app.paywithextend.com Open in urlscan Pro
2606:4700:10::ac43:c6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.paywithextend.com/
Effective URL:
https://app.paywithextend.com/
Submission: On February 14 via api (February 14th 2024, 6:25:26 am UTC) from US — Scanned from DE

Summary HTTP 60 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 12 domains to perform 60 HTTP transactions. The main IP is 2606:4700:10::ac43:c6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.paywithextend.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 12th 2023. Valid for: a year.

This is the only time app.paywithextend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:4883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::ac43:c6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	18.66.147.61 18.66.147.61	16509 (AMAZON-02) (AMAZON-02)
1	108.138.26.66 108.138.26.66	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:215... 2600:9000:2156:4a00:6:f240:b1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.33.187.26 13.33.187.26	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:109b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1f18:24e... 2600:1f18:24e6:b900:d6c:b6b4:a9ba:4a7e	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:9000:223... 2600:9000:223d:7400:1f:d442:bb40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:119b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
60	22

1 2606:4700:10::6816:4883 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:c6d (United States)

ASN13335 (CLOUDFLARENET, US)

app.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.66.147.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-61.fra60.r.cloudfront.net

app-assets.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-66.fra56.r.cloudfront.net

prox.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2156:4a00:6:f240:b1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdks.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-26.fra60.r.cloudfront.net

brand-assets.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:109b (United States)

ASN13335 (CLOUDFLARENET, US)

js.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:d6c:b6b4:a9ba:4a7e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

browser-intake-datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:7400:1f:d442:bb40:93a1 (United States)

ASN16509 (AMAZON-02, US)

sa.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:119b (United States)

ASN13335 (CLOUDFLARENET, US)

find.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	paywithextend.com 1 redirects app.paywithextend.com app-assets.paywithextend.com api.paywithextend.com prox.paywithextend.com sdks.paywithextend.com brand-assets.paywithextend.com sa.paywithextend.com	11 MB
8	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2400	47 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 391 www.linkedin.com — Cisco Umbrella Rank: 643 px4.ads.linkedin.com — Cisco Umbrella Rank: 6482	3 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	450 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	21 KB
4	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 544 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 425	2 KB
3	userpilot.io js.userpilot.io — Cisco Umbrella Rank: 21088 find.userpilot.io — Cisco Umbrella Rank: 26342	242 KB
2	google.de www.google.de — Cisco Umbrella Rank: 5654	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 113	409 B
2	browser-intake-datadoghq.com browser-intake-datadoghq.com — Cisco Umbrella Rank: 1076	687 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	177 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1036	16 KB
60	12

	Domain	Requested by
8	app-assets.paywithextend.com	app.paywithextend.com app-assets.paywithextend.com
7	sdks.paywithextend.com	app-assets.paywithextend.com sdks.paywithextend.com
6	www.google.com	app-assets.paywithextend.com www.gstatic.com www.google.com app.paywithextend.com
5	www.google-analytics.com	sdks.paywithextend.com app-assets.paywithextend.com app.paywithextend.com
4	px.ads.linkedin.com	3 redirects app-assets.paywithextend.com
4	www.gstatic.com	www.google.com www.gstatic.com
2	www.google.de	app.paywithextend.com
2	stats.g.doubleclick.net	www.googletagmanager.com app-assets.paywithextend.com
2	region1.analytics.google.com	www.googletagmanager.com
2	sa.paywithextend.com	app-assets.paywithextend.com
2	browser-intake-datadoghq.com	app-assets.paywithextend.com
2	js.userpilot.io	sdks.paywithextend.com js.userpilot.io
2	www.googletagmanager.com	sdks.paywithextend.com www.google-analytics.com
2	firebaseremoteconfig.googleapis.com	app-assets.paywithextend.com
2	fonts.gstatic.com	www.google.com
2	firebaseinstallations.googleapis.com	app-assets.paywithextend.com
2	api.paywithextend.com	app-assets.paywithextend.com
2	app.paywithextend.com	1 redirects
1	find.userpilot.io	app-assets.paywithextend.com
1	px4.ads.linkedin.com	app.paywithextend.com
1	www.linkedin.com	1 redirects
1	snap.licdn.com	sdks.paywithextend.com
1	brand-assets.paywithextend.com	app.paywithextend.com
1	prox.paywithextend.com	app-assets.paywithextend.com
60	24

This site contains links to these domains. Also see Links.

Domain
support.paywithextend.com
www.paywithextend.com

Subject Issuer	Validity	Valid
*.paywithextend.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-12` - `2024-12-11`	a year	crt.sh
paywithextend.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
userpilot.io GTS CA 1P5	`2024-01-20` - `2024-04-19`	3 months	crt.sh
*.browser-intake-datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-17` - `2024-06-18`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-01-30` - `2024-07-30`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://app.paywithextend.com/
Frame ID: DBE9C385C20015921DAB8A56B41F8DAE
Requests: 48 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=2tbers162mu7
Frame ID: 9E873FEC1CC0A7879F5FF89DA1D7F7B6
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Create virtual cards with the card in your pocket. | Extend

Page URL History Show full URLs

http://app.paywithextend.com/ HTTP 301
https://app.paywithextend.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

60
Requests

97 %
HTTPS

82 %
IPv6

12
Domains

24
Subdomains

22
IPs

3
Countries

12424 kB
Transfer

14673 kB
Size

19
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://support.paywithextend.com/hc/en-us
Title: Visit our help center

Search URL Search Domain Scan URL

URL: https://support.paywithextend.com/hc/en-us/articles/4405626696087-FAQs
Title: FAQ page

Search URL Search Domain Scan URL

URL: https://www.paywithextend.com/support-request
Title: Contact us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.paywithextend.com/ HTTP 301
https://app.paywithextend.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1836018%26time%3D1707891921070%26url%3Dhttps%253A%252F%252Fapp.paywithextend.com%252Fsignin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true&e_ipv6=AQLIWaEDcLy4FgAAAY2mSpM8Kdie51hqScYI8SiFZv6YEXix1yEPItGKm8WbhHfb5QI7240

60 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.paywithextend.com/
Redirect Chain

http://app.paywithextend.com/
https://app.paywithextend.com/

25 KB
6 KB

720ms
699ms

Document
text/html

2606:4700:10::ac43:c6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.paywithextend.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4d41a18d04533590d7399ff6a60d167d4d013e62aefc527714a77732a357e0ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-6PHPAXp-X0ZCkXEHoAsqKB8YjZYPQzjv' paywithextend.com .paywithextend.com cdn.segment.com cdn.plaid.com connect.facebook.net www.google-analytics.com snap.licdn.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com/ http://964-YBI-786.mktoweb.com/ http://munchkin.marketo.net/161/munchkin.js https://js.userpilot.io/ http://js.userpilot.io/ https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js .codat.io *.intercom.io js.intercomcdn.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 85533baa6a124da1-FRA
content-encoding: gzip
content-security-policy: script-src 'self' 'nonce-6PHPAXp-X0ZCkXEHoAsqKB8YjZYPQzjv' paywithextend.com *.paywithextend.com cdn.segment.com cdn.plaid.com connect.facebook.net www.google-analytics.com snap.licdn.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com/ http://964-YBI-786.mktoweb.com/ http://munchkin.marketo.net/161/munchkin.js https://js.userpilot.io/ http://js.userpilot.io/ https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js *.codat.io *.intercom.io js.intercomcdn.com; worker-src 'self' blob:
content-type: text/html; charset=utf-8
date: Wed, 14 Feb 2024 06:25:19 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display capture=(), document-domain=(), encrypted-media=(), execution-while-not rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 85533ba8ef6c2bcf-FRA
Connection: keep-alive
Content-Type: text/html
Date: Wed, 14 Feb 2024 06:25:18 GMT
Location: https://app.paywithextend.com:443/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 client.b55905057a5baa4ce5d9.css
app-assets.paywithextend.com/ 157 KB
26 KB 88ms
8ms Stylesheet
text/css 18.66.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15440dc9b45240d256ceac25efd245ce5de70cf8ecc921e36d456e2bb97013d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: aCQum_xUFOQBe7C42uMo_0DnhXRIOkP4
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 14:06:25 GMT
last-modified: Tue, 06 Feb 2024 21:39:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 58735
x-amz-server-side-encryption: AES256
etag: W/"6c3cc2074219137b7a6934c945e225ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: UjfFQAlvtg07CqDhfznoaT_13qhVAwoUalf-4zqTPfOopjtfQGhepw==

GET
H2 200 client.619216a5924483f564b4.js Show response
app-assets.paywithextend.com/ 10 MB
10 MB 94ms
14ms Script
application/javascript 18.66.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e2bbb7f3961561d5849cefaaf5afee93dea6657bc9dc56cc270b3b856a0333d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 14:21:48 GMT
x-amz-version-id: 17yYmot7R6wx.50i7wYuWCCuA3r61nBv
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Tue, 13 Feb 2024 14:11:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 57812
etag: "e9180e5ca674d54420bc30fd5ebcdf75-3"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10635577
x-amz-cf-id: L0nPAHVYE28Y909apHBcJIor24D7BNH3jWYXKzTcyElF737ZrzSabw==

OPTIONS
H2 200 config
api.paywithextend.com/ Frame 0
0 466ms
414ms Preflight 2606:4700:10::ac43:c6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.paywithextend.com/config?locale=en-US
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:c6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-extend-app-id,x-extend-brand,x-extend-platform,x-extend-platform-version
Access-Control-Request-Method: GET
Origin: https://app.paywithextend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-extend-app-id, x-extend-brand, x-extend-platform, x-extend-platform-version
access-control-allow-methods: PATCH,POST,PUT,GET,OPTIONS,DELETE
access-control-allow-origin: https://app.paywithextend.com
access-control-expose-headers: xsrf-token
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
cf-cache-status: DYNAMIC
cf-ray: 85533bb4da6e3a8a-FRA
content-length: 0
date: Wed, 14 Feb 2024 06:25:20 GMT
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-rate-limit-remaining: 499

GET
H2 200 config Show response
api.paywithextend.com/ 3 KB
3 KB 125ms
125ms XHR
application/vnd.paywithextend.v2021-03-12+json 2606:4700:10::ac43:c6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.paywithextend.com/config?locale=en-US

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0afbab5134781e30fcb9d5eeec2e9d7be116227183ed9a47edb0cddfcf40a04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

X-Extend-App-ID: app.paywithextend.com
X-Extend-Platform: web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
X-Extend-Brand: br_2F0trP1UmE59x1ZkNIAqsg
Accept: application/vnd.paywithextend.v2021-03-12+json
Referer: https://app.paywithextend.com/
X-Extend-Platform-Version: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:20 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-rate-limit-remaining: 499
x-xss-protection: 0
pragma: no-cache
server: cloudflare
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/vnd.paywithextend.v2021-03-12+json
access-control-allow-origin: https://app.paywithextend.com
access-control-expose-headers: xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cf-ray: 85533bb76d2a3a8a-FRA
expires: 0

GET
H2 200 unresolved Show response
prox.paywithextend.com/statuspage/ 173 B
730 B 460ms
423ms XHR
application/json 108.138.26.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prox.paywithextend.com/statuspage/unresolved
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-66.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 358142bbe9f405ced77bb4d9e1dc61d1593049c8d0d997f71b2bcfa881a9cc42

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:20 GMT
via: 1.1 ca339b9e98820e424be1609317fd0314.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 173
x-amz-cf-pop: FRA56-P7
x-amzn-requestid: 9dbda932-0192-45e9-81c1-ede920fdef59
x-amzn-remapped-connection: close
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: THNwmFlqoAMEYLQ=
content-length: 173
etag: W/"ad-FN962em8wgDKx86h5U2y8tbDH3w"
x-amzn-trace-id: Root=1-65cc5cd0-2d4dce56370c289b714d6711;Parent=79ddb78bb50d24d6;Sampled=0;lineage=73d32313:0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-remapped-date: Wed, 14 Feb 2024 06:25:20 GMT
x-amz-cf-id: uxR1nGW9O_MEAKIwIscNXQ749O4hWOmqGtDAk6raCW6_ESxa1hCFMQ==

GET
H2 200 settings Show response
sdks.paywithextend.com/v1/projects/j2caJXDlV5RKVZcqbQFITeCywiI1hD8c/ 6 KB
6 KB 63ms
8ms Fetch
application/json 2600:9000:2156:4a00:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/v1/projects/j2caJXDlV5RKVZcqbQFITeCywiI1hD8c/settings
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c2d3775f64789f06c635a127215cf85a9aa31752894377e1638fcc342c6d352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: 0PwjFnkO14edC7FnoRwgOGcpBYg02glq
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront), 1.1 009e5e3e32afcd1d135a7234c9da5520.cloudfront.net (CloudFront)
date: Wed, 14 Feb 2024 03:49:01 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
age: 9380
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 5647
last-modified: Sat, 27 Jan 2024 04:01:45 GMT
server: AmazonS3
etag: "9faaf91df7cee33ac925fbea980bc469"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 26oVqexXTJU3VuOJur95ndNlM29Adls5bIhreKmM9tbRDifS4IsbKA==

GET
H2 200 Cards.8b42b318ea51b8444e581cafc0ddcfe2.png
app-assets.paywithextend.com/ 175 KB
175 KB 9ms
9ms Image
image/png 18.66.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-assets.paywithextend.com/Cards.8b42b318ea51b8444e581cafc0ddcfe2.png
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31670b6f34930da0c4840c00653bde5e20def00aa9ccf20cf2adfb0b6968221f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: hVM0rdAUl1AWwdnY1GSTLCvHLf1suWTY
date: Tue, 13 Feb 2024 10:11:55 GMT
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 21:39:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 72806
x-amz-server-side-encryption: AES256
etag: "5e8813f8d62bfe21e16faf0139f98275"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 178911
x-amz-cf-id: UAqTtwa8omPV8xMSQToXTKRQi5CBODqlI1L2UA25AunMAvxfCYls1w==

GET
H2 200 Budgets.981e040452a269b5ca58b2fd2308c705.png
app-assets.paywithextend.com/ 301 KB
302 KB 9ms
9ms Image
image/png 18.66.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-assets.paywithextend.com/Budgets.981e040452a269b5ca58b2fd2308c705.png
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ea00b845af63d9834e20e6b63fa80b8dfd0db2475c5240d77473af7b6f8700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: Tx.Vj4J.KJvAshDIqjHZLaoIEX2U69pj
date: Tue, 13 Feb 2024 08:57:49 GMT
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
last-modified: Tue, 06 Feb 2024 21:39:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 77252
x-amz-server-side-encryption: AES256
etag: "0620569dfea77ed9e84ac9dc70a63c96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 307995
x-amz-cf-id: R-kFgzhl0csa2A1Dod-WIsMW2OjHjCGn2zmcbNMthA2QYVT1gBTzfQ==

GET
H2 200 PrimaryLogo.svg
brand-assets.paywithextend.com/extend/ 10 KB
4 KB 98ms
8ms Image
image/svg+xml 13.33.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brand-assets.paywithextend.com/extend/PrimaryLogo.svg
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-187-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a6bb0a4639bef59bc8a79695e376fd7a9dc879ae90c5697dd84a8dc52923506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: iOWWSvmxxQqKAxVmkl.7wgL1eO3ZP4tn
content-encoding: gzip
via: 1.1 af1c2193a818b5824fd85ddd651620a8.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 08:57:49 GMT
last-modified: Mon, 07 Dec 2020 22:29:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P9
age: 77252
x-amz-server-side-encryption: AES256
etag: W/"5a6733fdead5ac41308ff52c224e9eb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: hnam_Aj0M0rIZjXDToL41oB5WhP9fsPp_lNycER0oEKO6W7WlZj7Xg==

GET
H2 200 Rubik-Medium.4ddab52b8ff256c808344c15164118c6.ttf
app-assets.paywithextend.com/ 133 KB
63 KB 24ms
8ms Font
font/ttf 18.66.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/Rubik-Medium.4ddab52b8ff256c808344c15164118c6.ttf
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc1dd76abe28078cd5a69ee986ccf3a3d7e74bd95d9fff16db7700daca37dcfb

Request headers

Referer: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Origin: https://app.paywithextend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: CQixzXZGL5wA7Yfh2dZN2TrEd5kTGgCS
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 10:49:57 GMT
x-amz-cf-pop: FRA60-P4
age: 70524
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 07 Feb 2024 20:47:26 GMT
server: AmazonS3
etag: W/"c87313aa86b7caa31a9a0accaa584970"
access-control-max-age: 5000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: https://app.paywithextend.com
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
x-amz-cf-id: B62k3Twdq4D5qoh4T61Y4hHzBwm1yxro-Fu4i99BAy83i_S2ezAwDw==

GET
H2 200 Rubik-Regular.37a4d906e92edcd9484c83065d6a1838.ttf
app-assets.paywithextend.com/ 130 KB
62 KB 31ms
15ms Font
font/ttf 18.66.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/Rubik-Regular.37a4d906e92edcd9484c83065d6a1838.ttf
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c93ef2613d2207307a8e91ceb6719e0c6e313c10e58860bdaca02a849b72b97

Request headers

Referer: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Origin: https://app.paywithextend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: .7MME1KF6k1lYf8jzcRZgPFqQSJKJbVM
content-encoding: gzip
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 08:57:49 GMT
x-amz-cf-pop: FRA60-P4
age: 77252
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 09 Feb 2024 20:41:53 GMT
server: AmazonS3
etag: W/"b3d0902b533ff4c4f1698a2f96ddabab"
access-control-max-age: 5000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: https://app.paywithextend.com
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
x-amz-cf-id: 5UEupGtMNZI6f5ohDff2lKiwSqrX3U9slHT_5YQR0_BIQYk5KxvN9w==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b84d49a1680a97ce2b232d5d0fabfad0ef6be6c4d8f649e1c816be6231aebff1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 14 Feb 2024 06:25:20 GMT

GET
BLOB 200
OK 34b7d7cd-338e-493b-801c-df28d84fede7
https://app.paywithextend.com/ 25 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://app.paywithextend.com/34b7d7cd-338e-493b-801c-df28d84fede7
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 43cdc131815efc85b8d6a2a56c36a60ee068a91228c81d0cc2a6c2e78d6734b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 25813
Content-Type

GET
H2 200 ajs-destination.3cc384d7ca9be1b2a57c.js Show response
app-assets.paywithextend.com/ 9 KB
3 KB 7ms
7ms Script
application/javascript 18.66.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/ajs-destination.3cc384d7ca9be1b2a57c.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e69659c4f74253398b0a7cc8c898f144376a3bbd461e0973837d34178539fea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: mnu5wnz69nle5CeI2.hO0zdT7a0DF3jo
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 14:43:23 GMT
last-modified: Tue, 06 Feb 2024 21:39:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 56518
x-amz-server-side-encryption: AES256
etag: W/"3cd60efc1a6c275173c52a0afa082171"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: mfQgdUGe759v0BtRKGKSq915lgQ0oDa8ALjB0EjNKnwD7OEKvX08Bg==

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/extend-app-stage/ Frame 0
0 53ms
21ms Preflight
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/extend-app-stage/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://app.paywithextend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.paywithextend.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 14 Feb 2024 06:25:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/extend-app-stage/ 626 B
679 B 353ms
352ms Fetch
application/json 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/extend-app-stage/installations

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f402999b1d90e08cae39ad19975e1e5ac810e6d206f5e47cbd2913e472de2655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://app.paywithextend.com/
x-goog-api-key: AIzaSyBrG5GmplxwBeBBnBU2p4o2mHzT_k4Eons
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuOSBmaXJlLWNvcmUtZXNtMjAxNy8wLjkuOSBmaXJlLWpzLyBmaXJlLWpzLWFsbC1hcHAvOS4yMS4wIGZpcmUtaWlkLzAuNi40IGZpcmUtaWlkLWVzbTIwMTcvMC42LjQgZmlyZS1yYy8wLjQuNCBmaXJlLXJjLWVzbTIwMTcvMC40LjQiLCJkYXRlcyI6WyIyMDI0LTAyLTE0Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: application/json

Response headers

date: Wed, 14 Feb 2024 06:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.paywithextend.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 489
x-xss-protection: 0

GET
H2 200 schemaFilter.0c1ed66f693b92eb4304.js Show response
app-assets.paywithextend.com/ 1 KB
1 KB 7ms
7ms Script
application/javascript 18.66.147.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/schemaFilter.0c1ed66f693b92eb4304.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-61.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4988e4d2efb9fdd679216e7a8f5277286947c2ed049ef20286622f8a4638ce93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: BHfKOtlrWUnv6tj9sKu_ikdy4jC4G5tT
content-encoding: gzip
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 14:43:23 GMT
last-modified: Tue, 06 Feb 2024 21:39:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 56518
x-amz-server-side-encryption: AES256
etag: W/"399cdcdfa418810c09a6b915dc3b11c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ik-bMXp-crEGwpn9XJmNjzTyPXPkTRFpM5dVve-NBceqIKYE47VT5g==

GET
H2 200 bfab87631cbcb7d70964.js Show response
sdks.paywithextend.com/next-integrations/actions/google-analytics-4-web/ 190 KB
191 KB 43ms
25ms Script
application/javascript 2600:9000:2156:4a00:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/actions/google-analytics-4-web/bfab87631cbcb7d70964.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbcc12bee438733478bc68281e69f0e6031444c835279466ce3d75dc69b95c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: R.q4B1o9W.cldK7sIK0FcyezROk_Do4n
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 17:14:00 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 194418
last-modified: Fri, 26 Jan 2024 00:42:32 GMT
server: AmazonS3
etag: "04af00a4669e6d93238f8599aa9e0e69"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: K6Bj1yuD9h9gohA-KLwPvoERe6aXioQECekRSSgR7kQncc0tspevQA==

GET
H2 200 907368cb81b4016d3dee.js Show response
sdks.paywithextend.com/next-integrations/actions/userpilot/ 170 KB
170 KB 620ms
602ms Script
application/javascript 2600:9000:2156:4a00:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/actions/userpilot/907368cb81b4016d3dee.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a7f54f3a620022c01ae2f85ae20873b76e4c598375bf0d1e0eff1ab4c82ac9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: YibiaY_5Ncd8Q4mp72H9M52D5vH3Itwi
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date: Wed, 14 Feb 2024 06:25:21 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 173571
last-modified: Fri, 26 Jan 2024 00:42:33 GMT
server: AmazonS3
etag: "adbedeb021e010209ad2cf0aab61be06"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 7YCSXbuPGEKrGh8rBCJQwzXZeoaUCA-YqV4K1CLyNwLWkvyllnHFwg==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 493 KB
197 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.paywithextend.com/
Origin: https://app.paywithextend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 17:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 17:04:10 GMT

GET
H2 200 3afb34170d18de455d37.js Show response
sdks.paywithextend.com/next-integrations/actions/845/ 24 KB
25 KB 19ms
18ms Script
application/javascript 2600:9000:2156:4a00:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/actions/845/3afb34170d18de455d37.js
Requested by: Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/actions/google-analytics-4-web/bfab87631cbcb7d70964.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 04d18bef2807591fc537180f58ede59bc3788ba3817847f2cdf5ec41d8a611d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: HsD9W7j8_kOvkjo7SAH1hu3oW68vMSHh
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date: Wed, 14 Feb 2024 06:25:20 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24637
last-modified: Fri, 26 Jan 2024 00:42:30 GMT
server: AmazonS3
etag: "5343057d1293b492869e57bab8573740"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: H8Pa2SM4KrniJQjF-odNEUss9jpOaUEeYpY7ivXi0dHy7spkhVAgeQ==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 9E87 45 KB
28 KB 31ms
31ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=2tbers162mu7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

13eb4ae211d2604f4953452ee17b90c77dbb7fcfaa0dc2714acd3c50dfd9a3f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--bHKhDdm5ovLATI_QX2ubg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.paywithextend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--bHKhDdm5ovLATI_QX2ubg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Feb 2024 06:25:20 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 9E87 55 KB
24 KB 20ms
6ms Stylesheet
text/css 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=2tbers162mu7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 21:50:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 21:50:01 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 9E87 493 KB
196 KB 24ms
11ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 17:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48070
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200774
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 05:00:25 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 17:04:10 GMT

GET
H3 200 30IlFA3XAUM5vNMlIZlYgTmUqTzEVdbkE81KYb9PzR8.js Show response
www.google.com/js/bg/ Frame 9E87 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/30IlFA3XAUM5vNMlIZlYgTmUqTzEVdbkE81KYb9PzR8.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df4225140dd7014339bcd325219958813994a93cc455d6e413cd4a61bf4fcd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=2tbers162mu7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:13:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76303
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6964
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 09:13:37 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 9E87 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:50:20 GMT
x-content-type-options: nosniff
age: 77700
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 20 Feb 2024 08:50:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9E87 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:50:21 GMT
x-content-type-options: nosniff
age: 77699
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 08:50:21 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9E87 15 KB
15 KB 30ms
9ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 09:09:14 GMT
x-content-type-options: nosniff
age: 76566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 09:09:14 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 9E87 102 B
135 B 15ms
15ms Other
text/javascript 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=2tbers162mu7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 14 Feb 2024 06:25:20 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 9E87 14 KB
10 KB 57ms
57ms XHR
application/json 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dd7fce4b847fe7b8a238088909ebbd8b9ca58409b48528f4da05423a062c68ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=2tbers162mu7
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 14 Feb 2024 06:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 14 Feb 2024 06:25:20 GMT

POST
H2 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/extend-app-stage/namespaces/ 2 KB
1 KB 225ms
225ms Fetch
application/json 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/extend-app-stage/namespaces/firebase:fetch?key=AIzaSyBrG5GmplxwBeBBnBU2p4o2mHzT_k4Eons

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12431199810fcdf0ca3bafda938c0a9cccc735c737e826c44911c5c809f34d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://app.paywithextend.com/
If-None-Match: *
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Feb 2024 06:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-extend-app-stage-firebase-fetch-1640345051
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.paywithextend.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1079
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/extend-app-stage/namespaces/ Frame 0
0 51ms
17ms Preflight
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/extend-app-stage/namespaces/firebase:fetch?key=AIzaSyBrG5GmplxwBeBBnBU2p4o2mHzT_k4Eons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://app.paywithextend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.paywithextend.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 14 Feb 2024 06:25:20 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 google-analytics.dynamic.js.gz Show response
sdks.paywithextend.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 10ms
9ms Script
application/javascript 2600:9000:2156:4a00:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: K4QGNkPJBd_QhAl8Ep7SDksdcNN7fIa5
content-encoding: gzip
via: 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 10:32:46 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
age: 71555
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: GIuYwmGIdvXrImSL3pKiDoxEIen_h01ua_8sSM5d8YZy-xXOelgLWg==

GET
H2 200 linkedin-insight-tag.dynamic.js.gz Show response
sdks.paywithextend.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 2 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:2156:4a00:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: PgMPNrJn4UXeGYnax_P5hY3ZIibnCzEY
content-encoding: gzip
via: 1.1 d357d5d597708d2b41e0fea397aa2620.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 08:14:05 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
age: 79876
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1061
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "9fb524ce2b800e7ddc8a15d53c31c3d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: DgW_ZH9q7qeC2zywoQu4mtoyqNztJR9uV_4lg5C61Y7UbVzJ9hq-Ig==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 49ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN

Requested by

Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/actions/845/3afb34170d18de455d37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0cb9e7a2efe032879231b150947dae8bfc72f4f499851d3624bb54276f0087f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89533
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 06:25:20 GMT

GET
H2 200 latest.js Show response
js.userpilot.io/sdk/ 3 KB
1 KB 54ms
19ms Script
text/javascript 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/latest.js

Requested by

Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/actions/845/3afb34170d18de455d37.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1245c7302c96626ccd8d6ef797a08704d74584645fea981018519a7b01160b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: HBKY6FXG41PVDKR6
age: 117
x-amz-server-side-encryption: AES256
x-amz-id-2: 0a1fi879Oi6bykejafz61I8V+VIZwVYTJXAMHa+Md08Djqbqpvy9QuWPswhdR8wc8Vte/6RqQm8=
cf-bgj: minify
last-modified: Wed, 07 Feb 2024 09:27:45 GMT
server: cloudflare
etag: W/"242a028a2a8ef8ad30376e6b917db634"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=120
cf-ray: 85533bba1e5a35f8-FRA

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
344 B 406ms
215ms Fetch
application/json 2600:1f18:24e6:b900:d6c:b6b4:a9ba:4a7e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.4.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aextend-app&dd-api-key=pubc1cf7ce33c9bde62b8606568406dbc8a&dd-evp-origin-version=5.4.0&dd-evp-origin=browser&dd-request-id=3c41baf2-2e2a-4633-b973-84baf5426118&batch_time=1707891920949

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d6c:b6b4:a9ba:4a7e Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

bc9bbd5136e45d8a7df841f66926c743c3b0a7f9c4ea01a7d44acbe8a46c39b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 06:25:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: 3c41baf2-2e2a-4633-b973-84baf5426118

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
sdks.paywithextend.com/next-integrations/integrations/vendor/ 73 KB
22 KB 9ms
9ms Script
application/javascript 2600:9000:2156:4a00:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4a00:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
content-encoding: gzip
via: 1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront), 1.1 ee6ddabcc69c6aa1c28ad24a4a8f86b2.cloudfront.net (CloudFront)
date: Tue, 13 Feb 2024 10:32:46 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
age: 71554
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Wed, 18 Oct 2023 10:36:32 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: ccdUB1VmHjBPeLqaAM8KDyjtp_d5wfBhnICUgr6rZZAR6A5I0yGZ5g==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Feb 2024 05:48:09 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2231
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 14 Feb 2024 07:48:09 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 43 KB
16 KB 66ms
14ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jan 2024 14:42:29 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=70055
accept-ranges: bytes
content-length: 15732

GET
H2 200 app.js Show response
js.userpilot.io/sdk/version/1.457/ 1 MB
240 KB 18ms
18ms Script
text/javascript 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/version/1.457/app.js

Requested by

Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d042f1823662d2a7abca69d4b6762ee3ce71f5b8159310fa5ee7ae0559d864ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: Y1EKFT3BW9JGERJ9
age: 75437
x-amz-server-side-encryption: AES256
x-amz-id-2: +dmM6PSTZUeYgBcOaCW9SLATLB1ZHlfV7PkmF+npkbbSHO2mOQOptTSgsAJnUctD/RZ5kXc2xXM=
cf-bgj: minify
last-modified: Wed, 07 Feb 2024 09:27:42 GMT
server: cloudflare
etag: W/"fbc1cd4f62b31c4ea8bc09f246fecfa2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 85533bba5e9235f8-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
164 B 15ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1736851838&t=pageview&_s=1&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACgCIAB~&jid=121323195&gjid=1684942780&cid=1469480824.1707891921&tid=UA-99983352-2&_gid=259847041.1707891921&_r=1&_slc=1&z=892590636

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9a97c70378082ab4dced1471b7b1299039402905e3ccb5acccd75d8f6e41d433

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 06:25:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1736851838&t=event&ni=1&_s=2&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20%2F%20Page&ev=0&_u=aEBAAEABAAAAACgCIAD~&jid=&gjid=&cid=1469480824.1707891921&tid=UA-99983352-2&_gid=259847041.1707891921&z=665824403

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 14:33:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57099
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
sa.paywithextend.com/v1/ 21 B
332 B 1193ms
775ms Fetch
application/json 2600:9000:223d:7400:1f:d442:bb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.paywithextend.com/v1/p

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7400:1f:d442:bb40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Feb 2024 06:25:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://app.paywithextend.com
content-length: 21
x-amz-cf-id: d2Ch0pt2p0tG4xCDUwt5pGtaZwpDL5EfM6pDCq51yYNNuO9Qc-pdig==

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1736851838&t=pageview&_s=3&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=%2Fsignin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACgCIAD~&jid=&gjid=&cid=1469480824.1707891921&tid=UA-99983352-2&_gid=259847041.1707891921&z=872067801

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 14:33:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57099
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 8ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1736851838&t=event&ni=1&_s=4&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=%2Fsignin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20%2Fsignin%20Page&ev=0&_u=aEBAAEABAAAAACgCIAD~&jid=&gjid=&cid=1469480824.1707891921&tid=UA-99983352-2&_gid=259847041.1707891921&z=43744096

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Feb 2024 14:33:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 57099
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
sa.paywithextend.com/v1/ 21 B
334 B 1185ms
771ms Fetch
application/json 2600:9000:223d:7400:1f:d442:bb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.paywithextend.com/v1/p

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:7400:1f:d442:bb40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Feb 2024 06:25:22 GMT
strict-transport-security: max-age=31536000
via: 1.1 77ba839b79ec0a8b2031c8a828e7fdfa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://app.paywithextend.com
content-length: 21
x-amz-cf-id: nPbBo-Mk4_omy5o7CyI3nNYJ80g7ubBbtsRjXFFjtExOmCuBLFBlPw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 34ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8W0EQ1D2FN&gtm=45je42c0v883899832za200&_p=1707891920938&_gaz=1&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-US&cid=1469480824.1707891921&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=kA&_s=1&dt=Create%20virtual%20cards%20with%20the%20card%20in%20your%20pocket.%20%7C%20Extend&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&sid=1707891921&sct=1&seg=0&en=Viewed%20%2F%20Page&_fv=1&_ss=1&ep.event_category=All&epn.value=0&tfd=2904
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 06:25:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 67ms
22ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8W0EQ1D2FN&cid=1469480824.1707891921&gtm=45je42c0v883899832za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l2&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 06:25:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 44ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8W0EQ1D2FN&cid=1469480824.1707891921&gtm=45je42c0v883899832za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l2&npa=0&z=1125721412

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 06:25:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1836018%26time%3D1707891921070%26url%3Dhttps%253A%252F%252Fapp.paywithextend.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true&e_ipv6=AQLIWaEDcLy4FgAAAY2mSpM8Kdie51hqS...

0
266 B

210ms
188ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true&e_ipv6=AQLIWaEDcLy4FgAAAY2mSpM8Kdie51hqScYI8SiFZv6YEXix1yEPItGKm8WbhHfb5QI7240
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:21 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: ADCA1D1B044D4B928E195543B5AE649E Ref B: FRAEDGE1414 Ref C: 2024-02-14T06:25:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYRUZNSRCVJ4hh+P0uZZA==

Redirect headers

date: Wed, 14 Feb 2024 06:25:21 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 5DC1EA1299984D0594E9E8DBB987B039 Ref B: FRAEDGE1418 Ref C: 2024-02-14T06:25:21Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1707891921070&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true&e_ipv6=AQLIWaEDcLy4FgAAAY2mSpM8Kdie51hqScYI8SiFZv6YEXix1yEPItGKm8WbhHfb5QI7240
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYRUZNPCIqwhtdboMCT6A==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 56ms
21ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-99983352-2&cid=1469480824.1707891921&jid=121323195&gjid=1684942780&_gid=259847041.1707891921&_u=aEBAAEAAAAAAACgCIAB~&z=15505095

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Feb 2024 06:25:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

587b39ed744e1ad32d3ef6bb60d009fd7f9210087d91ab095d0729519592c554

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91262
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 06:25:21 GMT

GET
H2 200 NX-83c21197 Show response
find.userpilot.io/v1/lookups/ 62 B
534 B 725ms
697ms XHR
application/json 2606:4700::6812:119b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://find.userpilot.io/v1/lookups/NX-83c21197

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:119b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 06:25:21 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: gzip
x-cache: Hit from findex
x-request-id: F7Omp20G_0-2xXsBdTvh
last-modified: Tue, 13 Feb 2024 22:08:43 GMT
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 59999
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-apo-via: origin,host
x-ratelimit-limit: 60000
x-ratelimit-reset: 1707891960000
cf-ray: 85533bbaff2b690d-FRA

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-99983352-2&cid=1469480824.1707891921&jid=121323195&_u=aEBAAEAAAAAAACgCIAB~&z=542329481

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 06:25:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 19ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-99983352-2&cid=1469480824.1707891921&jid=121323195&_u=aEBAAEAAAAAAACgCIAB~&z=542329481

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 06:25:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 202 rum Show response
browser-intake-datadoghq.com/api/v2/ 53 B
343 B 217ms
217ms Fetch
application/json 2600:1f18:24e6:b900:d6c:b6b4:a9ba:4a7e
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://browser-intake-datadoghq.com/api/v2/rum?ddsource=browser&ddtags=sdk_version%3A5.4.0%2Capi%3Afetch%2Cenv%3Aprod%2Cservice%3Aextend-app&dd-api-key=pubc1cf7ce33c9bde62b8606568406dbc8a&dd-evp-origin-version=5.4.0&dd-evp-origin=browser&dd-request-id=a817152f-58c5-4b86-aa54-78b7be6ae2cc&batch_time=1707891921155

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:d6c:b6b4:a9ba:4a7e Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

d2e90fbae696d90811f9ca85ca7329f841ee6e4525870da1414773910ac8fec6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 06:25:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 53
dd-request-id: a817152f-58c5-4b86-aa54-78b7be6ae2cc

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
198 B 186ms
186ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.619216a5924483f564b4.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 06:25:22 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 2239B8AA070143BAA8A489D4F1DF06F6 Ref B: FRAEDGE1418 Ref C: 2024-02-14T06:25:22Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://app.paywithextend.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYRUZNVKujxCgmasIsSDQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 14ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8W0EQ1D2FN&gtm=45je42c0v883899832za200&_p=1707891920938&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-US&cid=1469480824.1707891921&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=kA&_s=2&dt=Create%20virtual%20cards%20with%20the%20card%20in%20your%20pocket.%20%7C%20Extend&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&sid=1707891921&sct=1&seg=0&en=Viewed%20%2Fsignin%20Page&ep.event_category=All&epn.value=0&_et=1&tfd=7911
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 06:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 22:44:03	Name: _GRECAPTCHA Value: 09AH_jfuPS2tc43ouVh8gGahS_Ay7YVqmMOKrGF3h0NnHY3GHRpTAYuhNHOC3eXkpcFkCDnMj2loxO-gFVKD4ASU8
app.paywithextend.com/	1970-01-20 18:24:52	Name: _dd_s Value: rum=1&id=995d3758-e241-4611-adc3-d010858bfee3&created=1707891920050&expire=1707892820054&logs=1
app.paywithextend.com/	1970-01-21 04:00:51	Name: extend_app_jwt_prod Value: undefined
app.paywithextend.com/	1970-01-21 04:00:51	Name: extend_app_refresh_token_prod Value: undefined
app.paywithextend.com/	1970-01-21 04:00:51	Name: extend_app_csp_jwt_prod Value: undefined
app.paywithextend.com/	1970-01-21 04:00:51	Name: extend_app_csp_refresh_token_prod Value: undefined
app.paywithextend.com/	1970-01-21 04:00:51	Name: extend_app_token_id_prod Value: undefined
.paywithextend.com/	1970-01-21 03:10:27	Name: ajs_anonymous_id Value: 79e5d91b-b4b8-48fc-9a06-974cafd638e0
.paywithextend.com/	1970-01-20 18:26:18	Name: _gid Value: GA1.2.259847041.1707891921
.paywithextend.com/	1970-01-20 18:24:51	Name: _gat Value: 1
.paywithextend.com/	1970-01-21 04:00:51	Name: _ga Value: GA1.1.1469480824.1707891921
.paywithextend.com/	1970-01-21 04:00:51	Name: _ga_8W0EQ1D2FN Value: GS1.1.1707891921.1.0.1707891921.60.0.0
.linkedin.com/	1970-01-20 20:34:27	Name: li_sugr Value: 08cfbe0d-f213-4bcf-9445-f63c96973628
.linkedin.com/	1970-01-21 03:10:27	Name: bcookie Value: "v=2&829901b0-cb6e-4a80-89be-0b1388267120"
.linkedin.com/	1970-01-20 18:26:18	Name: lidc Value: "b=OGST07:s=O:r=O:a=O:p=O:g=2759:u=1:x=1:i=1707891921:t=1707978321:v=2:sig=AQGlFb5D5tT-gnfIOPo-v2F0tDIr1FSl"
.linkedin.com/	1970-01-20 19:08:03	Name: UserMatchHistory Value: AQJegj7CKp_VKgAAAY2mSpHMfsKq8JFwM6NYeMCAeXM5ZJGXXeCsYOoLkEgwJJJtAdIskVjQsvuoIQ
.linkedin.com/	1970-01-20 19:08:03	Name: AnalyticsSyncHistory Value: AQK9gGc1sLT1SQAAAY2mSpHNmVaVgOge0l4sJDR5hqc1bJxqCm56ywW02Zu5ZlwPp1jVzt5UnXLT5jOURdlEJg
.www.linkedin.com/	1970-01-21 03:10:27	Name: bscookie Value: "v=1&20240214062521632166a7-f50d-4f86-86b9-b254e584127dAQFLPouflwuc6Ej1opsRXqGrRCCnNUTR"
.linkedin.com/	1970-01-20 22:44:03	Name: li_gc Value: MTswOzE3MDc4OTE5MjE7MjswMjGJa8dNViWjiuvg+ThmwvuGo4YYVndOV4Xrn1exBvM/cw==

37 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://app.paywithextend.com/signin Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'nonce-6PHPAXp-X0ZCkXEHoAsqKB8YjZYPQzjv' paywithextend.com .paywithextend.com cdn.segment.com cdn.plaid.com connect.facebook.net www.google-analytics.com snap.licdn.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com/ http://964-YBI-786.mktoweb.com/ http://munchkin.marketo.net/161/munchkin.js https://js.userpilot.io/ http://js.userpilot.io/ https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js .codat.io *.intercom.io js.intercomcdn.com; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.paywithextend.com
app-assets.paywithextend.com
app.paywithextend.com
brand-assets.paywithextend.com
browser-intake-datadoghq.com
find.userpilot.io
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.gstatic.com
js.userpilot.io
prox.paywithextend.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sa.paywithextend.com
sdks.paywithextend.com
snap.licdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
108.138.26.66
13.107.42.14
13.33.187.26
18.66.147.61
2001:4860:4802:34::36
2600:1f18:24e6:b900:d6c:b6b4:a9ba:4a7e
2600:9000:2156:4a00:6:f240:b1c0:93a1
2600:9000:223d:7400:1f:d442:bb40:93a1
2606:4700:10::6816:4883
2606:4700:10::ac43:c6d
2606:4700::6812:109b
2606:4700::6812:119b
2620:1ec:21::14
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9b
2a02:26f0:480:f::213:7edd
04d18bef2807591fc537180f58ede59bc3788ba3817847f2cdf5ec41d8a611d0
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
0afbab5134781e30fcb9d5eeec2e9d7be116227183ed9a47edb0cddfcf40a04e
0c93ef2613d2207307a8e91ceb6719e0c6e313c10e58860bdaca02a849b72b97
0cb9e7a2efe032879231b150947dae8bfc72f4f499851d3624bb54276f0087f5
12431199810fcdf0ca3bafda938c0a9cccc735c737e826c44911c5c809f34d46
1245c7302c96626ccd8d6ef797a08704d74584645fea981018519a7b01160b4d
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13eb4ae211d2604f4953452ee17b90c77dbb7fcfaa0dc2714acd3c50dfd9a3f7
15440dc9b45240d256ceac25efd245ce5de70cf8ecc921e36d456e2bb97013d2
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49
31670b6f34930da0c4840c00653bde5e20def00aa9ccf20cf2adfb0b6968221f
358142bbe9f405ced77bb4d9e1dc61d1593049c8d0d997f71b2bcfa881a9cc42
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43cdc131815efc85b8d6a2a56c36a60ee068a91228c81d0cc2a6c2e78d6734b8
4988e4d2efb9fdd679216e7a8f5277286947c2ed049ef20286622f8a4638ce93
4a6bb0a4639bef59bc8a79695e376fd7a9dc879ae90c5697dd84a8dc52923506
4d41a18d04533590d7399ff6a60d167d4d013e62aefc527714a77732a357e0ca
587b39ed744e1ad32d3ef6bb60d009fd7f9210087d91ab095d0729519592c554
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7c2d3775f64789f06c635a127215cf85a9aa31752894377e1638fcc342c6d352
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a7f54f3a620022c01ae2f85ae20873b76e4c598375bf0d1e0eff1ab4c82ac9f
9a97c70378082ab4dced1471b7b1299039402905e3ccb5acccd75d8f6e41d433
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b5474d3ed408366dcebededf5c987f44b43b389137272c282c6c972852a14fc0
b84d49a1680a97ce2b232d5d0fabfad0ef6be6c4d8f649e1c816be6231aebff1
bc9bbd5136e45d8a7df841f66926c743c3b0a7f9c4ea01a7d44acbe8a46c39b6
cbcc12bee438733478bc68281e69f0e6031444c835279466ce3d75dc69b95c62
cc1dd76abe28078cd5a69ee986ccf3a3d7e74bd95d9fff16db7700daca37dcfb
d042f1823662d2a7abca69d4b6762ee3ce71f5b8159310fa5ee7ae0559d864ea
d2e90fbae696d90811f9ca85ca7329f841ee6e4525870da1414773910ac8fec6
d4ea00b845af63d9834e20e6b63fa80b8dfd0db2475c5240d77473af7b6f8700
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
dd7fce4b847fe7b8a238088909ebbd8b9ca58409b48528f4da05423a062c68ba
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df4225140dd7014339bcd325219958813994a93cc455d6e413cd4a61bf4fcd1f
e2bbb7f3961561d5849cefaaf5afee93dea6657bc9dc56cc270b3b856a0333d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69659c4f74253398b0a7cc8c898f144376a3bbd461e0973837d34178539fea3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f402999b1d90e08cae39ad19975e1e5ac810e6d206f5e47cbd2913e472de2655
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

app.paywithextend.com Open in urlscan Pro 2606:4700:10::ac43:c6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

60 Requests

97 %HTTPS

82 %IPv6

12 Domains

24 Subdomains

22 IPs

3 Countries

12424 kBTransfer

14673 kBSize

19 Cookies

3 Outgoing links

Page URL History

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.paywithextend.com Open in urlscan Pro
2606:4700:10::ac43:c6d Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

97 %
HTTPS

82 %
IPv6

12
Domains

24
Subdomains

22
IPs

3
Countries

12424 kB
Transfer

14673 kB
Size

19
Cookies

60 HTTP transactions
0 data transactions