D7E30D82F&dr=http%3A%2F%2Frugare.net%2F&ul=en-us&de=UTF-8&dt=Midweekpay.com%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEIhQAAAACAAI~&jid=1044320047&gjid=362084792&cid=1604479817.1703030085&tid=UA-87592445-1&_gid=121041104.1703030085&_slc=1&z=120041611

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midweekpay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
346 B 193ms
67ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-87592445-1&cid=1604479817.1703030085&jid=1044320047&gjid=362084792&_gid=121041104.1703030085&_u=KGBAgEIhQAAAAGAAI~&z=1664669840

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midweekpay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 128 KB
50 KB 73ms
72ms Script
application/javascript 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-K2MMJDW&t=gtag_UA_87592445_1&cid=1604479817.1703030085

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8d196aaa2e4e81e12e34c72d6f673afd4aae2ef08e9f6e7840e8b39775a5fa2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50794
x-xss-protection: 0
last-modified: Tue, 19 Dec 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 19 Dec 2023 23:54:45 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 137ms
49ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HMGJDSNYED&gtm=45je3bt0v871486934z8830789602&_p=1703030084752&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1604479817.1703030085&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703030085&sct=1&seg=0&dl=https%3A%2F%2Fmidweekpay.com%2Flogin%3Fcguid%3D7463C504-B814-49B7-8680-3C0D7E30D82F&dr=http%3A%2F%2Frugare.net%2F&dt=Midweekpay.com%20-%20Login&en=page_view&_fv=1&_ss=1&tfd=1393
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HMGJDSNYED&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midweekpay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 68ms
67ms Ping
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HMGJDSNYED&cid=1604479817.1703030085&gtm=45je3bt0v871486934z8830789602&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HMGJDSNYED&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midweekpay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 196ms
71ms Image
image/gif 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-87592445-1&cid=1604479817.1703030085&jid=1044320047&_u=KGBAgEIhQAAAAGAAI~&z=2047664664

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 68ms
67ms XHR
text/plain 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=349510808&t=pageview&_s=1&dl=https%3A%2F%2Fmidweekpay.com%2Flogin%3Fcguid%3D7463C504-B814-49B7-8680-3C0D7E30D82F&dr=http%3A%2F%2Frugare.net%2F&ul=en-us&de=UTF-8&dt=Midweekpay.com%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIjQAAAAGAAI~&jid=157960955&gjid=1659555123&cid=1604479817.1703030085&tid=UA-87592445-1&_gid=121041104.1703030085&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1508229636

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midweekpay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
68ms XHR
text/plain 2607:f8b0:4004:c17::71
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=349510808&t=pageview&_s=1&dl=https%3A%2F%2Fmidweekpay.com%2Flogin%3Fcguid%3D7463C504-B814-49B7-8680-3C0D7E30D82F&dr=http%3A%2F%2Frugare.net%2F&ul=en-us&de=UTF-8&dt=Midweekpay.com%20-%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIjQAAAAGAAI~&jid=2015734700&gjid=355834940&cid=1604479817.1703030085&tid=UA-87592445-1&_gid=121041104.1703030085&_r=1&gtm=45He3bt0n81M577JL7v830789602&gcd=11l1l1l1l1&dma=0&z=1849235470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4004:c17::71 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midweekpay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/973279547/ 42 B
154 B 169ms
73ms Image
image/gif 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/973279547/?random=1703030085172&cv=11&fst=1703026800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v830789602&u_w=1600&u_h=1200&url=https%3A%2F%2Fmidweekpay.com%2Flogin%3Fcguid%3D7463C504-B814-49B7-8680-3C0D7E30D82F&ref=http%3A%2F%2Frugare.net%2F&label=Audience%20collect%20for%20adwords&frm=0&tiba=Midweekpay.com%20-%20Login&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Pv2x0SOf2QH_rEtshFZJOnI9IUEuTQ&random=4014061230&rmt_tld=0&ipr=y

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/midweekpay.com/ 172 B
1000 B 390ms
136ms XHR
application/json 52.92.163.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/midweekpay.com/client.json?source=jsmain
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.163.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d97df10622601dc8f377aeb13ac790121feb6ef67291aadde04ab1e6196b065

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 23:54:46 GMT
Content-Encoding: gzip
x-amz-version-id: R2BiPJwTDwHHfPpIbCV95tR7kGl3X5bT
x-amz-request-id: 8RJ0TK7373NBF5K1
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Length: 152
x-amz-id-2: ttnNEJTA4vVyXT2qWjRVdcsOLFPuffaisgGibimQaOqlzG+VkawHsrP7COM2z5vs946pJspeAvY=
Last-Modified: Sun, 03 Dec 2023 15:59:40 GMT
Server: AmazonS3
ETag: "3a5a5634aaf2fb34d26c58d46623176b"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://midweekpay.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=60
Accept-Ranges: bytes

GET
H/1.1 200
OK client.json Show response
s3-us-west-2.amazonaws.com/mfesecure-public/host/midweekpay.com/ 172 B
1000 B 388ms
134ms XHR
application/json 52.92.163.144
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-us-west-2.amazonaws.com/mfesecure-public/host/midweekpay.com/client.json?source=jsinline
Requested by: Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.163.144 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8d97df10622601dc8f377aeb13ac790121feb6ef67291aadde04ab1e6196b065

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Tue, 19 Dec 2023 23:54:46 GMT
Content-Encoding: gzip
x-amz-version-id: R2BiPJwTDwHHfPpIbCV95tR7kGl3X5bT
x-amz-request-id: 8RJ6K24V4E8REVQR
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
Content-Length: 152
x-amz-id-2: kVtaxEYZQ4+o+112eb9flvQc6EeLgdUus4j8AfZ8Vrok2k5OtLtePGTiCJNyn07wwsdC6cFuv0Q=
Last-Modified: Sun, 03 Dec 2023 15:59:40 GMT
Server: AmazonS3
ETag: "3a5a5634aaf2fb34d26c58d46623176b"
Access-Control-Max-Age: 60
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/json
Access-Control-Allow-Origin: https://midweekpay.com
Access-Control-Expose-Headers: Access-Control-Allow-Origin
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=60
Accept-Ranges: bytes

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 70ms
66ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-87592445-1&cid=1604479817.1703030085&jid=157960955&gjid=1659555123&_gid=121041104.1703030085&_u=aGDAAUIjQAAAAGAAI~&z=1563125869

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midweekpay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
68 B 69ms
68ms XHR
text/plain 2607:f8b0:4004:c1b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-87592445-1&cid=1604479817.1703030085&jid=2015734700&gjid=355834940&_gid=121041104.1703030085&_u=aGDAAUIjQAAAAGAAI~&z=1683198738

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9c Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://midweekpay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 74ms
71ms Image
image/gif 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-87592445-1&cid=1604479817.1703030085&jid=157960955&_u=aGDAAUIjQAAAAGAAI~&z=1935019416

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 76ms
71ms Image
image/gif 2607:f8b0:4004:c1b::93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-87592445-1&cid=1604479817.1703030085&jid=2015734700&_u=aGDAAUIjQAAAAGAAI~&z=1381845318

Requested by

Host: midweekpay.com
URL: https://midweekpay.com/login?cguid=7463C504-B814-49B7-8680-3C0D7E30D82F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 new-session
recorder-api.myidentitycheck.net/events/ 0
0 302ms
99ms Preflight 52.9.25.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recorder-api.myidentitycheck.net/events/new-session
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.25.214 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-25-214.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://midweekpay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: *
date: Tue, 19 Dec 2023 23:54:44 GMT
server: Microsoft-IIS/10.0

POST
H2 201 new-session Show response
recorder-api.myidentitycheck.net/events/ 38 B
211 B 113ms
111ms XHR
application/json 52.9.25.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recorder-api.myidentitycheck.net/events/new-session
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/js/plugins.min.js?v=NegVE-BNi7mweg-ZjPtfkHsbH26GngTnqMONLNi6_ys
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.25.214 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-25-214.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: c1aa5740fb7adf7476ace6bc39717a81399e1e223fb3b3eec5ffcd1c5174fc11

Request headers

Accept: */*
Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 19 Dec 2023 23:54:44 GMT
x-correlation-id: FCB86CA5-3EF4-42AD-8AA0-FB3487E50E80
server: Microsoft-IIS/10.0
content-type: application/json; charset=utf-8
location: https://recorder-api.myidentitycheck.net/Events/new-session
access-control-allow-origin: *
cache-control: no-store,no-cache

GET
H2 200 / Show response
www.consumerconnecting.com/hitLN/ 112 B
870 B 151ms
151ms Script
text/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.consumerconnecting.com/hitLN/?clienturl=https%3A//midweekpay.com/login%3Fcguid%3D7463C504-B814-49B7-8680-3C0D7E30D82F&rnd=0.06193415996568974&callback=hitregistersuccess&responsetype=json&o=600&ReferrerURL=http%3A//rugare.net/&cguid=7463C504-B814-49B7-8680-3C0D7E30D82F
Requested by: Host: www.consumerconnecting.com
URL: https://www.consumerconnecting.com/hitLN/hit.core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 4a1a34268c548cddd081621d0ab45f192fd7042b0b2a453626c68f52b6fefeda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:45 GMT
content-encoding: gzip
server: Microsoft-IIS/8.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 11-64492685-64450739 pNNy RT(1703030084379 791) q(0 0 0 -1) r(1 1) U24
cache-control: private
x-incap-sess-cookie-hdr: orTWJAuv4AlgpDnwHeENE0UtgmUAAAAAITkG0LptGF6G7XNDH0Fjjw==
content-length: 219

GET
H2 200 fpt.js Show response
www.consumerconnecting.com/hitLN/ 10 KB
4 KB 118ms
111ms Script
application/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.consumerconnecting.com/hitLN/fpt.js
Requested by: Host: www.consumerconnecting.com
URL: https://www.consumerconnecting.com/hitLN/hit.core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 671cbf6f84a523bd7c3cd3f1106eaee4052298b626c3354a7b151fffa6b2deeb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:45 GMT
content-encoding: gzip
last-modified: Wed, 13 Dec 2023 18:30:16 GMT
server: Microsoft-IIS/8.0
x-cdn: Imperva
etag: "06ceb6af22dda1:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-iinfo: 11-64492685-64450739 pNNy RT(1703030084379 954) q(0 0 0 -1) r(1 1) U24
x-incap-sess-cookie-hdr: VUHbGEp6VHxgpDnwHeENE0UtgmUAAAAAik1MljUMTnOHSt240hLLtA==
accept-ranges: bytes
content-length: 3398

GET
H2 200 / Show response
www.consumerconnecting.com/misc/ 114 B
785 B 127ms
121ms Script
text/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.consumerconnecting.com/misc/?action=regga&callback=posting.defaultCb&ResponseType=json&uid=84911960-3704-4a3a-a1ac-ac31ce619648&gaclient=1604479817.1703030085&gatracker=UA-87592445-1
Requested by: Host: www.consumerconnecting.com
URL: https://www.consumerconnecting.com/hitLN/hit.core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 39ccb68e643c21225f778ccf9c4f7029684db84f203685cd1f6ec0750e10bcb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:45 GMT
content-encoding: gzip
server: Microsoft-IIS/8.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 11-64492685-64441557 pNNN RT(1703030084379 956) q(0 0 0 -1) r(1 1) U24
cache-control: private
x-incap-sess-cookie-hdr: BfmsZFbWIgZgpDnwHeENE0UtgmUAAAAAVJXyqJ32vXII6mScxgemdQ==
content-length: 208

GET
H2 200 ajax Show response
www.trustedsite.com/rpc/ 6 B
996 B 388ms
112ms Script
text/javascript 54.68.106.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.trustedsite.com/rpc/ajax?do=tmjs-visit&host=midweekpay.com&rand=1703030085850

Requested by

Host: cdn.ywxi.net
URL: https://cdn.ywxi.net/js/1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.68.106.248 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-68-106-248.us-west-2.compute.amazonaws.com

Software

Apache /

Resource Hash

a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
server: Apache
x-trace: 2B8089F3D28FA077EC0066A07AD6EF57AF7B06F272000000000000000000
content-security-policy-report-only: report-uri https://52723791ca12811bfedec52ea4c44290.report-uri.com/r/d/csp/reportOnly; default-src 'self'; script-src * 'unsafe-inline' 'unsafe-eval'; script-src-elem * 'unsafe-inline'; script-src-attr 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-elem * 'unsafe-inline'; style-src-attr 'self' 'unsafe-inline'; img-src * data:; font-src * data:; connect-src *; media-src * blob:; object-src 'none'; frame-src *; frame-ancestors *; form-action 'self'
content-type: text/javascript; charset=utf-8
content-length: 26

POST
H2 202 events Show response
recorder-api.myidentitycheck.net/ 0
62 B 297ms
295ms XHR
text/plain 52.9.25.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recorder-api.myidentitycheck.net/events
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/js/plugins.min.js?v=NegVE-BNi7mweg-ZjPtfkHsbH26GngTnqMONLNi6_ys
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.25.214 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-25-214.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 19 Dec 2023 23:54:46 GMT
cache-control: no-store,no-cache
x-correlation-id: C8DEAB33-B989-44B1-ACBE-A7D70E7CBFCC
server: Microsoft-IIS/10.0
content-length: 0

OPTIONS
H2 204 events
recorder-api.myidentitycheck.net/ 0
0 100ms
99ms Preflight 52.9.25.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recorder-api.myidentitycheck.net/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.25.214 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-25-214.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://midweekpay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: *
date: Tue, 19 Dec 2023 23:54:46 GMT
server: Microsoft-IIS/10.0

GET
H2 200 / Show response
www.consumerconnecting.com/misc/ 114 B
806 B 119ms
118ms Script
text/javascript 45.60.151.59
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.consumerconnecting.com/misc/?action=regfp&callback=posting.defaultCb&ResponseType=json&uid=84911960-3704-4a3a-a1ac-ac31ce619648&fpt=3975070497
Requested by: Host: www.consumerconnecting.com
URL: https://www.consumerconnecting.com/hitLN/hit.core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.151.59 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 39ccb68e643c21225f778ccf9c4f7029684db84f203685cd1f6ec0750e10bcb5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://midweekpay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 19 Dec 2023 23:54:47 GMT
content-encoding: gzip
server: Microsoft-IIS/8.0
x-aspnet-version: 4.0.30319
x-cdn: Imperva
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-iinfo: 11-64492685-64441557 pNNN RT(1703030084379 2953) q(0 0 0 -1) r(1 1) U24
cache-control: private
x-incap-sess-cookie-hdr: lzNvOj3kzQhgpDnwHeENE0ctgmUAAAAAkyeSRaPv6ivMb0sUNCwTOg==
content-length: 208

POST
H2 202 events Show response
recorder-api.myidentitycheck.net/ 0
56 B 99ms
98ms XHR
text/plain 52.9.25.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recorder-api.myidentitycheck.net/events
Requested by: Host: midweekpay.com
URL: https://midweekpay.com/js/plugins.min.js?v=NegVE-BNi7mweg-ZjPtfkHsbH26GngTnqMONLNi6_ys
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.25.214 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-25-214.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://midweekpay.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 19 Dec 2023 23:54:47 GMT
cache-control: no-store,no-cache
x-correlation-id: CB8CA9C1-C070-4641-86AC-950BF97BD4F4
server: Microsoft-IIS/10.0
content-length: 0

OPTIONS
H2 204 events
recorder-api.myidentitycheck.net/ 0
0 99ms
98ms Preflight 52.9.25.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://recorder-api.myidentitycheck.net/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.9.25.214 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-25-214.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://midweekpay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization
access-control-allow-methods: GET,POST,PUT,DELETE
access-control-allow-origin: *
date: Tue, 19 Dec 2023 23:54:47 GMT
server: Microsoft-IIS/10.0

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.midweekpay.com/	1969-12-31 23:59:59	Name: nlbi_1886857 Value: LghIQ4H6Xnbl3YYrNdYEfgAAAACI+kNzuG0XZ8T50gGc+hLY
.midweekpay.com/	1970-01-21 01:48:26	Name: visid_incap_1886857 Value: AllDakSLQRWceSEXn/y3X0MtgmUAAAAAQUIPAAAAAABl+HTWRabwSdR7OWF6qrzw
.midweekpay.com/	1969-12-31 23:59:59	Name: incap_ses_1373_1886857 Value: cvDSHNq8sijZoznwHeENE0QtgmUAAAAAokQ5Wpbq7LCZl7Qy/uPn9g==
midweekpay.com/	1970-01-20 17:03:50	Name: ___utmvc Value: NBrlcplBS3AJUNzxTXfYjRKyeebJIN7uQw/jqr4mrv9iRAEL5xKImpLR/0KsuRY/Dp5y1xHCUjI4Q403AbjYpgYY4Z7TaT6j5hMY5qNZr+rNbq2h/1SxYzIpT4TcH/8YElxtgdvv4kgdZXVWJyVKnbq2/rHZIvNHvMpn1N1r/lTCQM4SIeRff3De0PxgTmYtyBqsB6+Z7+OiIfKpX0xB017DMPlQpQ7XC+dH4524i2OdESMqsqF3zu9WbxdMjov8eHsBYGCjWCs2x+b7/+xLRjygs9mX9E01U8F1AtU8D+msfXfYdH3eKc7aonmwZWfe5ue+HUuBOcBhR7mSFPaWw9wgb1+4m7K1u5yYlszc7BEM/yhLERsrsOP2XfRiJuT8Zu2kAO7vRI/IsITp5bUs9jaSAFNIK/4hL8Bd62qmEUrTgf2R/CbHd9FOctP/vWHyfPSbMdUpAXt6goGCmCbuZcwuscB/lbjXReqhp4EmV0W6N1ydm2UPSl4k9jYimVtusLO/dlRqYh8FbNO02y5yRysQfgHMwAH7E/LfFdH1EHO2zIoHo3tBzx1WGzU4K2z2cFD1gIim+J33YE0Lgj02YrA2mzPhWYOg0bapGQ7NVdvrMPpxGdiCXaatpYqbHMR60ipVbuz28Ctr3PkkgCA6AGfCWrft2vFJ4m9Os8FJ9gxxBjQcXwKcpksjDT/B9F/RUQy9NiL7K6w0TcS2nEclevO861gzUN293osVkdB1C7N6cKlUIYcgiIAalqIei/xTT1UZkKLqkKicx4sfNFsUgvILty/gkOVzZxeBM0b0BmEZKyZaGV3ltVvnMk3c06fDU/Kvb9H5QNtWSzqL+wW7RyO/20n90KcxryMZJstF4Na+fmNH07aS/qbHRgZZCDCZQRq9wxkoVWqvbX26aJwz7Bggia/NkK9l3QNfWpfv3KZvWZwK0S0jtcwmQBOdYIhMw9PPfqVu/tuvaM3i9TsNtUV+8HwMbKnxt6pLKlBKmEEx1FK2Ycbwens4RAelDFNZbFrFbAqG9fnuq4TA/de8DRMckrrbc156mn6FlnNJpfAlp8ZCP3wvZpRZUrJ2b+UtLdt4p5uPjAOLv/xC1llWyq4lAM6b6hcPDxuArMkkwXX5nnO8OxESCLF5nMEmxtZ27yqi4VLSgn9rov+phU/gQFn6CDgmvGkrcNEWYxqMOaVe7Av4yIiTwY6b+gNX0KMtfrgrUvkVQcQorwkdjEbcjeXS7rwaSvmIEtxj4HmIITdoPKJcXPOmATN7a0LedFnJuISBT0XMmEtyTh7YbIsm4IhK8VZXF08fVMYlWxBB4h1MRJeGEOXynLEvUqjblxQvxy90bwzu8k0QF1844YxVKuq6W+kVEW31S47DnPlOyRltvpYrVzZR4k7a1viD2Bwjwz8IigEMsFkWQAUv1GOFKHK+tvBqCbuA8l8XAjC8kl2YmHiwI0eCW9sgEn4zSp3E4hO0CqVflTSJaNSE1DwOPZkktURSLhAVRcn/sDIxfJ1zbDMF39jeOhl3hWpdv4QJxDqqIykzPHruo7IAilVwkIpD1lmZhK26subEdv+2/jsqP+sh3ZVGsoJQesWfvOrrpQIolzqTVs4LFgKTdJAl2S1LoedEBBHSbpldqhJ8qkKZZwVYzMM1L2EoplIXRRpjmkhJfHSoF8qRin7J9UcdqASmtx7JRvw3ZIl/3Jv410jpINtU7qaqjnANaQfg2j2IrODE0KodZSwQzsOFxseh9HJlnFeAAiwNVHu5dAyDsrid0cJ9mYUNzjzozCcOJ15yO/55kQKbRREYPddmLxDwQ3dp9s1W2XaWOcy7vYMR2BtTOEo6eeCJ38Avv1mj4e1GYVtOKMlbsDytyi8XtadGx0RGJ+tBbdb9aDdYz8RolgzaPi8axiNAlQbu8e7nhcaa5er1rt06pnYHljZuQ15HSQ0Sw9o7m/Mv5d+HLmBJ9NrwFL3gP46hBNR+fPs19nRsMwuk64DcrR0QB9hJRAAwCr1+bjhC7cWqZLudIfK/qAlLVf1wJvDHl68YtCY4IwI89qNqTCWAjW9/23jI0vDtKP1n2d2vP6f81R8Fm3AMIIZQBQOvoWyegqycYlI67HnMvXgbiOKdv+nJ0oR3w6wkBCYiHLK1xQz2p4gz7ouEPOix2Ay6pLSoGtSM/skXmuS7pl51vzEpCVpnDZyK72e2PKc13bvitnijIzR6xuKCR1GNKNODombB5ZHS0kRStemoKQqYz5Ez3EUwA8re/7g1Crl2Njhzx5z76Z2yW0IHW32NvogVC0ZvG4oHnaixmuUEWLrmac7fpS60l8qSDwvtTLD2tfeSKBf2nj0jy+PjTsUbNrp+8Wug1kbpr9YUyj8DQ4PJYdEk/5b/Lk05yG+o4G8eKiMaW/X+Q8+WmoliDchuOyf3DLsmiJV57hcyO2ovGV1f86VQmmFzr2TAA8Lsq3ZMWrfK88tU1Yf+MuTbe+W8xbZbtO+5/bXsRIOzB1C6szmgpsuy3j9oGSfg+CC6lhew48VNaPfk4wZIGA8A1IVRtT3rxRdlyvf8wvpmk4LPFeeg0MZ/oakKfXv+zHbbahOu1SmWE0WK1K4l9CGt6SRPloNVpbo5y/IWEp9DwIHUHRUfmYQ9zA4FeRKu7AOZG8jMXqtmUOJgtZnYh0R+3Yo6ju0Dia1NhVJYxlKKlvBE735bCc6zxCXipoCqWsuTW9YSNdjuVYFlqx85M22FM2xJsuBH3YGrhMDeZNyRWSpj/7kILSG/iOVmVichEsBXA/wMaBIaxee0f14tRY3aKwkfv75ktkf9hQmq1V8C5d+5w2SJLGRpZ2VzdD0xOTM0MjMscz05MjZhOWFhYTk1Nzg4M2EzNjhhZDlkN2FhOTkyYTU4NzY2OTc5NzdmYWI4YTk0NjI5ODY5NmE2ZDliOTZhMmEyYTM2N2E2YWM3ZWEwNzA3MQ==
.midweekpay.com/	1970-01-20 17:05:16	Name: _gid Value: GA1.2.121041104.1703030085
.midweekpay.com/	1970-01-20 17:03:50	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 17:03:50	Name: test_cookie Value: CheckForPermission
.midweekpay.com/	1970-01-21 02:39:50	Name: _ga_HMGJDSNYED Value: GS1.1.1703030085.1.0.1703030085.60.0.0
.midweekpay.com/	1970-01-20 17:03:50	Name: _gat_gtag_UA_87592445_1 Value: 1
.midweekpay.com/	1970-01-21 02:39:50	Name: _ga Value: GA1.2.1604479817.1703030085
.midweekpay.com/	1970-01-20 17:03:50	Name: _gat_UA-87592445-1 Value: 1
midweekpay.com/	1970-01-21 02:39:50	Name: cguid Value: 7463C504-B814-49B7-8680-3C0D7E30D82F
midweekpay.com/	1970-01-21 02:39:50	Name: hit Value: uid=84911960-3704-4a3a-a1ac-ac31ce619648
midweekpay.com/	1970-01-21 02:39:50	Name: campaignid Value: 238926
midweekpay.com/	1970-01-20 17:05:16	Name: trustedsite_visit Value: 1
www.trustedsite.com/	1970-01-20 17:13:54	Name: AWSALBCORS Value: 87aSn9oseNNQpFA/dn+SOEmRXiBenYhBEsO17wC+tJ0H5FsNXqD2OXXm+lfHTA/Cc94s2KpOfVwWt46X50fBbTk3ZNlCceIlOTrDRni70ironPRGDrqe0ppc4StN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.ywxi.net
fonts.gstatic.com
googleads.g.doubleclick.net
maps.googleapis.com
maps.gstatic.com
midweekpay.com
polyfill.io
recorder-api.myidentitycheck.net
rugare.net
s3-us-west-2.amazonaws.com
stats.g.doubleclick.net
www.consumerconnecting.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.trustedsite.com
13.56.47.109
2001:4860:4802:36::181
2600:9000:210b:3a00:14:6bfc:5740:93a1
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c17::71
2607:f8b0:4004:c17::9a
2607:f8b0:4004:c1b::93
2607:f8b0:4004:c1b::9c
2607:f8b0:4004:c1d::5f
2607:f8b0:4006:80d::2003
2607:f8b0:4006:822::2008
2a04:4e42:800::282
45.60.151.59
52.9.25.214
52.92.163.144
54.68.106.248
125b023a3c04729310eeb021d7393457a25b69427c5df267c029666410f1391c
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ebab5d380014168f6904e4660ebb17a5803590170f2081d5b12254a8922c4bb
2ac6723435d80b3a96265b776a6285da87d7e99ad99f5b3886c34d8fe0e51f7f
2f8190fce950f45ff5f648d4bafdc6ae4f9cddfcbd4cbf829b9118e959a732a6
2fa0481439082dd6208268557881490f03e96d3c2075abe452782258ea6d4c54
35e81513e04d8bb9b07a0f998cfb5f907b1b1f6e869e04e7a8c38d2cd8baff2b
39ccb68e643c21225f778ccf9c4f7029684db84f203685cd1f6ec0750e10bcb5
4a1a34268c548cddd081621d0ab45f192fd7042b0b2a453626c68f52b6fefeda
4b79fc114f2b82c12d75007ca9c22af8c31422211a219db05e9f3ed29c3cc3f4
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
671cbf6f84a523bd7c3cd3f1106eaee4052298b626c3354a7b151fffa6b2deeb
6bd1c6a5798d4ec9bf81bfa09d7ad9b1f1d1491d62a9d406990912b3e95b56ab
6c57fa68215c5ac3ec7539adc31914a973a144664b5b060401f6f9edde4a2e76
6c68769e8470ce89a0f2270529a5d47db00917e3ef9df946dca202098f09d0a2
718e8ffacdd17451168a8a64e0b95ac46ccf49127859c0827bce2dc87d90373d
78d125282dabf915b220557b2c321b159cc500e740fd56c0d5b022f9ae2e3b87
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
83d9b769d196514dbe57ac7b6d859b166d7993fccaca8f164dda6b1dfc1d25fc
8d196aaa2e4e81e12e34c72d6f673afd4aae2ef08e9f6e7840e8b39775a5fa2c
8d97df10622601dc8f377aeb13ac790121feb6ef67291aadde04ab1e6196b065
8dd98e389d6b7b3c230fb8292b5dc92506691441c590a9f3f7f32b3207819b4e
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
969dace001ef24f99f38bd00c5578b85ba9368e77a5667cfcaeaa29d2f57657b
9b48c7d9a3ca0fd7a26de3dec608227357a6d0c200785d340d96a28b555813e9
a4aa9f775af34f63386d8b4d8a14fce2225c317c3f93cbafdeb5a8524eb542a1
a8230fd6cb3e0c71d321a31f54efe02e87019002d5389f581cf56c9563111c14
c0e8772c00467b320ddae343f54ddb571507462e072ffe70494c95b444f09fb9
c1aa5740fb7adf7476ace6bc39717a81399e1e223fb3b3eec5ffcd1c5174fc11
c515d39c53031c1f9b27d77d3818c65a5db18e50b51d83b4968c2f0b38e772eb
c7e9c5c6b60f78e36ff4cbb70f226d4c26fd2905fc761da92e918a12b83d2c0e
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
db8338df35620853cfae74535f6e123aa89b794ea2dd6aab341d1137233df109
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439ab908d5181dccc2a2994a2b3cc4d3232d1a77b906a8d366959f609850b40
e458140f067cc72ffb262045321dc78caa65bf1c2abd4ed1ea8ab2d91f7ef67a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

midweekpay.com Open in urlscan Pro 45.60.151.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

66 Requests

98 %HTTPS

69 %IPv6

14 Domains

17 Subdomains

16 IPs

1 Countries

849 kBTransfer

2290 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

midweekpay.com Open in urlscan Pro
45.60.151.59 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

98 %
HTTPS

69 %
IPv6

14
Domains

17
Subdomains

16
IPs

1
Countries

849 kB
Transfer

2290 kB
Size

16
Cookies

66 HTTP transactions
0 data transactions