auth-staging.paystubs.com Open in urlscan Pro
2606:4700::6813:a818 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Effective URL:
https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNz...
Submission: On December 06 via automatic, source certstream-suspicious (December 6th 2023, 10:10:07 am UTC) — Scanned from DE

Summary HTTP 256 Redirects Behaviour Indicators

Summary

This website contacted 73 IPs in 7 countries across 58 domains to perform 256 HTTP transactions. The main IP is 2606:4700::6813:a818, located in United States and belongs to CLOUDFLARENET, US. The main domain is auth-staging.paystubs.com.
TLS certificate: Issued by E1 on November 26th 2023. Valid for: 3 months.

This is the only time auth-staging.paystubs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	35.192.42.214 35.192.42.214	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 11	18.239.69.69 18.239.69.69	16509 (AMAZON-02) (AMAZON-02)
3	2400:52e0:1e0... 2400:52e0:1e00::1080:1	200325 (BUNNYCDN) (BUNNYCDN)
5	35.201.112.186 35.201.112.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
9	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
3	2400:52e0:1e0... 2400:52e0:1e00::1082:1	200325 (BUNNYCDN) (BUNNYCDN)
4	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 9	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	23.38.98.28 23.38.98.28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
16	34.196.69.230 34.196.69.230	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
2	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
1	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	35.193.123.107 35.193.123.107	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.76.53.164 54.76.53.164	16509 (AMAZON-02) (AMAZON-02)
1	34.240.123.193 34.240.123.193	16509 (AMAZON-02) (AMAZON-02)
11	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
53 55	18.239.36.32 18.239.36.32	16509 (AMAZON-02) (AMAZON-02)
1 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
4	3.69.41.2 3.69.41.2	16509 (AMAZON-02) (AMAZON-02)
2	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2a02:26f0:480... 2a02:26f0:480:c::210:f190	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
4	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	34.248.234.146 34.248.234.146	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2600:1f18:612... 2600:1f18:612b:4280:bda1:9df6:36cc:93	14618 (AMAZON-AES) (AMAZON-AES)
2	2.19.216.27 2.19.216.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	3.68.140.79 3.68.140.79	16509 (AMAZON-02) (AMAZON-02)
2	185.86.138.150 185.86.138.150	201081 (SMARTADSE...) (SMARTADSERVER)
2	2.19.104.4 2.19.104.4	16625 (AKAMAI-AS) (AKAMAI-AS)
2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	54.246.5.75 54.246.5.75	16509 (AMAZON-02) (AMAZON-02)
1 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.50.201.227 52.50.201.227	16509 (AMAZON-02) (AMAZON-02)
2	54.76.156.92 54.76.156.92	16509 (AMAZON-02) (AMAZON-02)
2	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.125.15.233 3.125.15.233	16509 (AMAZON-02) (AMAZON-02)
2	44.219.110.252 44.219.110.252	14618 (AMAZON-AES) (AMAZON-AES)
1 3	2606:4700::68... 2606:4700::6813:a818	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.55.95.216 162.55.95.216	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.65.219.229 172.65.219.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	35.186.194.58 35.186.194.58	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a06:98c1:320... 2a06:98c1:3200::90:1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
23	143.204.215.55 143.204.215.55	16509 (AMAZON-02) (AMAZON-02)
7	18.66.112.13 18.66.112.13	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:244... 2600:9000:2449:7400:10:474e:104a:2961	16509 (AMAZON-02) (AMAZON-02)
2	34.160.124.226 34.160.124.226	15169 (GOOGLE) (GOOGLE)
1 2	34.102.166.132 34.102.166.132	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	124.146.153.170 124.146.153.170	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
1 1	54.211.0.120 54.211.0.120	14618 (AMAZON-AES) (AMAZON-AES)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	172.65.232.43 172.65.232.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.152.143.207 52.152.143.207	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.239.50.89 18.239.50.89	16509 (AMAZON-02) (AMAZON-02)
1	76.223.64.65 76.223.64.65	16509 (AMAZON-02) (AMAZON-02)
2	108.156.60.102 108.156.60.102	16509 (AMAZON-02) (AMAZON-02)
256	73

4 35.192.42.214 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 214.42.192.35.bc.googleusercontent.com

pcom-react-bhautik-billing-plan.react-dev.paystubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.239.69.69 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-69-69.ams58.r.cloudfront.net

widget.freshworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)

cl.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4505159641530368.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2400:52e0:1e00::1082:1 (Germany)

ASN200325 (BUNNYCDN, SI)

dntcl.qualaroo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.38.98.28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-38-98-28.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 34.196.69.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-69-230.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.91 (United States)

ASN54113 (FASTLY, US)

static.woopra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.76.21.22 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.nivaai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.193.123.107 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.123.193.35.bc.googleusercontent.com

gtm.paystubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.53.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

merchant-ui-api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.123.193 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: api-34-240-123-193.stripe.com

api.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

55 18.239.36.32 (United States) 53 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-239-36-32.ams58.r.cloudfront.net

api.nivaai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.69.41.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:c::210:f190 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.234.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-234-146.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4280:bda1:9df6:36cc:93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.216.27 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-216-27.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.140.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.104.4 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-104-4.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.5.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-5-75.eu-west-1.compute.amazonaws.com

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.201.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-201-227.eu-west-1.compute.amazonaws.com

partner.mediawallahscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.156.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-156-92.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.15.233 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-15-233.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.219.110.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-110-252.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:a818 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth-staging.paystubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.95.216 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.216.95.55.162.clients.your-server.de

www.woopra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
forms-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.219.229 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com

rs.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3200::90:1 (United States)

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 143.204.215.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-55.fra53.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.66.112.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-13.fra56.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2449:7400:10:474e:104a:2961 (United States)

ASN16509 (AMAZON-02, US)

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.160.124.226 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 226.124.160.34.bc.googleusercontent.com

cdn-static.paystubs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.166.132 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 132.166.102.34.bc.googleusercontent.com

ad.tpmn.co.kr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.tpmn.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.170 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.211.0.120 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-0-120.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

o.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.239.50.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-50-89.ams58.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.64.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: a44946a9dd66b7704.awsglobalaccelerator.com

paystubs-help.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.156.60.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-102.ams1.r.cloudfront.net

738093812852724.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	nivaai.com 53 redirects www.nivaai.com — Cisco Umbrella Rank: 396739 api.nivaai.com — Cisco Umbrella Rank: 353587	29 KB
42	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 10948 assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 16394 paystubs-help.freshchat.com 738093812852724.webpush.freshchat.com	1 MB
23	stripe.com js.stripe.com — Cisco Umbrella Rank: 1282 q.stripe.com — Cisco Umbrella Rank: 7730 merchant-ui-api.stripe.com — Cisco Umbrella Rank: 5257 api.stripe.com — Cisco Umbrella Rank: 12455 r.stripe.com — Cisco Umbrella Rank: 3529	481 KB
11	freshworks.com 1 redirects widget.freshworks.com — Cisco Umbrella Rank: 16096	142 KB
11	paystubs.com 1 redirects pcom-react-bhautik-billing-plan.react-dev.paystubs.com gtm.paystubs.com auth-staging.paystubs.com cdn-static.paystubs.com	2 MB
10	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 617	296 KB
9	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 329 c.bing.com — Cisco Umbrella Rank: 228	31 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 796 c.clarity.ms — Cisco Umbrella Rank: 1377 o.clarity.ms — Cisco Umbrella Rank: 7310 Failed	54 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	675 KB
8	fullstory.com edge.fullstory.com — Cisco Umbrella Rank: 2024 rs.fullstory.com — Cisco Umbrella Rank: 2033	211 KB
7	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 13416	332 KB
6	adnxs.com 4 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
6	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	7 KB
6	qualaroo.com cl.qualaroo.com — Cisco Umbrella Rank: 8726 dntcl.qualaroo.com — Cisco Umbrella Rank: 10558	167 KB
4	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 27654 forms-eu1.hscollectedforms.net — Cisco Umbrella Rank: 28279	50 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6765	691 B
4	google.com www.google.com — Cisco Umbrella Rank: 2	691 B
4	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	1 KB
4	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	581 B
4	woopra.com static.woopra.com — Cisco Umbrella Rank: 48908 www.woopra.com — Cisco Umbrella Rank: 38370	26 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	177 KB
4	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	26 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1462	2 KB
2	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 6793	50 KB
2	hubapi.com api-eu1.hubapi.com — Cisco Umbrella Rank: 24856	2 KB
2	hubspot.com track-eu1.hubspot.com — Cisco Umbrella Rank: 16152	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	239 B
2	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	894 B
2	hsadspixel.net js-eu1.hsadspixel.net — Cisco Umbrella Rank: 23532	6 KB
2	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 15614	42 KB
2	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 15405	37 KB
2	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 936	843 B
2	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1074	2 KB
2	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 10023	359 B
2	360yield.com ad.360yield.com — Cisco Umbrella Rank: 666	397 B
2	mediawallahscript.com partner.mediawallahscript.com — Cisco Umbrella Rank: 2295	450 B
2	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 656	769 B
2	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	163 B
2	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	279 B
2	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2120	326 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 622	326 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	69 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	478 B
2	media.net contextual.media.net — Cisco Umbrella Rank: 665	1 KB
2	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2462	677 B
2	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1460	197 B
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2331	75 B
2	clmbtech.com ade.clmbtech.com — Cisco Umbrella Rank: 2794	518 B
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 689	290 B
2	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 14564	2 KB
1	hsforms.com forms-eu1.hsforms.com — Cisco Umbrella Rank: 29802	1016 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 331	149 B
1	tpmn.co.kr 1 redirects ad.tpmn.co.kr — Cisco Umbrella Rank: 3041	212 B
1	freshworksapi.com rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 10413 Failed	25 KB
1	liadm.com i.liadm.com — Cisco Umbrella Rank: 517 Failed	560 B
1	socdm.com tg.socdm.com — Cisco Umbrella Rank: 1450 Failed	659 B
1	tpmn.io ad.tpmn.io — Cisco Umbrella Rank: 5581 Failed	614 B
1	sentry.io o4505159641530368.ingest.sentry.io	324 B
256	58

	Domain	Requested by
55	api.nivaai.com	53 redirects pcom-react-bhautik-billing-plan.react-dev.paystubs.com
23	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
16	wchat.freshchat.com	www.googletagmanager.com wchat.freshchat.com pcom-react-bhautik-billing-plan.react-dev.paystubs.com assetscdn-wchat.freshchat.com
11	r.stripe.com	js.stripe.com
11	widget.freshworks.com	1 redirects pcom-react-bhautik-billing-plan.react-dev.paystubs.com widget.freshworks.com
10	analytics.tiktok.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com analytics.tiktok.com
9	js.stripe.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com js.stripe.com
8	www.googletagmanager.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com www.googletagmanager.com js-eu1.hsadspixel.net auth-staging.paystubs.com
7	uploads-ssl.webflow.com	auth-staging.paystubs.com
6	bat.bing.com	www.googletagmanager.com bat.bing.com auth-staging.paystubs.com
5	edge.fullstory.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com edge.fullstory.com
4	www.clarity.ms	bat.bing.com www.clarity.ms
4	www.google.de	auth-staging.paystubs.com
4	www.google.com	auth-staging.paystubs.com
4	dis.criteo.com	auth-staging.paystubs.com
4	x.bidswitch.net	auth-staging.paystubs.com
4	googleads.g.doubleclick.net	www.googletagmanager.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net
4	snap.licdn.com	www.googletagmanager.com snap.licdn.com
4	pcom-react-bhautik-billing-plan.react-dev.paystubs.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com
3	rs.fullstory.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com edge.fullstory.com
3	auth-staging.paystubs.com	1 redirects pcom-react-bhautik-billing-plan.react-dev.paystubs.com edge.fullstory.com
3	c.bing.com	1 redirects auth-staging.paystubs.com
3	r.casalemedia.com	1 redirects auth-staging.paystubs.com
3	ib.adnxs.com	3 redirects
3	secure.adnxs.com	1 redirects auth-staging.paystubs.com
3	dntcl.qualaroo.com	cl.qualaroo.com
3	cl.qualaroo.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com www.googletagmanager.com
2	738093812852724.webpush.freshchat.com	wchat.freshchat.com 738093812852724.webpush.freshchat.com
2	cdn-static.paystubs.com	auth-staging.paystubs.com
2	cdn.auth0.com	auth-staging.paystubs.com
2	o.clarity.ms	pcom-react-bhautik-billing-plan.react-dev.paystubs.com www.clarity.ms edge.fullstory.com
2	c.clarity.ms	1 redirects
2	api-eu1.hubapi.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com js-eu1.hsadspixel.net
2	track-eu1.hubspot.com
2	forms-eu1.hscollectedforms.net	pcom-react-bhautik-billing-plan.react-dev.paystubs.com js-eu1.hscollectedforms.net
2	www.facebook.com	auth-staging.paystubs.com
2	px.ads.linkedin.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com snap.licdn.com
2	js-eu1.hsadspixel.net	js-eu1.hs-scripts.com
2	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
2	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
2	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
2	www.woopra.com	static.woopra.com
2	jadserve.postrelease.com	auth-staging.paystubs.com
2	exchange.mediavine.com	auth-staging.paystubs.com
2	matching.ivitrack.com	auth-staging.paystubs.com
2	ad.360yield.com	auth-staging.paystubs.com
2	partner.mediawallahscript.com	auth-staging.paystubs.com
2	visitor.omnitagjs.com	auth-staging.paystubs.com
2	ups.analytics.yahoo.com	auth-staging.paystubs.com
2	eb2.3lift.com	auth-staging.paystubs.com
2	criteo-sync.teads.tv	auth-staging.paystubs.com
2	rtb-csync.smartadserver.com	auth-staging.paystubs.com
2	match.sharethrough.com	auth-staging.paystubs.com
2	pixel.rubiconproject.com	auth-staging.paystubs.com
2	contextual.media.net	auth-staging.paystubs.com
2	criteo-partners.tremorhub.com	auth-staging.paystubs.com
2	sync-t1.taboola.com	auth-staging.paystubs.com
2	sync-criteo.ads.yieldmo.com	auth-staging.paystubs.com
2	cm.g.doubleclick.net	2 redirects
2	ade.clmbtech.com	auth-staging.paystubs.com
2	sync.outbrain.com	auth-staging.paystubs.com
2	gtm.paystubs.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com edge.fullstory.com
2	www.nivaai.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com
2	static.woopra.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com
2	js-eu1.hs-scripts.com	www.googletagmanager.com
1	paystubs-help.freshchat.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com
1	forms-eu1.hsforms.com	auth-staging.paystubs.com
1	match.adsrvr.org	auth-staging.paystubs.com
1	ad.tpmn.co.kr	1 redirects
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	i.liadm.com
1	tg.socdm.com	auth-staging.paystubs.com
1	ad.tpmn.io	auth-staging.paystubs.com
1	api.stripe.com	js.stripe.com
1	merchant-ui-api.stripe.com	js.stripe.com
1	q.stripe.com	pcom-react-bhautik-billing-plan.react-dev.paystubs.com
1	o4505159641530368.ingest.sentry.io	pcom-react-bhautik-billing-plan.react-dev.paystubs.com
256	78

This site contains no links.

Subject Issuer	Validity	Valid
pcom-react-bhautik-billing-plan.react-dev.paystubs.com R3	`2023-12-06` - `2024-03-05`	3 months	crt.sh
cl.qualaroo.com R3	`2023-11-17` - `2024-02-15`	3 months	crt.sh
*.freshworks.com Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2023-11-14` - `2024-02-12`	3 months	crt.sh
ingest.sentry.io DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-02` - `2024-12-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
dntcl.qualaroo.com R3	`2023-11-26` - `2024-02-24`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-14` - `2023-12-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.freshchat.com Amazon RSA 2048 M01	`2023-02-21` - `2024-03-21`	a year	crt.sh
static.woopra.com R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
www.nivaai.com R3	`2023-10-23` - `2024-01-21`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
gtm.paystubs.com R3	`2023-10-19` - `2024-01-17`	3 months	crt.sh
api.stripe.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
api.nivaai.com Amazon RSA 2048 M01	`2023-02-23` - `2024-03-23`	a year	crt.sh
auth-staging.paystubs.com E1	`2023-11-26` - `2024-02-24`	3 months	crt.sh
woopra.com R3	`2023-10-15` - `2024-01-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
rs.fullstory.com GTS CA 1D4	`2023-11-10` - `2024-02-08`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
freshchat.com Amazon RSA 2048 M02	`2023-07-05` - `2024-08-01`	a year	crt.sh
uploads-ssl.webflow.com Amazon RSA 2048 M02	`2023-07-29` - `2024-08-26`	a year	crt.sh
*.auth0.com Amazon RSA 2048 M01	`2023-02-24` - `2024-03-24`	a year	crt.sh
cdn-static.paystubs.com GTS CA 1D4	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
freshworksapi.com Amazon RSA 2048 M01	`2023-02-20` - `2024-01-16`	a year	crt.sh
*.wchat.webpush.myfreshworks.com Amazon RSA 2048 M01	`2023-06-21` - `2024-07-18`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Frame ID: 83E3596EEC8D75644731FBD9B4C41F44
Requests: 187 HTTP requests in this frame

Frame: https://widget.freshworks.com/widgetBase/widget.js
Frame ID: 39D31F3159D9012E341DA41EC61C005A
Requests: 7 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: F87D33FF793B03FD324BCE982B200EDF
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html
Frame ID: 99AFE4993C108413B76EB3BE067C7121
Requests: 20 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 4FAF3AEF460CAB60B85ECA4CE8255EA6
Requests: 1 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=bd0364fa-d424-407a-b9d3-de0b797de041&origin=https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
Frame ID: 19DF03607B83E140CC8DB298A21706FA
Requests: 2 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true
Frame ID: 1FF43553B4CC74AE630248A1D90040B6
Requests: 10 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=bd0364fa-d424-407a-b9d3-de0b797de041&origin=https://auth-staging.paystubs.com
Frame ID: 9DC5E05312FCC1B67DD6D2AE854622E3
Requests: 2 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Frame ID: 98EFE17CCD76A278BB47A3EDF6983733
Requests: 23 HTTP requests in this frame

Frame: https://dntcl.qualaroo.com/frame.html
Frame ID: 2E9E1B78D329A1EB04C8BB677F5C8B9A
Requests: 1 HTTP requests in this frame

Frame: https://738093812852724.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t
Frame ID: 8F50E5DF2B72200D11E838E78C36AC65
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In with Auth0

Page URL History Show full URLs

https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/ Page URL
https://auth-staging.paystubs.com/authorize?client_id=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&scope=openid+profile+em... HTTP 302
https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3Rp... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Auth0 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Woopra (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.woopra\.com

Page Statistics

256
Requests

73 %
HTTPS

23 %
IPv6

58
Domains

78
Subdomains

73
IPs

7
Countries

6128 kB
Transfer

16772 kB
Size

68
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/ Page URL
https://auth-staging.paystubs.com/authorize?client_id=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&state=NDdzWER6REhIblJ5MH45NlBNQkVlR3d%2BUFRmYk5HcVhjTWJrSDVKV1VwLg%3D%3D&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D HTTP 302
https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://widget.freshworks.com/widgets/150000003233.js HTTP 301
https://widget.freshworks.com/widgetBase/bootstrap.js

Request Chain 55

https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://secure.adnxs.com/setuid?entity=52&code=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 56

https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://x.bidswitch.net/sync?dsp_id=46&user_id=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30

Request Chain 57

https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://sync.outbrain.com/cookie-sync?p=niva&uid=9c73551b-ac6c-4367-a586-2f78d9726379&initiator=partner

Request Chain 58

https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 59

https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 60

https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://x.bidswitch.net/sync?dsp_id=46&user_id=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30

Request Chain 61

https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=9c73551b-ac6c-4367-a586-2f78d9726379&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=9c73551b-ac6c-4367-a586-2f78d9726379&google_gid=CAESEOoCszYT1lp2WwXgnhaKqtI&google_cver=1&google_ula=913071,0

Request Chain 62

https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3084315670550885527

Request Chain 63

https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://sync-criteo.ads.yieldmo.com/sync?id=9c73551b-ac6c-4367-a586-2f78d9726379&pn_id=criteo&ext=1

Request Chain 64

https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 65

https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://criteo-partners.tremorhub.com/sync?UICR=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 66

https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 67

https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30

Request Chain 68

https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 69

https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 70

https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://criteo-sync.teads.tv/um?eid=80&uid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 71

https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=9c73551b-ac6c-4367-a586-2f78d9726379&dongle=013b

Request Chain 72

https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 73

https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 74

https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 75

https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379&C=1

Request Chain 76

https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=9c73551b-ac6c-4367-a586-2f78d9726379&custom=&tag_format=img&tag_action=sync&cb=

Request Chain 77

https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 78

https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://matching.ivitrack.com/sync?realm=niva&uid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 79

https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 303
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=9c73551b-ac6c-4367-a586-2f78d9726379&_li_chk=true&previous_uuid=2e0361f59b5a482e82ffa78233530f6a

Request Chain 80

https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 81

https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 82

https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=9c73551b-ac6c-4367-a586-2f78d9726379 HTTP 302
https://jadserve.postrelease.com/suid/1017?vk=9c73551b-ac6c-4367-a586-2f78d9726379

Request Chain 115

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0E4AF66792A746B1B11FD531001A87C5&RedC=c.clarity.ms&MXFR=1902FB48778A6A0B35EDE897738A64F8 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0E4AF66792A746B1B11FD531001A87C5&MUID=2EF978ADDC3A6E3326596B72DDB16F19

Request Chain 163

https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://secure.adnxs.com/setuid?entity=52&code=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 164

https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=46&user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30

Request Chain 165

https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://sync.outbrain.com/cookie-sync?p=niva&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&initiator=partner

Request Chain 166

https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 167

https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 168

https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://x.bidswitch.net/sync?dsp_id=46&user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30

Request Chain 169

https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&google_gid=CAESEOoCszYT1lp2WwXgnhaKqtI&google_cver=1&google_ula=913071,0

Request Chain 170

https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5888799030065900167

Request Chain 171

https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://sync-criteo.ads.yieldmo.com/sync?id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&pn_id=criteo&ext=1

Request Chain 172

https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 173

https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://criteo-partners.tremorhub.com/sync?UICR=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 174

https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 175

https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30

Request Chain 176

https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 177

https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 178

https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://criteo-sync.teads.tv/um?eid=80&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 179

https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&dongle=013b

Request Chain 180

https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 181

https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 182

https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 183

https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 184

https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&custom=&tag_format=img&tag_action=sync&cb=

Request Chain 185

https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 186

https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://matching.ivitrack.com/sync?realm=niva&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 187

https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 303
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

Request Chain 188

https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 189

https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Request Chain 190

https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8 HTTP 302
https://jadserve.postrelease.com/suid/1017?vk=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

256 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
pcom-react-bhautik-billing-plan.react-dev.paystubs.com/ 3 KB
3 KB 369ms
114ms Document
text/html 35.192.42.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.192.42.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.42.192.35.bc.googleusercontent.com

Software

Resource Hash

44f91ba008e71c7c2443ded8af0b28115d101d6228f2cf402f0218c91c3e7919

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 2715
content-type: text/html
date: Wed, 06 Dec 2023 10:09:59 GMT
etag: "65704763-a9b"
last-modified: Wed, 06 Dec 2023 10:05:23 GMT
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2

200

bootstrap.js Show response
widget.freshworks.com/widgetBase/
Redirect Chain

https://widget.freshworks.com/widgets/150000003233.js
https://widget.freshworks.com/widgetBase/bootstrap.js

9 KB
4 KB

15ms
15ms

Script
application/javascript

18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/bootstrap.js
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H2
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: efd15c214dd7af23d3a1c8df699cfcac47b583c70aa96d30abb3b0c213d1b0fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 2.zfzougPuNpr9Z8796LcQCYM6YBOFXq
content-encoding: gzip
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 10:03:03 GMT
last-modified: Mon, 16 Oct 2023 08:32:46 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 419
etag: W/"2f6b008e504672efa6327f78a1958b63"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: dqTXBQXcKhbAP0bn2q8qzMK-LVm7JBPFV2FjANKxEVTSP-7Bhe0WcA==

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
server: AmazonS3
x-amz-cf-pop: AMS58-P4
x-cache: Miss from cloudfront
location: /widgetBase/bootstrap.js
content-length: 0
x-amz-cf-id: x5gNgNrur4e6GEYP6u2Biucrd0eFQNfT_JJqj-yXWjKNQXit0P3QhA==

GET
H2 200 index-jOdbRKN_.js Show response
pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/ 2 MB
2 MB 230ms
230ms Script
application/javascript 35.192.42.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.192.42.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.42.192.35.bc.googleusercontent.com

Software

Resource Hash

e9916b7ea5a194cb444a45801fe85ba6e328ab0afd9194da82461e16059834c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 06 Dec 2023 10:05:23 GMT
accept-ranges: bytes
etag: "65704763-18876f"
content-length: 1607535
content-type: application/javascript

GET
H2 200 index-5Dy8o7o6.css
pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/ 90 KB
91 KB 114ms
114ms Stylesheet
text/css 35.192.42.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-5Dy8o7o6.css

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.192.42.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.42.192.35.bc.googleusercontent.com

Software

Resource Hash

e555979fe2948f7bda9f457c4121bcbbc7fbc00e2779932ef143638753ff51ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 06 Dec 2023 10:05:23 GMT
accept-ranges: bytes
etag: "65704763-169a1"
content-length: 92577
content-type: text/css

GET
H2 200 jkd.js Show response
cl.qualaroo.com/ki.js/83441/ 174 KB
55 KB 61ms
12ms Script
application/ecmascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 12c15d09c171fb3d000989e553e09f267ca5ddfec2827ba4f7620015df8e0225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:59 GMT
content-encoding: gzip
cdn-edgestorageid: 1081
x-amz-request-id: KYD1R0HFE3DX8DMY
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/02/2023 22:05:04
cdn-pullzone: 92714
x-amz-id-2: L51GHlttXazxB07Tv6JABHegVQxlqef69nzv0us0emXtb8RCaAvFivt+pUnjzJdhb46gIMRtd+s=
last-modified: Mon, 30 Oct 2023 11:44:00 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "bc8596cb14d803019e5d5accd3bfc9f8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/ecmascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=0, s-maxage=3600
cdn-requestid: 73566847f34b6272669cdbe301e22940
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 150000003233.json Show response
widget.freshworks.com/widgets/ 1 KB
1 KB 309ms
283ms XHR
application/json 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgets/150000003233.json?randomId=0.13789565974934925
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/150000003233.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20beff9c8aad2f98db1451d2d71b6ae4ef15c00ab8754c80509597a3d2581f45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
x-amz-version-id: hkOu0UziOhlRfIqkeDQ_ajkg26xvDoW0
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:51:48 GMT
server: AmazonS3
via: 1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
etag: W/"7cb6b62bfdfdfff40781528f5a843115"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: E7zQQxYnHFVOTEqGwE3wlUxc50WhoujLnlubDOh-ddMfSJKhh3LLwg==

GET
H2 200 frame.d7ae132c.css
widget.freshworks.com/widgetBase/static/media/ 1 KB
890 B 13ms
13ms Stylesheet
text/css 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/static/media/frame.d7ae132c.css
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/150000003233.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:33:03 GMT
content-encoding: gzip
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
x-amz-version-id: C5CeZZyDDKSZNP0OwdbMVsw6zE3UTW_N
last-modified: Mon, 16 Oct 2023 08:29:59 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 4412218
etag: W/"d7ae132c387286735e2e9d369838b0c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=8640000
x-amz-cf-id: k4Fr6Zy27oPjE3JV9M3qFCWkB-v-H-wj_uIYFFb3rzjoXIYt1f96Ug==

GET
H2 200 widget.js Show response
widget.freshworks.com/widgetBase/ Frame 39D3 295 KB
95 KB 15ms
14ms Script
application/javascript 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/widget.js
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgets/150000003233.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 467ccbacec57c9cf78730076b29b925ebc5e809a49ec1f300a00dd108bb5f16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: mJf5bg91VDxcGvgNRzDhhBWcIbsPMoaS
content-encoding: gzip
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 10:06:05 GMT
last-modified: Mon, 16 Oct 2023 08:32:46 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 246
etag: W/"f2ea1023341d0e51183945f01df48928"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: U0fdH453QrMVgzOgbH3rI9HBhSiTah5JsG6a2pbM-lztWNPtfR2Khw==

GET
H2 200 0.e2caf280750f3ece06da.widget.js Show response
widget.freshworks.com/widgetBase/ Frame 39D3 21 KB
8 KB 13ms
13ms Script
application/javascript 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/0.e2caf280750f3ece06da.widget.js
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:33:03 GMT
content-encoding: gzip
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
x-amz-version-id: nCvECAaoYbsU.EkroN3GDW.PMjEsgtqs
last-modified: Mon, 16 Oct 2023 08:31:01 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 4412218
etag: W/"3eb7d6da69812f629e5409d725c8ca3b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
x-amz-cf-id: VhhFr-nTk6Gcr0buC_miDo3GA-HufeZa8CWXqX9-0rGVVbqOk35VIg==

GET
H2 200 1.0e8f0237accf8416de7f.widget.js Show response
widget.freshworks.com/widgetBase/ Frame 39D3 23 KB
8 KB 14ms
14ms Script
application/javascript 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/1.0e8f0237accf8416de7f.widget.js
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:33:03 GMT
content-encoding: gzip
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
x-amz-version-id: gQsJxSmdVUW1j25Mn39rBizntmXqW7tT
last-modified: Mon, 16 Oct 2023 08:31:02 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 4412218
etag: W/"7c346979da8f0571ca5e101f69a9c6f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
x-amz-cf-id: mSrQgJsUsTzjq7-atKJZ449rJQfhb89bbMaa5AhBFEbJCibXhW3ppg==

GET
H2 200 8.d7c0d0debf20c1c1c333.widget.js Show response
widget.freshworks.com/widgetBase/ Frame 39D3 35 KB
11 KB 15ms
15ms Script
application/javascript 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/8.d7c0d0debf20c1c1c333.widget.js
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a39871377278f3eb590fc0d64a4b46137a8959030f6b3fe9b5c7ef7e7da2015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:33:03 GMT
content-encoding: gzip
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
x-amz-version-id: HCE_jLAhnGB6jZjkSOUQnjLHmkbfjX43
last-modified: Mon, 16 Oct 2023 08:31:05 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 4412218
etag: W/"9595037458ddb204b700bf581e6193cb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
x-amz-cf-id: qOqUp4C8mZmiSkV5ijSdQuZNn8AHjzeC7zd5mqjdRFLIL-_gpjT-jA==

GET
H2 200 10.e2a6e1199313e5325e57.widget.js Show response
widget.freshworks.com/widgetBase/ Frame 39D3 42 KB
12 KB 16ms
16ms Script
application/javascript 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:33:03 GMT
content-encoding: gzip
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
x-amz-version-id: ajUWIkgBXQy8b06lhR.iMnUJjvtFiPie
last-modified: Mon, 16 Oct 2023 08:31:08 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 4412218
etag: W/"e1fa78a672e16586648645742dd1af72"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
x-amz-cf-id: HC8q4bl02Odsb03PWy1g6WVBILb0umXDQx5S1kIVPw1IpA70a_FyPg==

GET
H2 200 16.91e55ff21de942a8b5a0.widget.js Show response
widget.freshworks.com/widgetBase/ Frame 39D3 645 B
1017 B 17ms
17ms Script
application/javascript 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/16.91e55ff21de942a8b5a0.widget.js
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c29229a800cc364c4bdbd63abdd676f570302a3b90c618ffe54f54447bc0d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 16 Oct 2023 08:33:03 GMT
x-amz-version-id: vnaZSVxTt8MyHcQMg2ihlRCKB1WSZ.Vz
via: 1.1 ee6fa75e712f6cdc2fa03f92f2cfbde0.cloudfront.net (CloudFront)
last-modified: Mon, 16 Oct 2023 08:31:14 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P4
age: 4412218
etag: "ee6a274e041d81acb09fb70447eb7252"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=8640000
content-length: 645
x-amz-cf-id: LqhhCPP5w0f_x9oNnVn-ZeThLeBA8hNpujTMr62ay9vjnXt7_aHLeA==

GET
H2 200 en.json Show response
widget.freshworks.com/widgetBase/locales/ Frame 39D3 5 KB
2 KB 191ms
190ms XHR
application/json 18.239.69.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.freshworks.com/widgetBase/locales/en.json
Requested by: Host: widget.freshworks.com
URL: https://widget.freshworks.com/widgetBase/10.e2a6e1199313e5325e57.widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.69.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-69-69.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a50b51ac483825c4c798132f572dc813498c9087ff4f4d4b0cafd5deba43d130

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
x-amz-version-id: wjNqNqYwckHIcDyZ6j10_CVUOEcYWjnm
content-encoding: gzip
last-modified: Mon, 16 Oct 2023 08:30:24 GMT
server: AmazonS3
via: 1.1 5869d8337913ed7453262c3cf9c9a9e6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P4
etag: W/"b89e0007134ac4d219df17aa6fcd289e"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: max-age=8640000
x-amz-cf-id: kBWv9cRrR0h6JXumgX_7TlpqKaGbOCSAbBbIdf7V8j2x1CC3n6-VxQ==

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 248 KB
69 KB 31ms
7ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5c489c23f7192a19dc73e1c5ca3e5ec4611803b7a347e0638c797d316573c591

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:23:11 GMT
content-encoding: br
age: 2809
x-guploader-uploadid: ABPtcPowDi-Q0kM-ERs-_0WcEJZLJiPvY7Z59qrwcUH9h93w1b9ZOlE2gJ1RSTm9Y51rkOJxTzw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69557
last-modified: Mon, 04 Dec 2023 14:26:15 GMT
server: UploadServer
etag: "91994ff19d391199afc5c6e6b3c5cad9"
vary: Accept-Encoding
x-goog-generation: 1701699975229890
x-goog-hash: crc32c=8CovOg==, md5=kZlP8Z05EZmvxcbms8XK2Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69557
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 06 Dec 2023 10:23:11 GMT

POST
H2 200 / Show response
o4505159641530368.ingest.sentry.io/api/4505192500625408/envelope/ 2 B
324 B 67ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4505159641530368.ingest.sentry.io/api/4505192500625408/envelope/?sentry_key=66b3d6bc5f5b4ac5ad1fdb2e4933582b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 10:10:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
97 KB 52ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e91eb30938159de40e2b32c1bfd2e93951efdb2c86817fb16d92879456ea86c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98546
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 10:10:00 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 569 KB
158 KB 47ms
7ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4bb1aaf85b26e49c15234bb3db9fec2cdc83c7ca9ffbbf03b489f8bdb624a9dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 10:10:00 GMT
via: 1.1 varnish
age: 10
x-cache: HIT
content-length: 161217
x-request-id: 03bb2372-a317-493f-a8d7-345f4f4d3e83
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 05 Dec 2023 18:49:19 GMT
server: Fastly
etag: "c58a939e8b362ad8100ff948bf34b9a6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 8

GET
H2 200 frame.html Show response
dntcl.qualaroo.com/ Frame F87D 323 B
697 B 44ms
19ms Document
text/html 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://dntcl.qualaroo.com/frame.html
Requested by: Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=604800
cdn-cache: HIT
cdn-cachedat: 10/11/2023 07:02:52
cdn-edgestorageid: 1080
cdn-fileserver: 639
cdn-proxyver: 1.04
cdn-pullzone: 99568
cdn-requestcountrycode: DE
cdn-requestid: e5624d4124af976ff133f5de58c30030
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-status: 200
cdn-storageserver: DE-167
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding: gzip
content-type: text/html
date: Wed, 06 Dec 2023 10:10:00 GMT
last-modified: Sun, 09 Jul 2023 20:56:17 GMT
server: BunnyCDN-DE1-1082
vary: Accept-Encoding

GET
BLOB 200
OK c15aa9b9-5e97-40fc-bcb8-9f73e3a61eea
https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/ 10 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/c15aa9b9-5e97-40fc-bcb8-9f73e3a61eea
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 10285
Content-Type

GET
H2 200 SignInPage-dhI2pVdY.js Show response
pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/ 922 B
1 KB 118ms
117ms Script
application/javascript 35.192.42.214
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/SignInPage-dhI2pVdY.js

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.192.42.214 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

214.42.192.35.bc.googleusercontent.com

Software

Resource Hash

d5bfe620623e7eae6c89f6bdcaf2c3082a69a028bf4387a65dd3b067945e9a2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js
Origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 06 Dec 2023 10:05:23 GMT
accept-ranges: bytes
etag: "65704763-39a"
content-length: 922
content-type: application/javascript

GET
H2 200 web Show response
edge.fullstory.com/s/settings/MCM6B/v1/ 4 KB
2 KB 112ms
111ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/MCM6B/v1/web
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 842cc4b7277aa4070e812687e553c32ebc03920c3a188cc0c7efcafa056e5453

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPqQu3vSGI9yDGPk8vSKs4hSKvKKMtN-hELMYyQVcNlWssP055EemjVMzi_DJfi62LJavKU
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
last-modified: Wed, 06 Dec 2023 10:06:29 GMT
server: UploadServer
etag: "8c624d63898c6c0210d83822fe8b840e"
x-goog-generation: 1701805589552732
x-goog-hash: crc32c=zVN12Q==, md5=jGJNY4mMbAIQ2Dgi/ouEDg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1322
accept-ranges: bytes
content-type: application/json
expires: Wed, 06 Dec 2023 10:25:01 GMT

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ 534 B
623 B 23ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8d360baaff8d57b4e3ddf90898d2ce5e30f995c4d6ca8ac60f0bdf50d7bb974f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 10:10:00 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 54
x-cache: HIT
content-length: 309
x-request-id: 95fe221a-0145-42cf-90f9-1ec18730ae1a
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Tue, 05 Dec 2023 21:16:48 GMT
server: Fastly
etag: "257fc435e3cac660611c68fd21c5d886"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 75

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ 534 B
384 B 24ms
8ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8d360baaff8d57b4e3ddf90898d2ce5e30f995c4d6ca8ac60f0bdf50d7bb974f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 10:10:00 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 54
x-cache: HIT
content-length: 309
x-request-id: cfb11557-7945-4fd6-a2aa-ff4abca10516
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Tue, 05 Dec 2023 21:16:48 GMT
server: Fastly
etag: "257fc435e3cac660611c68fd21c5d886"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 76

GET
H2 200 controller-855d1904b14017c570dfb7022858ebad.html Show response
js.stripe.com/v3/ Frame 99AF 325 B
711 B 10ms
9ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

45a954ecdd7c519adf252b5ce83214ff75936c07168c3e696ddad91664c82632

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 17
cache-control: max-age=60
content-encoding: br
content-length: 189
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 10:10:00 GMT
etag: "855d1904b14017c570dfb7022858ebad"
last-modified: Tue, 05 Dec 2023 18:14:39 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 7
x-content-type-options: nosniff
x-request-id: d048c2dc-4de4-4ff4-9ca0-03a2fec885ec
x-served-by: cache-fra-eddf8230109-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
81 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MDB3MHPDXM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e55fce53854248a6e48a2af29f66d6a96fa9f2933b9bc4c99ad77eceaf2f9779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 10:10:01 GMT

GET
H2 200 insight.min.js
snap.licdn.com/li.lms-analytics/ 1 KB
806 B 52ms
7ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:16 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=82311
accept-ranges: bytes
content-length: 596

GET
H2 200 bat.js
bat.bing.com/ 45 KB
13 KB 76ms
35ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 06 Dec 2023 10:10:00 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F8EE1A21D01F4C779FD7587C86A8F347 Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:01Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 32ms
14ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 06 Dec 2023 10:10:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JS0HFEHpLLLrXfAqTFb2PoLVYX1AqZ/2D6C94DY86jWcA1L1v3nQhBIoFMyS3wW5P97KtvmXNvV6Geentxyijg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/ 3 KB
2 KB 84ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/?random=1701857400999&cv=11&fst=1701857400999&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9116618575&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=PayStubs&auid=1871898161.1701857401&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jkd.js Show response
cl.qualaroo.com/ki.js/83441/ 174 KB
55 KB 7ms
7ms Script
application/ecmascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 12c15d09c171fb3d000989e553e09f267ca5ddfec2827ba4f7620015df8e0225

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
cdn-edgestorageid: 1081
x-amz-request-id: KYD1R0HFE3DX8DMY
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/02/2023 22:05:04
cdn-pullzone: 92714
x-amz-id-2: L51GHlttXazxB07Tv6JABHegVQxlqef69nzv0us0emXtb8RCaAvFivt+pUnjzJdhb46gIMRtd+s=
last-modified: Mon, 30 Oct 2023 11:44:00 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "bc8596cb14d803019e5d5accd3bfc9f8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/ecmascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=0, s-maxage=3600
cdn-requestid: dab000eece78bf0604152812791a9dd6
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ 248 KB
68 KB 9ms
8ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5c489c23f7192a19dc73e1c5ca3e5ec4611803b7a347e0638c797d316573c591

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:12:05 GMT
content-encoding: br
age: 3476
x-guploader-uploadid: ABPtcPr_EPnRFR2zBnaGGU89YqPZSptRLQHPL9PHPYGMUI3UNCxFStoB41O7YKKeL2an0HpW4VFYsljgow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69557
last-modified: Mon, 04 Dec 2023 14:26:15 GMT
server: UploadServer
etag: "91994ff19d391199afc5c6e6b3c5cad9"
vary: Accept-Encoding
x-goog-generation: 1701699975229890
x-goog-hash: crc32c=8CovOg==, md5=kZlP8Z05EZmvxcbms8XK2Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69557
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 06 Dec 2023 10:12:05 GMT

GET
H2 200 139577915.js
js-eu1.hs-scripts.com/ 2 KB
1 KB 87ms
36ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/139577915.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 78c2e255-4b69-4962-82a6-d640a82c3d62
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 78c2e255-4b69-4962-82a6-d640a82c3d62
last-modified: Wed, 06 Dec 2023 10:10:01 GMT
server: cloudflare
x-trace: 2B2611F3C7D3130061CC9B1B7976BFCC972BA4B443000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-75bd7484f7-qmpch
cf-ray: 8313bc949979902e-FRA

GET
H2 200 events.js
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 144ms
106ms Script
application/javascript 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHEF1OBC77UAAU7KU0H0&lib=ttq
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 4b012cda
date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312061010013A208CA01EAE7C40E222-50086B592B6D7C8D-00
x-cache: TCP_MISS from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=94
pragma: no-cache
server: nginx
x-tt-logid: 202312061010013A208CA01EAE7C40E222
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 95,23.38.99.92
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c8c3ca2e002d16816d4a641785da0f88723224b30aaf7a90dc89e84afd56770fbb21d0415d0da01d81828dc0149423cf3d29adeae08decc5e10a3cab214f13df4e3dd5f9eb778e92fdf3b5a46b20319b4d
expires: Wed, 06 Dec 2023 10:10:01 GMT

GET
H2 200 widget.js
wchat.freshchat.com/js/ 66 KB
21 KB 374ms
187ms Script
application/javascript 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: 00-402302afaeaf2225386f288d9fd1d004-0b155795c3762a99-00
date: Wed, 06 Dec 2023 10:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: rbfhg
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: ac34b11e-c7c7-4366-9892-c4ed92f099a2

GET
H2 200 w.js
static.woopra.com/js/ 37 KB
13 KB 51ms
12ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.woopra.com/js/w.js
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.2.15 (Red Hat) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 38688
x-cache: HIT, HIT
content-length: 12997
x-served-by: cache-iad-kjyo7100087-IAD, cache-fra-eddf8230059-FRA
last-modified: Thu, 02 Nov 2023 23:29:38 GMT
server: Apache/2.2.15 (Red Hat)
x-timer: S1701857401.052447,VS0,VE1
etag: "21dbc-94f0-60933c2eb33ac"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 23, 486

GET
H2 200 ntag.js
www.nivaai.com/ 5 KB
2 KB 78ms
11ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nivaai.com/ntag.js?id=6249ec2b-9496-41ca-97c0-e50802176b13

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::knbkf-1701857401075-0f3786984d3f
age: 1699585
x-matched-path: /ntag.js
etag: W/"1f6e22d85d1b46e955d4656374f1b52e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ntag.js"

POST
H2 200 csp-report
q.stripe.com/ Frame 99AF 0
717 B 554ms
183ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1701857401481777
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1701857401481248
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-a00ff050abe843d1de675a242417b2c0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 99AF 536 KB
130 KB 11ms
10ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

6db1cd54c258f6e658484ecf694dd9e02f278effa38b13ecc23ac5cf4c0be3c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 varnish
age: 57200
x-cache: HIT
content-length: 133079
x-request-id: 88a68e36-749d-413d-aae5-a45cec986624
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 05 Dec 2023 18:14:55 GMT
server: Fastly
etag: "795d6f5cf5a3c5629d94291fb5368011"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3433

GET
H2 200 controller-17198811dddf2e156227db54fb805eb7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 99AF 666 KB
173 KB 14ms
14ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-17198811dddf2e156227db54fb805eb7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

bce6f4fc4cd70c68aafb0c99f3dd99a4e46c0d978a2e0333d0e6a2e2e30faee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 varnish
age: 57200
x-cache: HIT
content-length: 177009
x-request-id: 7bd8c0ab-8685-4a57-bbab-583f3a674495
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 05 Dec 2023 18:14:52 GMT
server: Fastly
etag: "82330e9d2152aeda0f3f0e657091dfb7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2539

GET
H2 200 .deploy_status_henson.json
js.stripe.com/v3/ Frame 99AF 534 B
384 B 9ms
9ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 54
x-cache: HIT
content-length: 309
x-request-id: f9b8c820-2e62-4792-92fd-5deb28c12407
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Tue, 05 Dec 2023 21:16:48 GMT
server: Fastly
etag: "257fc435e3cac660611c68fd21c5d886"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 78

GET
H2 200 .deploy_status_henson.json
js.stripe.com/v3/ Frame 99AF 534 B
407 B 8ms
8ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 54
x-cache: HIT
content-length: 309
x-request-id: 0b007903-d51a-4695-ab5b-d90d30072fed
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Tue, 05 Dec 2023 21:16:48 GMT
server: Fastly
etag: "257fc435e3cac660611c68fd21c5d886"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 77

GET
H2 200 .deploy_status_henson.json
js.stripe.com/v3/ Frame 99AF 534 B
384 B 8ms
7ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-855d1904b14017c570dfb7022858ebad.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
via: 1.1 varnish
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 54
x-cache: HIT
content-length: 309
x-request-id: afa26191-1c31-4552-9999-6c53532b1a9c
x-served-by: cache-fra-eddf8230021-FRA
last-modified: Tue, 05 Dec 2023 21:16:48 GMT
server: Fastly
etag: "257fc435e3cac660611c68fd21c5d886"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 79

GET
H2 200 280638974420595
connect.facebook.net/signals/config/ 133 KB
35 KB 179ms
178ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/280638974420595?v=2.9.138&r=stable&domain=pcom-react-bhautik-billing-plan.react-dev.paystubs.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 06 Dec 2023 10:10:01 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7g4vG4K1RGJXNit/hMTYD5CVu1KNOXSUW0I0Cyi3dAAvd12nxcGMy61HXxxnEVfACsntNTk783rWICBOD0S5xg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
gtm.paystubs.com/g/ 65 B
541 B 800ms
548ms XHR
text/plain 35.193.123.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.paystubs.com/g/collect?v=2&tid=G-MDB3MHPDXM&gtm=45je3bt0v9117494111z89116618575&_p=1701857400842&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1198723921.1701857401&ul=en-us&sr=1600x1200&_fplc=0&ur=DE-BW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1701857400842&_s=1&sid=1701857401&sct=1&seg=0&dl=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&dt=PayStubs&en=page_view&_fv=1&_nsi=1&_ss=1&ep.timestamp=2023-12-06%2011%3A10%3A00&tfd=1572&richsstsse

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

107.123.193.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

GET
H2 200 get-cookie
merchant-ui-api.stripe.com/link/ Frame 99AF 35 B
762 B 255ms
171ms Fetch
application/json 54.76.53.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://merchant-ui-api.stripe.com/link/get-cookie?referrer_host=pcom-react-bhautik-billing-plan.react-dev.paystubs.com

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.76.53.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-53-164.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=link%2Fget-cookie; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=link%2Fget-cookie; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
cross-origin-resource-policy: same-site
content-length: 35
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
access-control-max-age: 300
access-control-allow-methods: GET, POST
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://js.stripe.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: accept, content-type, x-requested-with, x-stripe-csrf-token
cross-origin-opener-policy-report-only: same-origin; report-to=https://q.stripe.com/coop-report
expires: 0

GET
H2 200 sessions
api.stripe.com/v1/elements/ Frame 99AF 11 KB
12 KB 380ms
304ms Fetch
application/json 34.240.123.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.stripe.com/v1/elements/sessions?key=pk_test_51MqyrmEg8DID0LVdyI2jrMNnVETj8yPzv0yZRassAaOkoQknLjW1aZJXanxkP4Hb76AkKXbEuBxFTKiUdyX7VjK400wfs11HK9&type=deferred_intent&locale=en-US&deferred_intent[mode]=payment&deferred_intent[amount]=1099&deferred_intent[currency]=usd&referrer_host=pcom-react-bhautik-billing-plan.react-dev.paystubs.com&currency=usd

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.240.123.193 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

api-34-240-123-193.stripe.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-security-policy: report-uri https://q.stripe.com/csp-report?p=v1%2Felements%2Fsessions; block-all-mixed-content; default-src 'none'; base-uri 'none'; form-action 'none'; frame-ancestors 'none'; img-src 'self'; script-src 'self' 'report-sample'; style-src 'self'
strict-transport-security: max-age=63072000; includeSubDomains; preload
stripe-version: 2022-11-15
request-id: req_zvYyE8XCcglYYK
content-length: 11710
server: nginx
x-stripe-routing-context-priority-tier: api-testmode
access-control-max-age: 300
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Request-Id, Stripe-Manage-Version, Stripe-Should-Retry, X-Stripe-External-Auth-Required, X-Stripe-Privileged-Session-Required
cache-control: no-cache, no-store
access-control-allow-credentials: true
vary: Origin
timing-allow-origin: https://js.stripe.com

GET
H2 200 insight.old.min.js
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 8ms
8ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=82243
accept-ranges: bytes
content-length: 12150

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
272 B 760ms
367ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401821760
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701857401821161
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
274 B 760ms
367ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401820396
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701857401819703
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
273 B 758ms
366ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401820204
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701857401819664
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
272 B 755ms
363ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401820140
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701857401819501
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
274 B 753ms
360ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401816341
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701857401815549
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
274 B 752ms
359ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401816135
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701857401815621
access-control-allow-credentials: true
content-length: 0

GET
H2 200 tr
api.nivaai.com/ 0
0 514ms
440ms Fetch
application/json 18.239.36.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nivaai.com/tr?command=config&na=9c73551b-ac6c-4367-a586-2f78d9726379&ntag=6249ec2b-9496-41ca-97c0-e50802176b13&pathname=/login
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-32.ams58.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 bec13cdbd4d650c71ed35e5a7991d3ca.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-trace-id: Root=1-65704879-635de9fe333dc18a5fa9af77;Sampled=0;lineage=fc8b8e8b:0
x-amzn-requestid: 8fbb716d-9087-43b3-b4b7-d8d2cd77a76c
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: PhBDBEhooAMEg9g=
content-length: 0
x-amz-cf-id: 76QTq8m8dFlNjV1_a-LxdSgw9FumVTn67MOB5SJqsdzMGqpAqoRR3A==
access-control-allow-headers: *

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://secure.adnxs.com/setuid?entity=52&code=9c73551b-ac6c-4367-a586-2f78d9726379
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D9c73551b-ac6c-4367-a586-2f78d9726379

43 B
896 B

8ms
7ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D9c73551b-ac6c-4367-a586-2f78d9726379

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
an-x-request-uuid: 1f76e83f-29b5-47e7-bd98-3d322d9ad02b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 80.255.10.198; 80.255.10.198; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
an-x-request-uuid: 22be6089-b40c-49ce-a71c-f93acd05af11
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3D9c73551b-ac6c-4367-a586-2f78d9726379
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.198; 80.255.10.198; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://x.bidswitch.net/sync?dsp_id=46&user_id=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30

43 B
145 B

45ms
9ms

Image
image/gif

3.69.41.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30
Protocol: H2
Server: 3.69.41.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 5c8ba36b-bf78-446b-9f43-2bfed62e63d3
x-amzn-trace-id: Root=1-65704879-31c4d3b3216db904695ea50c;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://x.bidswitch.net/sync?dsp_id=46&user_id=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30
access-control-allow-origin: *
x-amz-apigw-id: PhBDBE5VoAMEA1A=
content-length: 0
x-amz-cf-id: _fDgqsnQBY-fA3PHUcf9iuOQoJyHuDXixc1k8gD8Aeu2-bzRtK09Yw==
access-control-allow-headers: *

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://sync.outbrain.com/cookie-sync?p=niva&uid=9c73551b-ac6c-4367-a586-2f78d9726379&initiator=partner

0
145 B

378ms
91ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=niva&uid=9c73551b-ac6c-4367-a586-2f78d9726379&initiator=partner
Protocol: HTTP/1.1
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 10:10:01 GMT
Cache-Control: no-cache
X-TraceId: 8417fb89fcd2798273b1f361a4552521
Content-Length: 0

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 6aafffae-2c85-4833-b164-16a5868d5247
x-amzn-trace-id: Root=1-65704879-0216bd4175cf638076e88bad;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync.outbrain.com/cookie-sync?p=niva&uid=9c73551b-ac6c-4367-a586-2f78d9726379&initiator=partner
access-control-allow-origin: *
x-amz-apigw-id: PhBDBEIoIAMEJmg=
content-length: 0
x-amz-cf-id: h1DkNW8KMnArfR9yRQHYniAseVNrf8DeFgMKh9LYhJjFnJUDvKihEg==
access-control-allow-headers: *

GET
H2

200

sync.htm
ade.clmbtech.com/uid/
Redirect Chain

https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=9c73551b-ac6c-4367-a586-2f78d9726379

68 B
259 B

158ms
129ms

Image
image/jpeg

2a02:26f0:480:c::210:f190
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=9c73551b-ac6c-4367-a586-2f78d9726379

Protocol

Server

2a02:26f0:480:c::210:f190 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Wed, 06 Dec 2023 10:10:01 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.17.238:80
content-length: 68
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: b13fc6e1-5e30-401b-9420-602d63a61210
x-amzn-trace-id: Root=1-65704879-0a602be003e808f66f83a2de;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBECSoAMEj_g=
content-length: 0
x-amz-cf-id: kaSGKbJFIG7i6eO5TwfToE9hoIeTmGigaw4bpkDEctsxQVux0azfNA==
access-control-allow-headers: *

GET

pixelct.tpmn
ad.tpmn.io/
Redirect Chain

https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=9c73551b-ac6c-4367-a586-2f78d9726379
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=9c73551b-ac6c-4367-a586-2f78d9726379

0
0

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://x.bidswitch.net/sync?dsp_id=46&user_id=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30

43 B
146 B

37ms
8ms

Image
image/gif

3.69.41.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30
Protocol: H2
Server: 3.69.41.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: a74d5b2a-b76c-4546-9307-647367b23420
x-amzn-trace-id: Root=1-65704879-46a82aed347c62ba740117c2;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://x.bidswitch.net/sync?dsp_id=46&user_id=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30
access-control-allow-origin: *
x-amz-apigw-id: PhBDBFDbIAMEitw=
content-length: 0
x-amz-cf-id: 1C4HLtdCeB9CecTJKXrQm4P3VllhzXlJRE-L-nDoDMGLJOmECW5evw==
access-control-allow-headers: *

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/
Redirect Chain

https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=9c73551b-ac6c-4367-a586-2f78d9726379&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=9c73551b-ac6c-4367-a586-2f78d9726379&google_gid=CAESEOoCszYT1lp2WwXgnhaKqtI&google_cver=1&google_ula=913071,0

43 B
369 B

47ms
14ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=9c73551b-ac6c-4367-a586-2f78d9726379&google_gid=CAESEOoCszYT1lp2WwXgnhaKqtI&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 219862
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=9c73551b-ac6c-4367-a586-2f78d9726379&google_gid=CAESEOoCszYT1lp2WwXgnhaKqtI&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 392
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/
Redirect Chain

https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3084315670550885527

43 B
370 B

46ms
13ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3084315670550885527

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:00 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 179205
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
an-x-request-uuid: 1fc543a5-e739-4370-b9f5-92171aebdda6
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=3084315670550885527
x-proxy-origin: 80.255.10.198; 80.255.10.198; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
sync-criteo.ads.yieldmo.com/
Redirect Chain

https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://sync-criteo.ads.yieldmo.com/sync?id=9c73551b-ac6c-4367-a586-2f78d9726379&pn_id=criteo&ext=1

0
38 B

185ms
30ms

Image
text/plain

34.248.234.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=9c73551b-ac6c-4367-a586-2f78d9726379&pn_id=criteo&ext=1
Protocol: H2
Server: 34.248.234.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-234-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-length: 0

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 01f8da2d-dbf6-4185-99d6-b77f50219273
x-amzn-trace-id: Root=1-65704879-1db4219232dbc1c1526dbbfa;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync-criteo.ads.yieldmo.com/sync?id=9c73551b-ac6c-4367-a586-2f78d9726379&pn_id=criteo&ext=1
access-control-allow-origin: *
x-amz-apigw-id: PhBDCHgZoAMEa5g=
content-length: 0
x-amz-cf-id: pnOSWuhCBpakSLL1Dp6E7ctNl0mqgbeaMeD9TSqSgZReRNEOkvUNTA==
access-control-allow-headers: *

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/
Redirect Chain

https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9c73551b-ac6c-4367-a586-2f78d9726379

0
99 B

62ms
13ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13970

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 4a3957b5-c1d2-496d-b0eb-1e2565a933cf
x-amzn-trace-id: Root=1-65704879-7d1d06ac1e270f7b54b32f70;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBGOTIAMEHKQ=
content-length: 0
x-amz-cf-id: mXDLQ3mERXlb9_jqF0R_Oy8_4G0nu-ffxah6Y7olieTMz6UYPRojgw==
access-control-allow-headers: *

GET
H2

200

sync
criteo-partners.tremorhub.com/
Redirect Chain

https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://criteo-partners.tremorhub.com/sync?UICR=9c73551b-ac6c-4367-a586-2f78d9726379

43 B
393 B

336ms
92ms

Image
image/gif

2600:1f18:612b:4280:bda1:9df6:36cc:93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 2600:1f18:612b:4280:bda1:9df6:36cc:93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 06 Dec 2023 10:10:01 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: f2bcae43-0d8f-4057-bc21-5d0e728ff808
x-amzn-trace-id: Root=1-65704879-4dd653ca3db20ec914398a0e;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://criteo-partners.tremorhub.com/sync?UICR=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBGa1oAMEcdg=
content-length: 0
x-amz-cf-id: icfrjcNcV_NyMNFSLK8BMgIud_9oaq58kMGyS1xG5a-JgfXtCmCCqw==
access-control-allow-headers: *

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=9c73551b-ac6c-4367-a586-2f78d9726379

53 B
777 B

198ms
124ms

Image
image/gif

2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=9c73551b-ac6c-4367-a586-2f78d9726379

Protocol

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 10:10:01 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 06 Dec 2023 10:10:01 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 627c393f-9dd1-47d5-9410-48a387752934
x-amzn-trace-id: Root=1-65704879-4710a25e58e1288753b0021f;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBHPMoAMEF6Q=
content-length: 0
x-amz-cf-id: IeL_rr4kXPK6Wgl546Hgc-vOv_cSLQwfa6-5QciOhqdIQ50BYs8n5A==
access-control-allow-headers: *

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30

0
239 B

45ms
13ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: bb33fa32-fc97-4335-a1c1-d55259333737
x-amzn-trace-id: Root=1-65704879-57817a2206debd300d5b531a;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=9c73551b-ac6c-4367-a586-2f78d9726379&expires=30
access-control-allow-origin: *
x-amz-apigw-id: PhBDBH87IAMEDpA=
content-length: 0
x-amz-cf-id: i4LXfammjYedYeOw99Xrfj5FOkDnDFxxl7gIv5h_WKiJFbuD0OSxPw==
access-control-allow-headers: *

GET
H2

204

v1
match.sharethrough.com/sync/
Redirect Chain

https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=9c73551b-ac6c-4367-a586-2f78d9726379

0
35 B

110ms
8ms

Image
text/plain

3.68.140.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 3.68.140.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: e99fa748-cc67-4b00-ac07-10ef8fc71aad
x-amzn-trace-id: Root=1-65704879-50abb0ed00671be95a6fba48;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBFx2IAMEHFA=
content-length: 0
x-amz-cf-id: qtImmaEwtpcSoR1qm_FC3UDg0h532ruhgRzvSKXHnAg7DaRG0ypKBA==
access-control-allow-headers: *

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=9c73551b-ac6c-4367-a586-2f78d9726379

43 B
163 B

83ms
17ms

Image
image/gif

185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: HTTP/1.1
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: cb9f24f3-fb0f-4974-a50c-b91514e1b17b
x-amzn-trace-id: Root=1-65704879-5b15daa9561f3b8e5df91d12;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBERpIAMEcMg=
content-length: 0
x-amz-cf-id: xmszEIOv75ssHO3oxVGGD8lLtRWwKuWKjLHOqnQm7K865Hu97ULHLQ==
access-control-allow-headers: *

GET
H2

200

um
criteo-sync.teads.tv/
Redirect Chain

https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://criteo-sync.teads.tv/um?eid=80&uid=9c73551b-ac6c-4367-a586-2f78d9726379

23 B
163 B

100ms
36ms

Image
image/gif

2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 06 Dec 2023 10:10:01 GMT
pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 57afa1ef-0643-4e36-a6de-a8cb374b9697
x-amzn-trace-id: Root=1-65704879-278ea2ea0fd2212376ecbecd;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://criteo-sync.teads.tv/um?eid=80&uid=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBFwioAMEIBA=
content-length: 0
x-amz-cf-id: _ypGBwua9vjkMCF4uSmOBcMECA1RCcsvC4pAmkYO7t5jjT20Kp2ZGg==
access-control-allow-headers: *

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://eb2.3lift.com/xuid?mid=2711&xuid=9c73551b-ac6c-4367-a586-2f78d9726379&dongle=013b

37 B
140 B

30ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=9c73551b-ac6c-4367-a586-2f78d9726379&dongle=013b
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: a966509b-f545-4fe7-b620-9722b91262ee
x-amzn-trace-id: Root=1-65704879-3662bbaa7b957b65211cab2e;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://eb2.3lift.com/xuid?mid=2711&xuid=9c73551b-ac6c-4367-a586-2f78d9726379&dongle=013b
access-control-allow-origin: *
x-amz-apigw-id: PhBDBGDmoAMEtIA=
content-length: 0
x-amz-cf-id: KjeEgQKmZY94AOWVOYirEex2hACgV0p0kp19oolMAMXJCWF3rUp4fw==
access-control-allow-headers: *

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/
Redirect Chain

https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=9c73551b-ac6c-4367-a586-2f78d9726379

0
125 B

47ms
14ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=9c73551b-ac6c-4367-a586-2f78d9726379

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 3676b76a-9d82-4ebc-96c7-73b3cdf199d7
x-amzn-trace-id: Root=1-65704879-2b13f4d52bb1b7a218e68ee1;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBH6KIAMEk0g=
content-length: 0
x-amz-cf-id: YctFpFEexjDRYNt5ToYttan0J5Jg7Z69a2Lm3_EYC7jGPRz3KQPnKQ==
access-control-allow-headers: *

GET

idsync
tg.socdm.com/aux/
Redirect Chain

https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=9c73551b-ac6c-4367-a586-2f78d9726379

0
0

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=9c73551b-ac6c-4367-a586-2f78d9726379

49 B
385 B

156ms
40ms

Image
image/gif

54.246.5.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=9c73551b-ac6c-4367-a586-2f78d9726379

Protocol

Server

54.246.5.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-5-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 8
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 02960db2-cca3-4a93-beb2-60ac7cabc862
x-amzn-trace-id: Root=1-65704879-5d7acce30d6ea9e717edd5cb;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBFSNIAMEgCQ=
content-length: 0
x-amz-cf-id: vH27HpD1x7uKCQhb7m02FxFiAyfiktDUSqtTFERXVKhRW7qqGmh3-w==
access-control-allow-headers: *

GET
H2

200

rum
r.casalemedia.com/
Redirect Chain

https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379&C=1

43 B
328 B

31ms
30ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379&C=1
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN39JNGKppbHmpSty4BcX9XyF3AQuaZXsLXmXfbhloOhr%2BJf6edMX%2FqKKnMWKEQbQ3qIZH0jS9mz0NTANze9BZ6TyrOGbxCC3UBzzMf5cYNeaj%2FsGb9cxDVy%2BpA1c5P%2FseGn"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8313bc986d034d3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKngEvwxAqj%2BO6fB0y6u7eX%2FivB9agXI6sYJY9E%2FdhU8bWY%2BlMEnobjHj4tk4fA8A4vwMd9Ey9lm8SKdOqQT2cyxjeuH%2BAsyS05Dc5BXRUshFD%2Bh8G2wfZsIfpwebODV0S9S"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=20&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379&C=1
cache-control: no-cache
cf-ray: 8313bc980c994d3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1

204
NO CONTENT

/
partner.mediawallahscript.com/
Redirect Chain

https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=9c73551b-ac6c-4367-a586-2f78d9726379&custom=&tag_format=img&tag_action=sync&cb=

0
225 B

134ms
31ms

Image
text/html

52.50.201.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=9c73551b-ac6c-4367-a586-2f78d9726379&custom=&tag_format=img&tag_action=sync&cb=
Protocol: HTTP/1.1
Server: 52.50.201.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-201-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 06 Dec 2023 10:10:01 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 2cfe2a05-afdb-43e3-8615-f215ba96a257
x-amzn-trace-id: Root=1-65704879-1f10f40e514f26e364ed1111;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=9c73551b-ac6c-4367-a586-2f78d9726379&custom=&tag_format=img&tag_action=sync&cb=
access-control-allow-origin: *
x-amz-apigw-id: PhBDBFcqoAMEG_A=
content-length: 0
x-amz-cf-id: zCfaoz6xitBiTUP_AlPgwajAvV9pzpk_FezvcyV4YZsYiO2hYtYncg==
access-control-allow-headers: *

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379

43 B
199 B

188ms
32ms

Image
image/gif

54.76.156.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 54.76.156.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-156-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 06 Dec 2023 10:10:01 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 19e423d7-973d-4fff-bcc9-d170cdec30a3
x-amzn-trace-id: Root=1-65704879-7c4436161977aca763a80d43;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBGCiIAMEnFQ=
content-length: 0
x-amz-cf-id: IZX7qUR2llgq4zyntwZR7XQuwvDdXqg0x3us_EN9icD3NEgF4T792Q==
access-control-allow-headers: *

GET
H2

200

sync
matching.ivitrack.com/
Redirect Chain

https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://matching.ivitrack.com/sync?realm=niva&uid=9c73551b-ac6c-4367-a586-2f78d9726379

42 B
265 B

42ms
19ms

Image
image/gif

34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=niva&uid=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:00 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 6fa899ee-6e3e-4685-9b59-daf2ce907e93
x-amzn-trace-id: Root=1-65704879-7fae87c7143baebd631f4722;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://matching.ivitrack.com/sync?realm=niva&uid=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBGVioAMEk_g=
content-length: 0
x-amz-cf-id: 9B2_oWT_QSpm-YdTokpg95Yf9zlpbPqYRQrlom0VKCTDocuvt3zYCw==
access-control-allow-headers: *

GET

28292
i.liadm.com/s/
Redirect Chain

https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=9c73551b-ac6c-4367-a586-2f78d9726379
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=9c73551b-ac6c-4367-a586-2f78d9726379&_li_chk=true&previous_uuid=2e0361f59b5a482e82ffa78233530f6a

0
0

GET
H2

200

push
exchange.mediavine.com/usersync/
Redirect Chain

https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=9c73551b-ac6c-4367-a586-2f78d9726379

0
870 B

68ms
44ms

Image
text/html

3.125.15.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 3.125.15.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-15-233.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: f99428b8-4842-4bb7-aba6-0fcfc374c3d1
x-amzn-trace-id: Root=1-65704879-019951703e902e1329b1155e;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDCEMpIAMElJQ=
content-length: 0
x-amz-cf-id: KyIRi8j5pVb1CdXa3pBrFxtRK3HlYJycjEfeP9ReGJdbem8ps0bhNQ==
access-control-allow-headers: *

GET
H2

200

c.gif
c.bing.com/
Redirect Chain

https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=9c73551b-ac6c-4367-a586-2f78d9726379

42 B
397 B

30ms
30ms

Image
image/gif

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:00 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1475AC9AB72240E987AE8FCC7C31A3D7 Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:01Z
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 1b939c2c-d0f1-4832-9902-c188900a4229
x-amzn-trace-id: Root=1-65704879-4cfc43196ac093fc19079da1;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBEKLoAMEI7g=
content-length: 0
x-amz-cf-id: a6vjy4IAsa3cXvL_sSvhtBi4go881FHzfTDakLPXBfDfc8AEk5EM2Q==
access-control-allow-headers: *

GET
H2

200

1017
jadserve.postrelease.com/suid/
Redirect Chain

https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=9c73551b-ac6c-4367-a586-2f78d9726379
https://jadserve.postrelease.com/suid/1017?vk=9c73551b-ac6c-4367-a586-2f78d9726379

43 B
422 B

300ms
91ms

Image
image/gif

44.219.110.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=9c73551b-ac6c-4367-a586-2f78d9726379
Protocol: H2
Server: 44.219.110.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-219-110-252.compute-1.amazonaws.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:10:01 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: be3654ea-20e6-4115-8ac1-fdeaeb860a23
x-amzn-trace-id: Root=1-65704879-5179740016ca10cb4a4b6b60;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://jadserve.postrelease.com/suid/1017?vk=9c73551b-ac6c-4367-a586-2f78d9726379
access-control-allow-origin: *
x-amz-apigw-id: PhBDBHN0oAMEiZg=
content-length: 0
x-amz-cf-id: -7ZLVTePYIqLZm4ES1W8MV5iIcPf0CmpOoRXwfVKmkF19Bb4t3_myA==
access-control-allow-headers: *

GET
H2 200 frame.html
dntcl.qualaroo.com/ Frame 4FAF 323 B
696 B 8ms
7ms Document
text/html 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://dntcl.qualaroo.com/frame.html
Requested by: Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=604800
cdn-cache: HIT
cdn-cachedat: 10/11/2023 07:02:52
cdn-edgestorageid: 1080
cdn-fileserver: 639
cdn-proxyver: 1.04
cdn-pullzone: 99568
cdn-requestcountrycode: DE
cdn-requestid: 574d09a63cbd23d991d29c38112572af
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-status: 200
cdn-storageserver: DE-167
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding: gzip
content-type: text/html
date: Wed, 06 Dec 2023 10:10:01 GMT
last-modified: Sun, 09 Jul 2023 20:56:17 GMT
server: BunnyCDN-DE1-1082
vary: Accept-Encoding

GET
H2

200

Primary Request login Show response
auth-staging.paystubs.com/
Redirect Chain

https://auth-staging.paystubs.com/authorize?client_id=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&scope=openid+profile+email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2...
https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYUR...

154 KB
154 KB

308ms
307ms

Document
text/html

2606:4700::6813:a818
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:a818 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3580b20bc68ce1a365622443141e6b7fc7db8f8742c3f738301de102e4f64b25

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/login
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8313bc98cb8f91ed-FRA
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 10:10:02 GMT
etag: W/"26680-OnBegWJDfHLlTrtOKrn2pv2eSe4"
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-auth0-requestid: 3bdda5ec05d2fc6dac24
x-content-type-options: nosniff
x-frame-options: deny
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1701857402
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, max-age=0, no-transform
cf-cache-status: DYNAMIC
cf-ray: 8313bc95989791ed-FRA
content-length: 1530
content-type: text/html; charset=utf-8
date: Wed, 06 Dec 2023 10:10:01 GMT
location: /login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept, Accept-Encoding
x-auth0-requestid: 0020392abc492f40ffa6
x-content-type-options: nosniff
x-ratelimit-limit: 100
x-ratelimit-remaining: 99
x-ratelimit-reset: 1701857402

GET
H2 200 /
www.woopra.com/track/ce/ 0
161 B 747ms
680ms Script
text/javascript 162.55.95.216
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.woopra.com/track/ce/?project=paystubs.com&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=&cookie=UkFlq7ecmFiU&event=pv&timeout=600000&idptnc=lSgYUHTgY8dL&ce_url=%2Flogin&ce_title=PayStubs&ce_domain=pcom-react-bhautik-billing-plan.react-dev.paystubs.com&ce_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&ce_scroll%20depth=0&ce_returning=false
Requested by: Host: static.woopra.com
URL: https://static.woopra.com/js/w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.95.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.216.95.55.162.clients.your-server.de
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/javascript; charset=utf-8

GET
H2 200 /
www.google.com/pagead/1p-user-list/11223038493/ 42 B
455 B 48ms
23ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11223038493/?random=1701857400999&cv=11&fst=1701856800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9116618575&u_w=1600&u_h=1200&url=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&frm=0&tiba=PayStubs&fmt=3&is_vtc=1&cid=CAQSGwDICaaN6plxGyMLoxkHiwn1VkRTWTO_I6r9Iw&random=3382986847&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11223038493/ 42 B
455 B 41ms
19ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11223038493/?random=1701857400999&cv=11&fst=1701856800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9116618575&u_w=1600&u_h=1200&url=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&frm=0&tiba=PayStubs&fmt=3&is_vtc=1&cid=CAQSGwDICaaN6plxGyMLoxkHiwn1VkRTWTO_I6r9Iw&random=3382986847&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
272 B 731ms
374ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401821708
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701857401821210
access-control-allow-credentials: true
content-length: 0

GET
H2 200 211021221.js
bat.bing.com/p/action/ 4 KB
2 KB 41ms
41ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211021221.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 06 Dec 2023 10:10:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D44E47A6EECE434AB5C8CE9F2E6ED9BC Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:01Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
286 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211021221&tm=gtm002&Ver=2&mid=41aa1d1b-1d39-4d20-affa-37bf031bdeb8&sid=9e110440941f11ee90ef83801d41ea1d&vid=9e10f090941f11eeba5875457ec2dad2&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=PayStubs&p=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&r=&lt=1304&evt=pageLoad&sv=1&rn=106123

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 10:10:00 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 91FECF6324704BF9AE054ADCA41256C0 Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:01Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 banner.js
js-eu1.hs-banner.com/v2/139577915/ 60 KB
19 KB 142ms
93ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/139577915/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
x-amz-version-id: 7_9kgoHJhK86Gi8uH0IkzWU8GPpWRlD8
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 268NBAJ0D0BGYX77
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 6fd67d63-c3b6-4b72-8aa3-46e1fdbec587
x-envoy-upstream-service-time: 44
x-amz-id-2: Svt6r+CTjJs7sC6feg/TnU1aPyguMt79sTqlq9Fu77Oqq1Cgibdye4O/91PAlmE/y7qU9WJw4dc=
x-evy-trace-listener: listener_https
x-request-id: 6fd67d63-c3b6-4b72-8aa3-46e1fdbec587
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 01 Dec 2023 15:31:08 GMT
server: cloudflare
etag: W/"3cb2298442f20e46878c5d00e3e04434"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-54d97ddf9c-srs49
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8313bc95c8a22bea-FRA
expires: Wed, 06 Dec 2023 10:15:01 GMT

GET
H2 200 collectedforms.js
js-eu1.hscollectedforms.net/ 69 KB
25 KB 77ms
25ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hscollectedforms.net/collectedforms.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
x-amz-version-id: qOShuUL.zI.RMIWwukZE0taADNX_1wuf
via: 1.1 018ffb575888f1c9ec960e3e977c042e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: e8ffedf3-16de-4f6b-998a-1635ed1289af
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=8313bc960ec5928d-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 2
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e8ffedf3-16de-4f6b-998a-1635ed1289af
last-modified: Mon, 04 Dec 2023 12:10:50 UTC
server: cloudflare
etag: W/"109b7665e389a0b17fbf732bf7a02089"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-9bbd8cb6-gcgl9
cf-ray: 8313bc960ec5928d-FRA
x-amz-cf-id: p82SHST7bXgp4tgTvsxsP0FM0ZM9HfEYO4HelFB2voFaP3OyXiOVYA==
x-hs-target-asset: collected-forms-embed-js/static-1.444/bundles/project.js

GET
H2 200 139577915.js
js-eu1.hs-analytics.net/analytics/1701857400000/ 66 KB
21 KB 96ms
49ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1701857400000/139577915.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 268VVQYH1YDWWQV5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 791c6114-fa47-4e29-8ea0-4b0c9cc62d2d
x-envoy-upstream-service-time: 17
x-amz-id-2: fqqSD829akGUo5fOSkg7Xdlytc+PEXR4LN9fpwP5yKOTh+UnV3NNndoq+TWPoaRTzawmAjeSq1M=
x-evy-trace-listener: listener_https
x-request-id: 791c6114-fa47-4e29-8ea0-4b0c9cc62d2d
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 01 Dec 2023 15:31:12 GMT
server: cloudflare
etag: W/"6ab46cc33e4f4ff095acc268447b5ac2"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-54d97ddf9c-sl4dv
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8313bc960afd68fb-FRA
expires: Wed, 06 Dec 2023 10:15:01 GMT

GET
H2 200 fb.js
js-eu1.hsadspixel.net/ 6 KB
4 KB 90ms
25ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsadspixel.net/fb.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
x-amz-version-id: XlFw32Cnxu8ZjnNH.SH7ungVy3g8LtQG
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P2
age: 355
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.501/bundles/pixels-release.js&cfRay=8313b3eb5b2c37c6-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 65a38ed3-9e9f-4232-aa45-f1ade06951d7
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 65a38ed3-9e9f-4232-aa45-f1ade06951d7
last-modified: Mon, 04 Dec 2023 14:19:28 UTC
server: cloudflare
etag: W/"ed930579444c6c7c0292363361667508"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-9bbd8cb6-gcgl9
cf-ray: 8313bc96af873a5c-FRA
x-amz-cf-id: qGpSGGF2x1JVBYA9IjWVNMve9ceLclaJtP6FB9uzAgEYHS2A11UEqg==
x-hs-target-asset: adsscriptloaderstatic/static-1.501/bundles/pixels-release.js

POST
H2 200 page
rs.fullstory.com/rec/ 5 KB
2 KB 148ms
126ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1454

GET
H2 200 main.MTdjYzNiZDU2MQ.js
analytics.tiktok.com/i18n/pixel/static/ 417 KB
108 KB 19ms
18ms Script
application/javascript 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHEF1OBC77UAAU7KU0H0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 4b012d29
date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731366C6C9225508B25D1BE34
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015ebf0c445aaa86c0c7b65a26901913e4f395246009a496d8520067e16b761ce0fe4a29db026a2c0f93da2f13c03d8bfa534f59781582768fe7032ed82fc5367d510f6d72c3cf46d2e026683070be11fe4bd4de4945950cf7f735e018e01ec779
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 110335

POST
H2 204 /
px.ads.linkedin.com/wa/ 0
725 B 236ms
198ms XHR
text/plain 2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: *
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 10:10:00 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7980AD587EB0439DBAD0DC012FD6703C Ref B: VIEEDGE2517 Ref C: 2023-12-06T10:10:01Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYL1I3dZHXCSCI27EP2Zg==

GET
H2 200 211021221
www.clarity.ms/tag/uet/ 829 B
1 KB 204ms
187ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/211021221
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/211021221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Wed, 06 Dec 2023 10:10:01 GMT
x-azure-ref: 20231206T101001Z-nfqnkn5bqx6avdpswcn6r7nmk400000001w000000000bvxt
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 829
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

GET
H2 200 identify_bb163.js
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 12ms
12ms Script
application/javascript 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 4b012d3b
date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073136FEDC675495BC05EA7848
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015ebf0c445aaa86c0c7b65a26901913e4f395246009a496d8520067e16b761ce006af2c5194a4cd9778afc28c7db97291836d76ba3faa1b75b868088a4c7b4d5ea13d3b6203d0ed8e39f12535c248fed7606bb82c8b8796e51fd89fcaf9e5a832
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=2
content-length: 36079

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 144ms
144ms Ping
text/plain 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 44d55721.4b012d57
date: Wed, 06 Dec 2023 10:10:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231206101001C5FBA71EF5F65E14B1C2-7254BAA4821F79C4-00
x-cache: TCP_MISS from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 129,23.38.99.92
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=41, inner; dur=38
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231206101001C5FBA71EF5F65E14B1C2
x-cache-remote: TCP_MISS from a23-220-107-199.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 42,23.220.107.199
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c88b45a0bce1c12334db7c5c154c7e3c5125d5955d3c346f226a60aeee8e183dd63f12c685a9dde5e1b8d3d9ae76bc3bf0dc16243fcdc101473b28aad0a022e2d2c952e7fa135b0c68d87c1e524d08df7498b18509bbb8ed173d9d68ad1fb4ab7e
access-control-allow-headers: Authorization,*
expires: Wed, 06 Dec 2023 10:10:01 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 23ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=280638974420595&ev=PageView&dl=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&rl=&if=false&ts=1701857401308&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1701857401307.234585057&ler=empty&it=1701857401099&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 06 Dec 2023 10:10:01 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 json
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 117 B
460 B 46ms
32ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=139577915&utk=

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 8c6516b3-f62a-4771-a370-b0b575008dec
x-envoy-upstream-service-time: 9
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 8c6516b3-f62a-4771-a370-b0b575008dec
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-9bbd8cb6-756sw
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8313bc966f19928d-FRA

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
1 KB 106ms
43ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=881765916&v=1.1&a=139577915&pu=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&t=PayStubs&cts=1701857401341&vi=8c24be563468a13f54d0fb6d69cbad49&nc=true&u=125208469.8c24be563468a13f54d0fb6d69cbad49.1701857401340.1701857401340.1701857401340.1&b=125208469.1.1701857401340&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 746f8fe4-4118-4a37-a87b-37e4487dadc1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 3
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 746f8fe4-4118-4a37-a87b-37e4487dadc1
last-modified: Wed, 06 Dec 2023 10:10:01 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dklUlyz%2BRlA%2F9M2VN7yEiZKKHNlV4hNWG8DUOFeTaBEc9ab1bNRzXNSrnYfbazkhMIzpLY2TmZm55LM8dEmUbO7GWaMQUwxYsr0G%2Bm%2BEQrzp%2BAXHw1zFqshnA8RasZYo1s1y44mOMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-85847fc4bc-p7l66
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 8313bc96ea7e1da8-FRA
x-robots-tag: none

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
272 B 534ms
370ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401822417
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701857401821215
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
272 B 533ms
369ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401822412
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 2
x-stripe-client-envoy-start-time-us: 1701857401821380
access-control-allow-credentials: true
content-length: 0

GET
H2 200 config_iframe.html
wchat.freshchat.com/widget/ Frame 19DF 701 B
1 KB 97ms
96ms Document
text/html 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=bd0364fa-d424-407a-b9d3-de0b797de041&origin=https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Wed, 06 Dec 2023 10:10:01 GMT
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 1
x-fw-ratelimiting-managed: false
x-request-id: 7e3b1e3a-2688-4a76-84d4-0b9ee3d7cc76
x-server: rbfhg
x-trace-id: 00-2e9857a6a3979baa3f9d2bea3df64b27-2dce81b9a33043e3-00
x-xss-protection: 1; mode=block

GET
H2 200 json
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 117 B
1 KB 71ms
34ms XHR
application/json 2a06:98c1:3200::90:1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=139577915

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 19e227d1-cc2a-4401-bfa3-592b64c7047b
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 19e227d1-cc2a-4401-bfa3-592b64c7047b
server: cloudflare
x-trace: 2B5310998F216B860312FADE95AB4AB2798C082175000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-75bd7484f7-m7rnp
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUF1qZ%2FlBQSrusr0Qt5MEivNLdwsa6lJp4VEVG2oAXu136rbCE7MsA7FdtyiyT2lN8%2Fvwcw03jDlYDXxuuTDJnxEJQGYmL%2BfRTjB53bBYM%2B1YqZqDl3qEob6CZtyExI9i2x%2FLugiuoYLxm9%2B43hpGA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8313bc970c89bbb6-FRA
access-control-allow-headers: *

GET
H3 200 js
www.googletagmanager.com/gtag/ 231 KB
80 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11223038493

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81805
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 10:10:01 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ 231 KB
80 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11223038493&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81947
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 10:10:01 GMT

GET
H2 200 config
wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/ Frame 19DF 3 KB
2 KB 112ms
112ms Fetch
application/json 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/config?domain=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=bd0364fa-d424-407a-b9d3-de0b797de041&origin=https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=bd0364fa-d424-407a-b9d3-de0b797de041&origin=https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 14
x-xss-protection: 1; mode=block
x-request-id: 43ddcfbd-6bf5-94ac-a5a1-36d06b92d7a1
x-trace-id: 00-631401dbcbed9355313eda91a03e75af-3ca52c49a94cdd77-01
server: fwe
vary: accept-encoding
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 2601
x-ratelimit-remaining: 2999
x-ratelimit-limit: 3000

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
838 B 134ms
134ms Ping
text/plain 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 715b4c5.4b012dd9
date: Wed, 06 Dec 2023 10:10:01 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312061010011E541F12DC9809F05176-0CD874AF79E6F272-00
x-cache: TCP_MISS from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 118,23.38.99.92
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=30, inner; dur=28
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312061010011E541F12DC9809F05176
x-cache-remote: TCP_MISS from a23-48-100-6.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 30,23.48.100.6
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c86687cbda507e00f4e612dae31603a8d538866d221747e859ba1e1f12e71e9915e18215643b17a0b9209b231874d72263bf0fd0a667c8683e89ddb56e5fb82d46d370b193c1221b13f8aa0fc07c7cbbd2b92c588154e92da8a1b2fdb24d5aa40a
access-control-allow-headers: Authorization,*
expires: Wed, 06 Dec 2023 10:10:01 GMT

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
272 B 406ms
370ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401821228
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 4
x-stripe-client-envoy-start-time-us: 1701857401821035
access-control-allow-credentials: true
content-length: 0

POST
H2 200 0
r.stripe.com/ Frame 99AF 0
273 B 398ms
365ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-a00ff050abe843d1de675a242417b2c0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 06 Dec 2023 10:10:01 GMT
x-stripe-server-envoy-start-time-us: 1701857401820416
server: nginx
content-type: text/plain
access-control-allow-origin: https://js.stripe.com
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1701857401819835
access-control-allow-credentials: true
content-length: 0

GET
H2 200 /
googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/ 3 KB
2 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/?random=1701857401540&cv=11&fst=1701857401540&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&hn=www.googleadservices.com&frm=0&tiba=PayStubs&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1871898161.1701857401&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11223038493&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1279
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 15ms
15ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/211021221
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
etag: W/"0x8DBF4C1B3818466"
vary: Accept-Encoding
x-azure-ref: 20231206T101001Z-nfqnkn5bqx6avdpswcn6r7nmk400000001w000000000bvyw
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a83e7593-d01e-0008-28ad-2634d4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=0E4AF66792A746B1B11FD531001A87C5&RedC=c.clarity.ms&MXFR=1902FB48778A6A0B35EDE897738A64F8
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0E4AF66792A746B1B11FD531001A87C5&MUID=2EF978ADDC3A6E3326596B72DDB16F19

42 B
442 B

30ms
30ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0E4AF66792A746B1B11FD531001A87C5&MUID=2EF978ADDC3A6E3326596B72DDB16F19
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
server: Microsoft-IIS/10.0
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 353544E3E7764C28B27AED4AC7874374 Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:01Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=0E4AF66792A746B1B11FD531001A87C5&MUID=2EF978ADDC3A6E3326596B72DDB16F19
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/11223038493/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11223038493/?random=1701857401540&cv=11&fst=1701856800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&frm=0&tiba=PayStubs&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4Lh4tS33EJu62-GHFlLPHM4ppeVA0kRxz6478dgFCEDeyueK&random=460496154&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11223038493/ 42 B
108 B 20ms
20ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11223038493/?random=1701857401540&cv=11&fst=1701856800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Flogin&frm=0&tiba=PayStubs&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN4Lh4tS33EJu62-GHFlLPHM4ppeVA0kRxz6478dgFCEDeyueK&random=460496154&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
wchat.freshchat.com/widget/ Frame 1FF4 5 KB
3 KB 96ms
96ms Document
text/html 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/assets/index-jOdbRKN_.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Wed, 06 Dec 2023 10:10:01 GMT
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: 9ed9b770-630f-4155-8c34-9b6ab648f9df
x-server: 4z8vk
x-trace-id: 00-57975f9a21a25fe01ef05b1d699f593d-b744f03e42811332-00
x-xss-protection: 1; mode=block

GET
H2 200 widget.css
wchat.freshchat.com/widget/css/ 9 KB
2 KB 102ms
102ms Stylesheet
text/css 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/widget.css?t=1701857401668

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: 8b6d3e87-4a93-4351-b350-34b26fb4247c
x-trace-id: 00-5ceb58096ea63a46038597598c3de8b7-8675d09001fb41bd-00
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 4z8vk
expires: Thu, 05 Dec 2024 10:10:01 GMT

POST collect
o.clarity.ms/ 0
0

GET
H2 200 vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 1FF4 23 KB
4 KB 87ms
9ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:06:35 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 07:47:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 209
x-amz-server-side-encryption: AES256
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 0aQJIvEHpDXuM1FxNNhnh0pn62FMqvjxb9pLtJnnOGq_osXbrGuOTg==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 1FF4 0
420 B 88ms
10ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:53 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 69
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Thu, 16 Nov 2023 07:47:36 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: 2QF1Jl2u9CRjS9Jje7XYyevNysCZmLxQ7UO3jbKEJwguH1YBaQdYNg==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 vendor.862630a2b93632e0d7bbae6d63246102.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 1FF4 684 KB
181 KB 87ms
10ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:34 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 04:32:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 98
x-amz-server-side-encryption: AES256
etag: W/"862630a2b93632e0d7bbae6d63246102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: NExWftgtLCv1JySSmgue1D8BfV4ngZsMae4uJhZEVuKJG629IBY9vA==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 211.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 1FF4 772 KB
199 KB 8ms
8ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/211.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:06:19 GMT
content-encoding: gzip
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 06:28:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 242
x-amz-server-side-encryption: AES256
etag: W/"47c822f8cee790a907c6e7dd37148e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: cQTRP-k1u4UPpktcBARG7981v13MeSoMV4WO5WXQorTWjdRVzO_skQ==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 chunk.3fbff7b122c7b213cc66.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 1FF4 242 KB
30 KB 8ms
8ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.3fbff7b122c7b213cc66.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:45 GMT
content-encoding: gzip
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 06:28:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 244
x-amz-server-side-encryption: AES256
etag: W/"05b1e01be3b51279f3932e908f6579db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: tZL-unprLAKtKNaLkUbQd2h5qnEL8pnnItXPGE_4eArYR8tB6vT0oA==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 fd-messaging.cbe37f3b3fd8dc523e51.css
assetscdn-wchat.freshchat.com/static/ Frame 1FF4 242 KB
27 KB 9ms
9ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.cbe37f3b3fd8dc523e51.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:06:35 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 04:32:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 208
x-amz-server-side-encryption: AES256
etag: W/"05b1e01be3b51279f3932e908f6579db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: bY0ZLRSSWm-_GoeOAhl7WshIdXgjc_HDld_67JptJ_4z24bM1nFyJA==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 fd-messaging.74e39c50d73aede4e975.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 1FF4 736 KB
132 KB 8ms
8ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20=&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:54 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 27 Nov 2023 06:49:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 68
x-amz-server-side-encryption: AES256
etag: W/"cfbdd7cc27f6369f9f18ba232aa13732"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: vxjqjGignNnPZg4VtVJPYQSGAHNCD9WDTCQWUgBg1W6fBSGqgq7L0g==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET rts-min.js
rts-static-prod.freshworksapi.com/us/ Frame 1FF4 0
0

GET chunk.53225951580d96ba885c.js
assetscdn-wchat.freshchat.com/static/assets/ Frame 1FF4 0
0

POST v2
rs.fullstory.com/rec/bundle/ 0
0

POST /
www.woopra.com/track/push/ 0
0

POST 0
bat.bing.com/actionp/ 0
0

POST collect
o.clarity.ms/ 0
0

POST /
o4505159641530368.ingest.sentry.io/api/4505192500625408/envelope/ 0
0

GET
H2 200 6464bbc2b411a231097dccfb_logo_mobile.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 5 KB
3 KB 52ms
16ms Image
image/svg+xml 18.66.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/6464bbc2b411a231097dccfb_logo_mobile.svg
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd3dde64a6e766a4d1ed233c47cc6f6549b44b631dcb67594ff77c61b2c71bd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 12:04:22 GMT
x-amz-version-id: IUtVaOk1aulSxAJqOhin_cgRGe5tjyys
content-encoding: br
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 1980341
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 17 May 2023 11:34:28 GMT
server: AmazonS3
etag: W/"58aff547dbddba076a9f1a95ee3afa68"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: XYes8iB8BlO57tBv_pt7m-IcsMgPE_JqxvcIpNq4IgmoNXUrsNjCwA==

GET
H2 200 65045a51b1376435015b969d_PayStubs_logo%20(5).png
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 5 KB
5 KB 49ms
13ms Image
image/png 18.66.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/65045a51b1376435015b969d_PayStubs_logo%20(5).png
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: beec0d053c8f74c5fc8aeac7373378e9a1897eea0ed27e8edf56383f71201655

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 06:58:53 GMT
x-amz-version-id: SZZDQgv3K_8pLBmuzb5hsNqYJQTIVFju
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 1998670
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4791
last-modified: Fri, 15 Sep 2023 13:21:23 GMT
server: AmazonS3
etag: "0e13cfd6c5e306141e11c86fb87ebfd5"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: 4MdR_34s7oHh9AnCrCY2CGWLp9rYFM-nrE5A1ztCY3-gjG8qXrZXUw==

GET
H2 200 6502c48e10da9a3470e9a521_Group%2021062.png
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 301 KB
301 KB 55ms
20ms Image
image/png 18.66.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/6502c48e10da9a3470e9a521_Group%2021062.png
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80b2f78cd58c98116e945004bee55da41f0506adacc10e362b75d95a4bdb24df

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 05:07:10 GMT
x-amz-version-id: EbCICCiaEFYJmGsX3.ETOYysJiduBKms
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 1227773
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 307721
last-modified: Thu, 14 Sep 2023 08:30:08 GMT
server: AmazonS3
etag: "a2946505a71ba2bab346afe5a1e36861"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: uDNKVJxMjD4SN1wFVBdpVcgJs3VxQXXoEgGaQ5SkLANoMb6Okiga_Q==

GET
H2 200 650949474a1e9f95adf04245_Text%20and%20checklist.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 57 KB
20 KB 50ms
15ms Image
image/svg+xml 18.66.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/650949474a1e9f95adf04245_Text%20and%20checklist.svg
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 65e824fcf534553c1cbfb6a8404a0e6fa966604c846bf5fc348b27d9ade63bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 12:04:22 GMT
x-amz-version-id: rBRO7_5uxrAwm.KvJfpJLJyFf1GFzUnk
content-encoding: br
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 1980341
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Tue, 19 Sep 2023 07:10:00 GMT
server: AmazonS3
etag: W/"a81f99ff020845068432380cd4b4461b"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: Ujm2nVv0cmVpomFQY9jMpJ1_AzmCZ-dgGdd9A8QDDGMm7vlkOMR3IQ==

GET
H2 200 645deba153d0f1967d356f30_eye-slash.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 756 B
1 KB 49ms
14ms Image
image/svg+xml 18.66.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/645deba153d0f1967d356f30_eye-slash.svg
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11788b09fd68530090570b96be13fc8f3f76fd14ede52598b40f4421dc7e9c04

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:56:54 GMT
x-amz-version-id: mxV6YRkfgGAoR50O7IeiClcG8Aq0fBYx
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 1710789
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 756
last-modified: Fri, 12 May 2023 07:32:51 GMT
server: AmazonS3
etag: "cbce5c1c2c7666c6adfa9c7e10819261"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: CT_eXQzmGut4S95bXUHk5tcZuh3teF11SgzhBSDwXeT_REJO5-KvMA==

GET
H2 200 6464bbc2f940eff813ca1dfb_eye.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 709 B
1 KB 73ms
38ms Image
image/svg+xml 18.66.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/6464bbc2f940eff813ca1dfb_eye.svg
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c64435f07e61b7860c6fdfc7b918f7483557be76fba80d11dc075096d6f814f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 14:56:54 GMT
x-amz-version-id: 1L9mjJsugL3bWTVicLmwzVnb7nZUutsI
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 1710789
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 709
last-modified: Wed, 17 May 2023 11:34:28 GMT
server: AmazonS3
etag: "71115c2be2c72c65c1fade72f1ccc93b"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
x-amz-cf-id: J5SeBn6hhoviidAVfDoALRqjyESylcYFJ3acPO6A5DY9iQfKtlC6Kg==

GET
H2 200 645deaa9825a96ec23f12bba_Google_Icon.svg
uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/ 1 KB
1 KB 20ms
12ms Image
image/svg+xml 18.66.112.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/63d39d61533099307dbc0bf8/645deaa9825a96ec23f12bba_Google_Icon.svg
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-13.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ce88aa2cd221354d7ba1a07337a09e1632241bc1d755c2db614b1de1c383217

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 17:20:29 GMT
x-amz-version-id: ZSPvQ1rnM_znT78vGvO2EYVLHCURSOiS
content-encoding: br
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
age: 146974
x-amz-cf-pop: FRA56-P5
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 12 May 2023 07:28:43 GMT
server: AmazonS3
etag: W/"ce02bd8f1a1ab99c1b117260050c3647"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: 2oIsOXpguBWQZHPBlSosVBL6eSSgAoau_gKkGKFM4ucQ1yfk0HI2eg==

GET
H2 200 auth0.min.js Show response
cdn.auth0.com/js/auth0/9.18/ 182 KB
49 KB 398ms
14ms Script
application/javascript 2600:9000:2449:7400:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/auth0/9.18/auth0.min.js

Requested by

Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:7400:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c01cdbf532e04e0405e5a197ca95d698bc179640c8e1945487a5db0a05923caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: 0oSyqygNJmIxgTdWAY.70ye9IMXesbI9
content-encoding: gzip
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 09:54:56 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: AMS58-P6
age: 907
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Jan 2022 16:34:50 GMT
server: AmazonS3
etag: W/"e940a743df0750a57e7f584934a24620"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800,public
x-robots-tag: noindex
x-amz-cf-id: Qn-gijS4IqHLtFH5CbOjVhG3FnCdtSb5LabQ1P66SRQmps8b5ppYlQ==

GET
H2 200 object-assign.min.js Show response
cdn.auth0.com/js/polyfills/1.0/ 278 B
802 B 410ms
26ms Script
application/javascript 2600:9000:2449:7400:10:474e:104a:2961
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.auth0.com/js/polyfills/1.0/object-assign.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2449:7400:10:474e:104a:2961 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: QnBigF9q9VrtNR8TU_yhfoN9BlecmQ2x
date: Wed, 06 Dec 2023 09:18:00 GMT
via: 1.1 2fb699a7d2ee3ddd9b1caad139f90e76.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: AMS58-P6
age: 3123
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 278
last-modified: Thu, 08 Jun 2017 20:30:02 GMT
server: AmazonS3
etag: "4dfaafaab07b1c6c2314bfe79a1baa81"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800,public
accept-ranges: bytes
x-robots-tag: noindex
x-amz-cf-id: 6N7FB7jEzC307CrCC6Ue5GH7-V2UxcUdCcs0XQugwEa6DDzX9EPDXQ==

GET
H2 200 F37Bolton-Medium.woff
cdn-static.paystubs.com/fonts/ 49 KB
49 KB 751ms
391ms Font
font/woff 34.160.124.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-static.paystubs.com/fonts/F37Bolton-Medium.woff
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.124.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.124.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 25dae1888760b37dbff06288494fb41311061429bade1fc162aa8c6ca585e21d

Request headers

Referer: https://auth-staging.paystubs.com/
Origin: https://auth-staging.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPpAuihbejkCdQPLWtFBvzAubHK234hlDwWjvkrh60W5H12QIS0jtbgFcuqUqmDpoGSUNos
x-goog-storage-class: STANDARD
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-meta-access-control-allow-origin: *
content-length: 49996
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 03 Apr 2023 11:34:01 GMT
server: UploadServer
etag: "3066d93c9ea9e6502973dd20a645a961"
x-goog-generation: 1680521640999403
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=8jBZ4g==, md5=MGbZPJ6p5lApc90gpkWpYQ==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 49996
accept-ranges: bytes

GET
H2 200 F37Bolton-Regular.woff
cdn-static.paystubs.com/fonts/ 46 KB
47 KB 744ms
383ms Font
font/woff 34.160.124.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-static.paystubs.com/fonts/F37Bolton-Regular.woff
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.124.226 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 226.124.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93b04a3a6e5c5e1fe28c7e7c0a50351b232c214b20fb91365711510283864b7b

Request headers

Referer: https://auth-staging.paystubs.com/
Origin: https://auth-staging.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 google
x-guploader-uploadid: ABPtcPr6L944RdarLBRwu6l4qMRRR-B-CdnwAoGnVhTAJVOqsJQqD93GsLT3JQdvAphO3OAg9wM
x-goog-storage-class: STANDARD
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-meta-access-control-allow-origin: *
content-length: 47604
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
last-modified: Mon, 03 Apr 2023 11:34:15 GMT
server: UploadServer
etag: "1fb246470401e7bbd67f2a3f794e32dd"
x-goog-generation: 1680521655467666
content-type: font/woff
access-control-allow-origin: *
x-goog-hash: crc32c=SwgE7A==, md5=H7JGRwQB57vWfyo/eU4y3Q==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=3600
x-goog-stored-content-length: 47604
accept-ranges: bytes

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 299 KB
96 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ba2f0475e28a35e15fd558465091bf070e41239d7781fc4f0d367fa84a7e94f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98550
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 10:10:02 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
81 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MDB3MHPDXM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e55fce53854248a6e48a2af29f66d6a96fa9f2933b9bc4c99ad77eceaf2f9779

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82679
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 06 Dec 2023 10:10:02 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
806 B 8ms
8ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:16 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=82310
accept-ranges: bytes
content-length: 596

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 36ms
36ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Wed, 06 Dec 2023 10:10:01 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3CE523048C594EA1AE039F4498F56ECB Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:02Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
53 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 06 Dec 2023 10:10:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JS0HFEHpLLLrXfAqTFb2PoLVYX1AqZ/2D6C94DY86jWcA1L1v3nQhBIoFMyS3wW5P97KtvmXNvV6Geentxyijg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/ 4 KB
2 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/?random=1701857402547&cv=11&fst=1701857402547&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9116618575&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2s&ref=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20with%20Auth0&auid=1871898161.1701857401&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37df52e26bc28fe44838f554fb169278981dea426ef0eb3fcb356ee26bccae6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1628
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jkd.js Show response
cl.qualaroo.com/ki.js/83441/ 174 KB
55 KB 7ms
7ms Script
application/ecmascript 2400:52e0:1e00::1080:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1080 /
Resource Hash: 12c15d09c171fb3d000989e553e09f267ca5ddfec2827ba4f7620015df8e0225

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
cdn-edgestorageid: 1081
x-amz-request-id: KYD1R0HFE3DX8DMY
x-amz-server-side-encryption: AES256
cdn-cachedat: 11/02/2023 22:05:04
cdn-pullzone: 92714
x-amz-id-2: L51GHlttXazxB07Tv6JABHegVQxlqef69nzv0us0emXtb8RCaAvFivt+pUnjzJdhb46gIMRtd+s=
last-modified: Mon, 30 Oct 2023 11:44:00 GMT
server: BunnyCDN-DE1-1080
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: "bc8596cb14d803019e5d5accd3bfc9f8"
vary: Accept-Encoding, Accept-Encoding
content-type: application/ecmascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: max-age=0, s-maxage=3600
cdn-requestid: fdc303bb24acb96d7ac7129fe66ddd3c
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 fs.js Show response
edge.fullstory.com/s/ 248 KB
68 KB 7ms
7ms Script
application/javascript 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5c489c23f7192a19dc73e1c5ca3e5ec4611803b7a347e0638c797d316573c591

Request headers

Referer
Origin: https://auth-staging.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 09:12:05 GMT
content-encoding: br
age: 3477
x-guploader-uploadid: ABPtcPr_EPnRFR2zBnaGGU89YqPZSptRLQHPL9PHPYGMUI3UNCxFStoB41O7YKKeL2an0HpW4VFYsljgow
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69557
last-modified: Mon, 04 Dec 2023 14:26:15 GMT
server: UploadServer
etag: "91994ff19d391199afc5c6e6b3c5cad9"
vary: Accept-Encoding
x-goog-generation: 1701699975229890
x-goog-hash: crc32c=8CovOg==, md5=kZlP8Z05EZmvxcbms8XK2Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 69557
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 06 Dec 2023 10:12:05 GMT

GET
H2 200 139577915.js Show response
js-eu1.hs-scripts.com/ 2 KB
610 B 23ms
23ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hs-scripts.com/139577915.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e70258376726dd01dc6b24171f0caeffd2e01de8f80faa0ff703c0c50799b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: 78c2e255-4b69-4962-82a6-d640a82c3d62
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=2038
age: 1
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 78c2e255-4b69-4962-82a6-d640a82c3d62
cf-bgj: minify
last-modified: Wed, 06 Dec 2023 10:10:01 GMT
server: cloudflare
x-trace: 2B2611F3C7D3130061CC9B1B7976BFCC972BA4B443000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-75bd7484f7-qmpch
cache-control: public, max-age=30
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 8313bc9dfa65902e-FRA

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 125ms
125ms Script
application/javascript 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHEF1OBC77UAAU7KU0H0&lib=ttq
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f696470f2e95ff07d29a87cba78d7163193a3eeaf91ad5c58a7181be5a57c36e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 4b013019
date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312061010023A208CA01EAE7C40E254-7758268A17DB1A90-00
x-cache: TCP_MISS from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=112
content-length: 1750
pragma: no-cache
server: nginx
x-tt-logid: 202312061010023A208CA01EAE7C40E254
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 112,23.38.99.92
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c8c3ca2e002d16816d4a641785da0f88723224b30aaf7a90dc89e84afd56770fbb13c6a1ac8da9ddc64c096889a50014e113893a4c6f9b9b6f9b49fa45cdb3692c6da59e3d62fe462373b4d7d2d4d240be
expires: Wed, 06 Dec 2023 10:10:02 GMT

GET
H2 200 widget.js Show response
wchat.freshchat.com/js/ 66 KB
21 KB 99ms
99ms Script
application/javascript 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: 00-a07e1007f648820b37de9bd575b50ba6-70f45d17ccea22e3-00
date: Wed, 06 Dec 2023 10:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: rbfhg
x-envoy-upstream-service-time: 3
x-xss-protection: 1; mode=block
x-request-id: 9ce3262e-e880-4f70-a5df-bb2befdd7d12

GET
H2 200 w.js Show response
static.woopra.com/js/ 37 KB
13 KB 9ms
9ms Script
text/javascript 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.woopra.com/js/w.js
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 9213bf77e387d83295bc8f3fbedd1f0d95601ab5f0a1f1b8927af599531c2b23

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 38689
x-cache: HIT, HIT
content-length: 12997
x-served-by: cache-iad-kjyo7100087-IAD, cache-fra-eddf8230059-FRA
last-modified: Thu, 02 Nov 2023 23:29:38 GMT
server: Apache/2.2.15 (Red Hat)
x-timer: S1701857403.555945,VS0,VE0
etag: "21dbc-94f0-60933c2eb33ac"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
x-cache-hits: 23, 487

GET
H2 200 ntag.js Show response
www.nivaai.com/ 5 KB
2 KB 14ms
14ms Script
application/javascript 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nivaai.com/ntag.js?id=6249ec2b-9496-41ca-97c0-e50802176b13

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

b04ba4d5260643ffb3391278327417e0ee2b05220260770cb6a21b1fd148dbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: fra1::vkgj6-1701857402556-cbc69707b27a
age: 1688384
x-matched-path: /ntag.js
etag: W/"1f6e22d85d1b46e955d4656374f1b52e"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="ntag.js"

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 10ms
9ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=82242
accept-ranges: bytes
content-length: 12150

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
169 B 203ms
203ms XHR
text/plain 2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 6D93E65B140E4608A590F63C066CDB67 Ref B: VIEEDGE2517 Ref C: 2023-12-06T10:10:02Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
access-control-allow-origin: https://auth-staging.paystubs.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYL1I3x+7isfWvW4qqdvQ==

GET
H3 200 280638974420595 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 180ms
180ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/280638974420595?v=2.9.138&r=stable&domain=auth-staging.paystubs.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3c4fe844b18496bf0be2ed42cc178e8039788647be2793f00a8e7972c69204ad

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 06 Dec 2023 10:10:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: jSVxy+QOOFHOxX33M0gfKehUedPwbMY9U8+f0fY6u+fEyu+HLy6dKRqpmVUL8OFFW8iqJm3kMNNwI9u+SMFWYQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tr
api.nivaai.com/ 0
0 462ms
461ms Fetch
application/json 18.239.36.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.nivaai.com/tr?command=config&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&ntag=6249ec2b-9496-41ca-97c0-e50802176b13&pathname=/login
Requested by: Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.36.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-36-32.ams58.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 bec13cdbd4d650c71ed35e5a7991d3ca.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-trace-id: Root=1-6570487a-3657886e2615404e49fa89cd;Sampled=0;lineage=fc8b8e8b:0
x-amzn-requestid: cfa59524-effa-497e-ab33-9d478f8533ba
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: PhBDPHF7oAMEaTw=
content-length: 0
x-amz-cf-id: AN0CwdQukmOGKMEmHlVjJGjIkCjaVoWDivMzZi5jkVowPpofRNeNZw==
access-control-allow-headers: *

GET
H2

200

setuid
secure.adnxs.com/
Redirect Chain

https://api.nivaai.com/tr?f=88af339a74aa97d101dd5c01de2cb91576cb2904&sp=S-149357862&u=9c988384b6094037610962448ca3e859eaf8d62e&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://secure.adnxs.com/setuid?entity=52&code=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

43 B
846 B

7ms
7ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=52&code=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Requested by

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
an-x-request-uuid: e996f31d-a5a9-4e50-8d40-59b64be931ce
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.10.198; 80.255.10.198; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 9f2f7f05-56d2-45e0-9b42-57c49d2f7073
x-amzn-trace-id: Root=1-6570487a-0f8b5b7158fdee820705459f;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://secure.adnxs.com/setuid?entity=52&code=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDPH8NoAMEWzw=
content-length: 0
x-amz-cf-id: ZNqY799tCAr4hNTs1wnSud0NzM-nAHMmqHkjBOfhdRO17gHQuipgQg==
access-control-allow-headers: *

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://api.nivaai.com/tr?f=06c472030e7c9695fa372a64ea36a9961379d226&sp=S-408726195&u=7f17264a8e801c6bb9afb48ba7b3e3b3f19ce502&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://x.bidswitch.net/sync?dsp_id=46&user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30

43 B
145 B

8ms
8ms

Image
image/gif

3.69.41.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 3.69.41.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 7813b2a8-cad2-4f48-8750-23eeeea4d1cd
x-amzn-trace-id: Root=1-6570487a-17db749a168759ed36f2f1d2;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://x.bidswitch.net/sync?dsp_id=46&user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30
access-control-allow-origin: *
x-amz-apigw-id: PhBDNHKVIAMES1g=
content-length: 0
x-amz-cf-id: 4Igmt7z_rOql58_c0JyiwHebD8CvJMnFpjg4MJHRvULgzLcojlYPRg==
access-control-allow-headers: *

GET
H/1.1

200
OK

cookie-sync
sync.outbrain.com/
Redirect Chain

https://api.nivaai.com/tr?f=578f90fd67fdcd54956dced2ce20dcdf9142f9ad&sp=S-675849123&u=24de6614a05c34eeb09bc7dde9a000dfd17242ed&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://sync.outbrain.com/cookie-sync?p=niva&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&initiator=partner

0
145 B

91ms
91ms

Image
text/plain

70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=niva&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&initiator=partner
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: HTTP/1.1
Server: 70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 10:10:02 GMT
Cache-Control: no-cache
X-TraceId: 79dfd1a969d93c9056c45207599cd573
Content-Length: 0

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 5b2c6c2e-dafb-4a06-8d6b-a6aa8a1d9d6c
x-amzn-trace-id: Root=1-6570487a-484536b63f0b9ed006b6df58;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync.outbrain.com/cookie-sync?p=niva&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&initiator=partner
access-control-allow-origin: *
x-amz-apigw-id: PhBDNEMtoAMEfMQ=
content-length: 0
x-amz-cf-id: IskWt7pahj-sE9zWrDbtow7VWWR65J0JGn1EsOBhvG-Nc3h43HESJA==
access-control-allow-headers: *

GET
H2

200

sync.htm
ade.clmbtech.com/uid/
Redirect Chain

https://api.nivaai.com/tr?f=10e1cb15cb44ad36b7722a7fef0612e3bbac4066&sp=S-284953716&u=a8ef51bbd1c64b45e7882e2e876dcb9f9dfe470d&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

68 B
259 B

123ms
123ms

Image
image/jpeg

2a02:26f0:480:c::210:f190
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Requested by

Protocol

Server

2a02:26f0:480:c::210:f190 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Wed, 06 Dec 2023 10:10:02 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-upstream: 172.29.17.245:80
content-length: 68
x-xss-protection: 1; mode=block

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: df9a1982-a2ae-4cb0-8d75-c06ad82a1299
x-amzn-trace-id: Root=1-6570487a-54af52074a95a21e5a6d6955;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNHoOoAMEp1Q=
content-length: 0
x-amz-cf-id: 1oHjjEDwwgV8dJtq1yvolgLNob7TRdTwiFosraz3H9b1jZUFgKx-xw==
access-control-allow-headers: *

GET
H2

200

pixelct.tpmn
ad.tpmn.io/
Redirect Chain

https://api.nivaai.com/tr?f=3fde1860a45a4d59a7f2c2df8f7e2bbe789958b2&sp=S-917263458&u=4f4b8a4c63d370bb51eb06faa3c3f3fc1284a917&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://ad.tpmn.co.kr/pixelCt.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

170 B
614 B

266ms
266ms

Image
image/png

34.102.166.132
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 34.102.166.132 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 132.166.102.34.bc.googleusercontent.com
Software: /
Resource Hash: 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA,Sec-CH-UA-Platform-Version
vary: accept-encoding
content-type: image/png;charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: accept-encoding

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://api.nivaai.com/tr?f=c5a8fb7c5f1bbd179115d5a349e8ff22a6bab02d&sp=S-593187240&u=d92a278a4606529cd50ed2ace51a2aeb962a2f67&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://x.bidswitch.net/sync?dsp_id=46&user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30

43 B
145 B

8ms
8ms

Image
image/gif

3.69.41.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 3.69.41.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-41-2.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: a568b6cd-d6f4-46eb-94ef-a88c863812ff
x-amzn-trace-id: Root=1-6570487a-47e216bc3ddaea51395100ef;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://x.bidswitch.net/sync?dsp_id=46&user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30
access-control-allow-origin: *
x-amz-apigw-id: PhBDPGcuIAMEPRg=
content-length: 0
x-amz-cf-id: j_eVKentbEYGSmPxo1pjdfGB82IZeLGQkA-bjouJoHybPxdwLMV4IQ==
access-control-allow-headers: *

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/
Redirect Chain

https://api.nivaai.com/tr?f=13915bcddbc8ea773106010e33f79d42736fde25&sp=S-836291754&u=8dd9b9a903319008c55018a4b8a3531d27852f4f&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&NivaUserId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&google_cm&google_hm=ay1iRmc1N005R3FET2JVTmc0a2VVTjE4eTUwc18ya0lxUjB5N1hrZw
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&google_gid=CAESEOoCszYT1lp2WwXgnhaKqtI&google_cver=1&google_ula=913071,0

43 B
369 B

13ms
12ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&google_gid=CAESEOoCszYT1lp2WwXgnhaKqtI&google_cver=1&google_ula=913071,0

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 201049
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&NivaUserId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&google_gid=CAESEOoCszYT1lp2WwXgnhaKqtI&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 392
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/
Redirect Chain

https://api.nivaai.com/tr?f=67809ed156accf698c802524599a09d023fc8b57&sp=S-754890621&u=b50a3e8fe9c914cef312a296a4450862b81e7c45&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5888799030065900167

43 B
369 B

13ms
13ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5888799030065900167

Requested by

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:01 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 175521
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
an-x-request-uuid: 123ba73e-ca16-4c99-9820-0c09b7451528
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=5888799030065900167
x-proxy-origin: 80.255.10.198; 80.255.10.198; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sync
sync-criteo.ads.yieldmo.com/
Redirect Chain

https://api.nivaai.com/tr?f=9f97d441f4444636c3f67b18cec10f49bf921729&sp=S-283719645&u=cfcd17ec7319e306a166aa165c6dbaad0c2207b3&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://sync-criteo.ads.yieldmo.com/sync?id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&pn_id=criteo&ext=1

0
37 B

29ms
29ms

Image
text/plain

34.248.234.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&pn_id=criteo&ext=1
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 34.248.234.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-234-146.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-length: 0

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 5f96359c-2999-4760-b275-3d3b3b3fed58
x-amzn-trace-id: Root=1-6570487a-7f9ef27523725dd47e250631;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync-criteo.ads.yieldmo.com/sync?id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&pn_id=criteo&ext=1
access-control-allow-origin: *
x-amz-apigw-id: PhBDNEt6oAMEIKQ=
content-length: 0
x-amz-cf-id: X4GHUndY7SIr7scjSEHDpcqD9CFF6DgndCtpBYGnU3lEd7fdc9fVwA==
access-control-allow-headers: *

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/
Redirect Chain

https://api.nivaai.com/tr?f=50d816a0c974b04d4441ca0b3e837ffc515e1506&sp=S-469872513&u=3b78f7c921324d7d7303805205ee8e9b400ca89e&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

0
98 B

14ms
14ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13763

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 052a5e3a-1417-4a4b-9f8e-ad298f26e043
x-amzn-trace-id: Root=1-6570487a-2e20d8b70928c559577b08cf;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNFOtoAMEvvQ=
content-length: 0
x-amz-cf-id: mZNcI_0SWbzALPGKGH9Ldc2oezTKds-OBFp6VCVD2YKMLBEpe5RFXA==
access-control-allow-headers: *

GET
H2

200

sync
criteo-partners.tremorhub.com/
Redirect Chain

https://api.nivaai.com/tr?f=f46adeadb3950a7cf9fcd0d17a68baaa13be848e&sp=S-920573186&u=2c7ceef4481901ec1c404517849bdbc435a1f8ee&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://criteo-partners.tremorhub.com/sync?UICR=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

43 B
284 B

91ms
91ms

Image
image/gif

2600:1f18:612b:4280:bda1:9df6:36cc:93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 2600:1f18:612b:4280:bda1:9df6:36cc:93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Wed, 06 Dec 2023 10:10:02 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 7ade3c04-d984-46cf-9600-4cdaf8de8c41
x-amzn-trace-id: Root=1-6570487a-6591741356118ae04bd2a556;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://criteo-partners.tremorhub.com/sync?UICR=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNEvNoAMEVMQ=
content-length: 0
x-amz-cf-id: QVeZvLsCwmWEu8Dyv-Iyfbc4Otg9911Fouq-IdBvIMFYpJopkc_NMA==
access-control-allow-headers: *

GET
H2

200

cksync.php
contextual.media.net/
Redirect Chain

https://api.nivaai.com/tr?f=35de529461e52b1119d5c8ea0029316c5e5fa7d5&sp=S-537482901&u=f9ccdcf6d2e254b49ef01e96d490c34ecdf50ea1&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

53 B
613 B

211ms
211ms

Image
image/gif

2.19.216.27
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Requested by

Protocol

Server

2.19.216.27 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-19-216-27.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 06 Dec 2023 10:10:02 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 53
x-mnet-hl2: E
expires: Wed, 06 Dec 2023 10:10:02 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: b62860d8-87b2-4b6f-8041-ac91a6c34bf1
x-amzn-trace-id: Root=1-6570487a-5034b2d947f7cef058fcea89;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNHx8oAMEYUg=
content-length: 0
x-amz-cf-id: PaqjnIgE4H0VHkE6lmAPwjPYFlTKCAmaxexx2uH_K2efPa3dLr3htg==
access-control-allow-headers: *

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://api.nivaai.com/tr?f=5a729f206aeb17edfd30fdac7043f3d8e11ace45&sp=S-815263974&u=7ec12f30e78b7ba22b11f3cc743f6f5daed7f57d&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30

0
239 B

9ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 64a312be-696f-4ff5-a6b4-194fd51e3916
x-amzn-trace-id: Root=1-6570487a-7b647b5a2b7ff0390638cb6d;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&expires=30
access-control-allow-origin: *
x-amz-apigw-id: PhBDNEX3oAMEaKg=
content-length: 0
x-amz-cf-id: l6FN4Fj1AwJKk0E9jjdumy97mgd5Gy1pfXPigiMJOgFXyYwthojCCA==
access-control-allow-headers: *

GET
H2

204

v1
match.sharethrough.com/sync/
Redirect Chain

https://api.nivaai.com/tr?f=720332f281690805753f2f83ad415bbb2eb68a37&sp=S-297568410&u=04d0bbea8b9a652c488d655211583668789cee18&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

0
34 B

12ms
11ms

Image
text/plain

3.68.140.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 3.68.140.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-68-140-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: bbb60567-fa14-416a-8d3a-d837a54921c5
x-amzn-trace-id: Root=1-6570487a-7992baf20394626729e747d6;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNGvSIAMEvow=
content-length: 0
x-amz-cf-id: UW08-XMHklAPKsWqq3cT4rDEVkjBoNfZaT2EHog79VBKocQyXUimBA==
access-control-allow-headers: *

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://api.nivaai.com/tr?f=d37ccd7a5f5e5be7dafe55443a379374b3018a06&sp=S-614972385&u=2fa307d78f0e2a2dc67168bab9d88b668a441ec4&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

43 B
163 B

36ms
36ms

Image
image/gif

185.86.138.150
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: HTTP/1.1
Server: 185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 3ab9cf7e-dd58-49cb-8d92-2c0c87336d8f
x-amzn-trace-id: Root=1-6570487a-0f54fd770d732fee0e296666;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNEB7IAMEJRw=
content-length: 0
x-amz-cf-id: lKuzHk7aag5ke3a70B4N7zoH-2nD1Sm2JlRo5XrDWudav-V0RAUGhA==
access-control-allow-headers: *

GET
H2

200

um
criteo-sync.teads.tv/
Redirect Chain

https://api.nivaai.com/tr?f=eb35ac08f3c3d3bf1f4d4bb4b9216728cec2e51a&sp=S-758392614&u=4b9903641f4a0f9066270e7298999cd8430099ff&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://criteo-sync.teads.tv/um?eid=80&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

23 B
163 B

36ms
36ms

Image
image/gif

2.19.104.4
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 2.19.104.4 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-104-4.deploy.static.akamaitechnologies.com
Software: pekko-http/1.0.0 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: Wed, 06 Dec 2023 10:10:02 GMT
pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
cache-control: max-age=0, no-cache, no-store
server: pekko-http/1.0.0
content-length: 23
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 4c73505e-4990-41f4-8b30-b9f2017b29be
x-amzn-trace-id: Root=1-6570487a-70426bc8154442493ef2ae22;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://criteo-sync.teads.tv/um?eid=80&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNF-eIAMEIUQ=
content-length: 0
x-amz-cf-id: PAo3UJfyRQPz8Gc7NgPqj5p_0Cm7H7qUsxTDqxq0ddMII_MnMkjMhA==
access-control-allow-headers: *

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://api.nivaai.com/tr?f=6747cc23f746153f2b2a7b602ecaccb9a7bd50a3&sp=S-908142673&u=a72c1de4414b04d8f890b3bc3d3aaf4e17195654&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://eb2.3lift.com/xuid?mid=2711&xuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&dongle=013b

37 B
139 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&dongle=013b
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 037aeb07-05d3-4ace-a32f-359b549d31eb
x-amzn-trace-id: Root=1-6570487a-0b91b007509221a46307ff85;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://eb2.3lift.com/xuid?mid=2711&xuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&dongle=013b
access-control-allow-origin: *
x-amz-apigw-id: PhBDNFIZIAMEsCA=
content-length: 0
x-amz-cf-id: VCwEGiOWx1uj9YbGN1kw4aeyI9OV8RilyGKAqbzieinJtWTrnpdaAg==
access-control-allow-headers: *

GET
H2

204

sync
ups.analytics.yahoo.com/ups/58301/
Redirect Chain

https://api.nivaai.com/tr?f=fa3bbf1175eaaa621af07ec71d795fdafcb24f15&sp=S-326971458&u=21f4666dec325f4a4b4710f87ab6732088377337&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

0
38 B

11ms
10ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Requested by

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 99f4e262-2671-45e9-aaec-36d16ec79ea0
x-amzn-trace-id: Root=1-6570487a-0e5a56356a6bbb1b4832d4f5;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDPGaVIAMEqow=
content-length: 0
x-amz-cf-id: wX58edi_rmPL_8eWC07Tkk0EmgDu1y41gmDsBWOB1AM6eHeLYQuVfA==
access-control-allow-headers: *

GET
H/1.1

302
Found

idsync
tg.socdm.com/aux/
Redirect Chain

https://api.nivaai.com/tr?f=8727e54d6e13b409a2403aa659f030a6dd59210d&sp=S-690825437&u=51d12f19f79e8deec40d7f35a2eb45cc509f63a8&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

0
659 B

433ms
433ms

Image
text/plain

124.146.153.170
INFOSPHERE NTT PC...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: HTTP/1.1
Server: 124.146.153.170 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

X-SO-Cluster-ID: 0
Date: Wed, 06 Dec 2023 10:10:03 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/aux\/idsync?dsp_uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&proto=niva","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZXBIe8Co8XkAACFIAW8AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad1023"}
X-SO-Key: ZXBIe8Co8XkAACFIAW8AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad1023
P3P: CP="See also http://www.scaleout.jp/privacy/"
Cache-Control: private
X-SO-HostName: m-ad1023.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 168
Content-Length: 0
X-SO-LB-Hostname: m-tgng21.dc4p.scaleout.jp
X-SO-IP: 80.255.10.198

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: a7f53f68-95d5-427f-b5fe-3ebcbf9dab34
x-amzn-trace-id: Root=1-6570487a-492c5f3e28cdbe7877dee166;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDPHyloAMEdnQ=
content-length: 0
x-amz-cf-id: at3HCbZTegJZZ5J9_c2-V_svh8rtj4DSgyPA-r6zl5_2G-1c7Ne_1Q==
access-control-allow-headers: *

GET
H2

200

sync
visitor.omnitagjs.com/visitor/
Redirect Chain

https://api.nivaai.com/tr?f=d118ec24b37db2b9f1ccadf241e4632ccb6790e3&sp=S-573964182&u=346a1dd908b89059217820e615719f5cc3da5024&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

49 B
384 B

37ms
37ms

Image
image/gif

54.246.5.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

Requested by

Protocol

Server

54.246.5.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-246-5-75.eu-west-1.compute.amazonaws.com

Software

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
via: kong/2.8.4
x-content-type-options: nosniff
x-kong-proxy-latency: 0
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
x-kong-upstream-latency: 5
cache-control: no-cache, no-store, must-revalidate
content-length: 49
expires: 0

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: ca0fa8b5-dce6-4260-b9e6-8433c29cdf79
x-amzn-trace-id: Root=1-6570487a-2aa7ba496ae35acb754620c0;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=niva&visitor=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNHp2IAMEMcg=
content-length: 0
x-amz-cf-id: wvJfRrnIbMBuZFPH3u-NKtWUkW9F4i11q2E3ppgIRkVqOjYZOi5v4w==
access-control-allow-headers: *

GET
H3

200

rum
r.casalemedia.com/
Redirect Chain

https://api.nivaai.com/tr?f=bf57843020d0f2b0dcfb9ec94410d3c3deb0fb7a&sp=S-812435679&u=e63568adcf6106c2f7e9176c17ec7132f883d6c5&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

43 B
755 B

25ms
25ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vPz9fcM8NH%2B7upM1tA4OVveuCXbyvcZVbRHHcPS10gVeql589YxacWjE2%2BnerZzl7kx0mHNykSQw3PIA509S21w6T%2FluJvWvJ1FES5ntghrqIwHJXDEZsjaC4f0eZBmVUKc"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8313bca05a3b926d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 25aa7871-437b-404d-a2fe-89641cb25a96
x-amzn-trace-id: Root=1-6570487a-0c523090702a27ca4e740415;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDPE2wIAMEkmQ=
content-length: 0
x-amz-cf-id: HTQjvnGi70gLR1LFnhP8ggxertpmhLA_mIN2BIKYEgyyvuaa2hzInw==
access-control-allow-headers: *

GET
H/1.1

204
NO CONTENT

/
partner.mediawallahscript.com/
Redirect Chain

https://api.nivaai.com/tr?f=ecab21dcaece99acd3bd66fae38db4331a45a7d4&sp=S-938176540&u=6348dcc6f5e862a2bb2c7b536d708d2663b07dfa&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&custom=&tag_format=img&tag_action=sync&cb=

0
225 B

31ms
31ms

Image
text/html

52.50.201.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&custom=&tag_format=img&tag_action=sync&cb=
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: HTTP/1.1
Server: 52.50.201.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-201-227.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 06 Dec 2023 10:10:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=UTF-8

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 4fa3e646-1d5c-4689-9aba-9d48e3bda56a
x-amzn-trace-id: Root=1-6570487a-4f944ced374c4fa705567a2f;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://partner.mediawallahscript.com/?account_id=2045&partner_id=2106&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8&custom=&tag_format=img&tag_action=sync&cb=
access-control-allow-origin: *
x-amz-apigw-id: PhBDNHxuIAMEnBg=
content-length: 0
x-amz-cf-id: dfitNKXPN81XPwCYyzkEZN8mpoTJBT3BPnqtBZ8YXP0C9wytejZEZw==
access-control-allow-headers: *

GET
H2

200

match
ad.360yield.com/
Redirect Chain

https://api.nivaai.com/tr?f=2da2e7f29a444e02a7e52c5d5a488a5d14f5d7ae&sp=S-642739185&u=8cfc590d34394c2ef0723049fbdeea93acdcdde9&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

43 B
198 B

30ms
30ms

Image
image/gif

54.76.156.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 54.76.156.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-156-92.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 06 Dec 2023 10:10:02 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 7c5fd886-699a-47ff-8f73-ff554373ed0f
x-amzn-trace-id: Root=1-6570487a-452774c601a50fd469613857;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDPFETIAMEgbw=
content-length: 0
x-amz-cf-id: qn1RbxCWDLwvup2adMQf4mVnsnXj1uwqywAIm5zh_y3-Uvu9dDCcCw==
access-control-allow-headers: *

GET
H2

200

sync
matching.ivitrack.com/
Redirect Chain

https://api.nivaai.com/tr?f=e75980556eaeb9f2ac6ac8d45f1cbe771f427983&sp=S-795682431&u=91432ca9eecf758860845d8f9400c2f7a59ccad2&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://matching.ivitrack.com/sync?realm=niva&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

42 B
94 B

18ms
18ms

Image
image/gif

34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=niva&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:01 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 1d90aecc-4599-47c2-960e-aa285501c96b
x-amzn-trace-id: Root=1-6570487a-091cf65d7a26509671976d0f;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://matching.ivitrack.com/sync?realm=niva&uid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDNEO3IAMEM5g=
content-length: 0
x-amz-cf-id: 8RPBQ6Nx1eMU60CjpkHTWM2IqjUwZ7mA0RqnNT0pvPDcpTvIcir83w==
access-control-allow-headers: *

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://api.nivaai.com/tr?f=efd86e105013597855154feb5f5b4a4256397333&sp=S-318674529&u=ff81ad8dbf0046097baa9c3be3bb85ec8afe33a3&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0

70 B
149 B

110ms
33ms

Image
image/gif

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Date: Wed, 06 Dec 2023 10:10:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 4

GET
H2

200

push
exchange.mediavine.com/usersync/
Redirect Chain

https://api.nivaai.com/tr?f=9f088d50c82a135f4a2c97b4e4ffbacefecal139&sp=S-829541076&u=f27de6c2072ec7b8298bf7817723af9fbb265cc2&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

0
867 B

10ms
9ms

Image
text/html

3.125.15.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 3.125.15.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-15-233.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 0d90ae62-551c-4bde-992f-546ddf1f5db6
x-amzn-trace-id: Root=1-6570487a-4e6359b84ef6184d7c8327e4;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://exchange.mediavine.com/usersync/push?partner=niva&partnerId=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDPGoeoAMErzg=
content-length: 0
x-amz-cf-id: S9RriRlL-CZHM-8kGxJHKzMqbV1Xce2ZK9MdkcsVyAJTsFycpVHqtA==
access-control-allow-headers: *

GET
H2

200

c.gif
c.bing.com/
Redirect Chain

https://api.nivaai.com/tr?f=aaidc180e92278a7cc930079632585e48adf97ab&sp=S-615239870&u=7becd6406b1f8918e6159bb49a0735bdb10b2187&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

42 B
175 B

30ms
29ms

Image
image/gif

2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
last-modified: Wed, 30 Aug 2023 19:01:41 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3EA01D0790C94AE798C921163309D7A2 Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:02Z
etag: "8d59566974dbd91:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 03021d2e-c602-48e2-be20-febecc634b11
x-amzn-trace-id: Root=1-6570487a-38337c4402d7ac37468f2432;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDPESgoAMEemg=
content-length: 0
x-amz-cf-id: h_5aMX_Js50sgXhzMagisbpinBXhisK9WLyZndRpmEGc926HS1IDIg==
access-control-allow-headers: *

GET
H2

200

1017
jadserve.postrelease.com/suid/
Redirect Chain

https://api.nivaai.com/tr?f=6cda20d25a20df7c58b358f9c7a1b76260e6dc34&sp=S-470638592&u=2526a56da4de76625aed68c63a7a21b3a698f8ed&na=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
https://jadserve.postrelease.com/suid/1017?vk=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8

43 B
421 B

172ms
172ms

Image
image/gif

44.219.110.252
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/1017?vk=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
Requested by: Host: auth-staging.paystubs.com
URL: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
Protocol: H2
Server: 44.219.110.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-219-110-252.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:03 GMT
server: nginx
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

date: Wed, 06 Dec 2023 10:10:02 GMT
via: 1.1 7333604337e68c1ea3a1a85e9b6be668.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P2
x-amzn-requestid: 0f0dd235-4c4c-4c58-be94-cddb92bf395b
x-amzn-trace-id: Root=1-6570487a-528aba30580af3223eb17c94;Sampled=0;lineage=fc8b8e8b:0
x-cache: Miss from cloudfront
content-type: application/json
location: https://jadserve.postrelease.com/suid/1017?vk=2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
access-control-allow-origin: *
x-amz-apigw-id: PhBDPGHQoAMEAfQ=
content-length: 0
x-amz-cf-id: pGoDBqyftsUSTse0bX_ol4V6zsz-5qPbh6mdD_qQ9yAnn-09kUqNng==
access-control-allow-headers: *

GET
H2 200 banner.js Show response
js-eu1.hs-banner.com/v2/139577915/ 60 KB
18 KB 20ms
18ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/v2/139577915/banner.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c6c4ecc6aac6f284affdf616776945dad82db976b7ecbeb44617a2c18f68da

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
x-amz-version-id: 7_9kgoHJhK86Gi8uH0IkzWU8GPpWRlD8
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 268NBAJ0D0BGYX77
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 6fd67d63-c3b6-4b72-8aa3-46e1fdbec587
age: 1
x-envoy-upstream-service-time: 44
x-amz-id-2: Svt6r+CTjJs7sC6feg/TnU1aPyguMt79sTqlq9Fu77Oqq1Cgibdye4O/91PAlmE/y7qU9WJw4dc=
x-evy-trace-listener: listener_https
x-request-id: 6fd67d63-c3b6-4b72-8aa3-46e1fdbec587
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 01 Dec 2023 15:31:08 GMT
server: cloudflare
etag: W/"3cb2298442f20e46878c5d00e3e04434"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-54d97ddf9c-srs49
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 8313bc9e3a602bea-FRA
expires: Wed, 06 Dec 2023 10:15:01 GMT

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 69 KB
25 KB 23ms
21ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hscollectedforms.net/collectedforms.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://auth-staging.paystubs.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
x-amz-version-id: qOShuUL.zI.RMIWwukZE0taADNX_1wuf
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: FRA56-P2
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: bff0e40a-02db-46fa-ac8a-650c24b8f8e7
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=collected-forms-embed-js/static-1.444/bundles/project.js&cfRay=8313bc9e3e78928d-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: bff0e40a-02db-46fa-ac8a-650c24b8f8e7
last-modified: Mon, 04 Dec 2023 12:10:50 UTC
server: cloudflare
etag: W/"109b7665e389a0b17fbf732bf7a02089"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-evy-trace-virtual-host: all
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-9bbd8cb6-gcgl9
cf-ray: 8313bc9e3e78928d-FRA
x-amz-cf-id: oJChoUPnfcOgdQKrIpq5d3_8d5eQid22m3rsTZyNye9XGv4XYYS_Tg==
x-hs-target-asset: collected-forms-embed-js/static-1.444/bundles/project.js

GET
H2 200 139577915.js Show response
js-eu1.hs-analytics.net/analytics/1701857400000/ 66 KB
21 KB 20ms
19ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1701857400000/139577915.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09f07f0a0c4d0396c7dd81ea1873fb81c83913096ab2461e6a8c52566e1869ce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 268VVQYH1YDWWQV5
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 791c6114-fa47-4e29-8ea0-4b0c9cc62d2d
age: 1
x-envoy-upstream-service-time: 17
x-amz-id-2: fqqSD829akGUo5fOSkg7Xdlytc+PEXR4LN9fpwP5yKOTh+UnV3NNndoq+TWPoaRTzawmAjeSq1M=
x-evy-trace-listener: listener_https
x-request-id: 791c6114-fa47-4e29-8ea0-4b0c9cc62d2d
x-evy-trace-route-configuration: listener_https/all
last-modified: Fri, 01 Dec 2023 15:31:12 GMT
server: cloudflare
etag: W/"6ab46cc33e4f4ff095acc268447b5ac2"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/analytics-js-proxy-td/envoy-proxy-54d97ddf9c-sl4dv
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 8313bc9e3b9568fb-FRA
expires: Wed, 06 Dec 2023 10:15:01 GMT

GET
H2 200 fb.js Show response
js-eu1.hsadspixel.net/ 6 KB
3 KB 17ms
16ms Script
application/javascript 172.65.219.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js-eu1.hsadspixel.net/fb.js

Requested by

Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/139577915.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.219.229 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
x-amz-version-id: XlFw32Cnxu8ZjnNH.SH7ungVy3g8LtQG
via: 1.1 367a4718be97a49df7ac0500a986437a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: FRA56-P2
age: 356
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.501/bundles/pixels-release.js&cfRay=8313b3eb5b2c37c6-FRA
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 65a38ed3-9e9f-4232-aa45-f1ade06951d7
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 1
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 65a38ed3-9e9f-4232-aa45-f1ade06951d7
last-modified: Mon, 04 Dec 2023 14:19:28 UTC
server: cloudflare
etag: W/"ed930579444c6c7c0292363361667508"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-9bbd8cb6-gcgl9
cf-ray: 8313bc9e38043a5c-FRA
x-amz-cf-id: qGpSGGF2x1JVBYA9IjWVNMve9ceLclaJtP6FB9uzAgEYHS2A11UEqg==
x-hs-target-asset: adsscriptloaderstatic/static-1.501/bundles/pixels-release.js

GET
H2 200 / Show response
www.woopra.com/track/ce/ 0
160 B 353ms
352ms Script
text/javascript 162.55.95.216
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.woopra.com/track/ce/?project=paystubs.com&instance=woopra&meta=&screen=1600x1200&language=en-US&app=js-client&referer=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&cookie=XQAUCnpCtVWR&event=pv&timeout=600000&idptnc=GfwNIJR2bHiE&ce_url=%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%253D%253D%26code_challenge%3DJJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&ce_title=Sign%20In%20with%20Auth0&ce_domain=auth-staging.paystubs.com&ce_uri=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%253D%253D%26code_challenge%3DJJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&ce_scroll%20depth=1&ce_returning=false
Requested by: Host: static.woopra.com
URL: https://static.woopra.com/js/w.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.55.95.216 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.216.95.55.162.clients.your-server.de
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
content-type: text/javascript; charset=utf-8

GET
H3 200 web Show response
edge.fullstory.com/s/settings/MCM6B/v1/ 4 KB
1 KB 115ms
115ms XHR
application/json 35.201.112.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/settings/MCM6B/v1/web
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 842cc4b7277aa4070e812687e553c32ebc03920c3a188cc0c7efcafa056e5453

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPo1BzlJCAWDJwqd7Cssf4ZmmpjPFZVdYUnIY-vGsChJ20GSpD4hpFwztLiZ705ZnGebF2s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
last-modified: Wed, 06 Dec 2023 10:06:29 GMT
server: UploadServer
etag: "8c624d63898c6c0210d83822fe8b840e"
x-goog-generation: 1701701489620479
x-goog-hash: crc32c=zVN12Q==, md5=jGJNY4mMbAIQ2Dgi/ouEDg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public,max-age=900,no-transform
x-goog-stored-content-length: 1322
accept-ranges: bytes
content-type: application/json
expires: Wed, 06 Dec 2023 10:25:02 GMT

GET
H2 200 211021221.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 30ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211021221.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

7a9ae3d49c9ea02f3915ad9c400addeefabaa073c58a17cedab13334b6db9a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Wed, 06 Dec 2023 10:10:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 07CF7E13EB2C43FBAB4EBB0AA8029992 Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:02Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
121 B 35ms
34ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211021221&tm=gtm002&Ver=2&mid=2d95e784-1ca4-46b7-bfda-c9b08259678a&sid=9e110440941f11ee90ef83801d41ea1d&vid=9e10f090941f11eeba5875457ec2dad2&vids=0&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20In%20with%20Auth0&p=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%253D%253D%26code_challenge%3DJJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&r=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&lt=1325&evt=pageLoad&sv=1&rn=518680

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 10:10:02 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A12C3C674CA84206B5273F99A87747C5 Ref B: FRA31EDGE0614 Ref C: 2023-12-06T10:10:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11223038493/ 42 B
64 B 19ms
18ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11223038493/?random=1701857402547&cv=11&fst=1701856800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9116618575&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2s&ref=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&frm=0&tiba=Sign%20In%20with%20Auth0&fmt=3&is_vtc=1&cid=CAQSKQDICaaNyH0vOCXUlwHBTawy3Z059hIjI2btcvMD1f8oEKvfbtN2HWMm&random=2902336413&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11223038493/ 42 B
64 B 23ms
22ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11223038493/?random=1701857402547&cv=11&fst=1701856800000&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v9116618575&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2s&ref=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&frm=0&tiba=Sign%20In%20with%20Auth0&fmt=3&is_vtc=1&cid=CAQSKQDICaaNyH0vOCXUlwHBTawy3Z059hIjI2btcvMD1f8oEKvfbtN2HWMm&random=2902336413&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config_iframe.html Show response
wchat.freshchat.com/widget/ Frame 9DC5 701 B
1 KB 96ms
96ms Document
text/html 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=bd0364fa-d424-407a-b9d3-de0b797de041&origin=https://auth-staging.paystubs.com

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

bae1f759fd4cd9055a14e9384f474c8e53358ea04bffda92bde1e11b0599c61c

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Wed, 06 Dec 2023 10:10:02 GMT
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: f28c0ad9-e275-4636-ad62-49202bab9b24
x-server: rbfhg
x-trace-id: 00-5df8d2eb4063e3275883f9afb92f132d-c9724e1733f0fc1d-00
x-xss-protection: 1; mode=block

GET
H2 200 main.MTdjYzNiZDU2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 417 KB
108 KB 12ms
12ms Script
application/javascript 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CHEF1OBC77UAAU7KU0H0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 4b013073
date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731366C6C9225508B25D1BE34
vary: Accept-Encoding
x-cache: TCP_HIT from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015ebf0c445aaa86c0c7b65a26901913e4f395246009a496d8520067e16b761ce0fe4a29db026a2c0f93da2f13c03d8bfa534f59781582768fe7032ed82fc5367d510f6d72c3cf46d2e026683070be11fe4bd4de4945950cf7f735e018e01ec779
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 110335

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 8ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=280638974420595&ev=PageView&dl=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%253D%253D%26code_challenge%3DJJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&rl=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&if=false&ts=1701857402809&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1701857401307.234585057&ler=other&it=1701857402588&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 06 Dec 2023 10:10:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 211021221 Show response
www.clarity.ms/tag/uet/ 692 B
947 B 105ms
105ms Script
application/x-javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/211021221
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/211021221.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 720f1310d438fb883b9342113b4edb34973a73e0707bd6c46c4961e82ed08b43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

expires: -1
date: Wed, 06 Dec 2023 10:10:02 GMT
x-azure-ref: 20231206T101002Z-nfqnkn5bqx6avdpswcn6r7nmk400000001w000000000bw4a
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 692
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 json Show response
api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ 117 B
600 B 35ms
35ms XHR
application/json 2a06:98c1:3200::90:1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=139577915

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3200::90:1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10bdda36dcff1675fc2c5a6db3302e6a3b5addb65fc342cb59ad10ebb2a29661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3a2dfa6f-fac4-4b4f-9f5c-3bbe00e36c5b
content-encoding: br
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3a2dfa6f-fac4-4b4f-9f5c-3bbe00e36c5b
server: cloudflare
x-trace: 2B640BF1C277EA53254B9913AC5080226239CCE494000000000000000000
vary: origin
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://auth-staging.paystubs.com
x-evy-trace-virtual-host: all
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-served-by-pod: fra04/hubapi-td/envoy-proxy-75bd7484f7-gtshx
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cflNxx2HjFFr%2Fj%2BU2LBBDrD2L%2BtrP%2BCPlf32jOAarXMv8EtlNBZaRF6ubzlw1H7lxCYMT7S1yM7CRj%2Bz0RY%2FI%2FT2wxJUqiThHyotomi08%2BBQr%2FrIzKUnQRBRrUFuC7zOg2a%2BGBPXCXKsVavDbCCxNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8313bc9f9f40bbb6-FRA
access-control-allow-headers: *

GET
H2 200 json Show response
forms-eu1.hscollectedforms.net/collected-forms/v1/config/ 117 B
254 B 24ms
24ms XHR
application/json 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hscollectedforms.net/collected-forms/v1/config/json?portalId=139577915&utk=8c24be563468a13f54d0fb6d69cbad49

Requested by

Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52849fa881a24ed0355833bb931e752f4e992ceb77b2dfd878874f4e4166ee2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: baa9df24-52a8-48a6-9cef-6386f8db24a0
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: baa9df24-52a8-48a6-9cef-6386f8db24a0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://auth-staging.paystubs.com
x-evy-trace-virtual-host: all
cache-control: max-age=0
x-evy-trace-served-by-pod: fra04/app-td/envoy-proxy-9bbd8cb6-756sw
access-control-max-age: 180
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 8313bc9fafbe928d-FRA

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 11ms
11ms Script
application/javascript 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-akamai-request-id: 4b0130c6
date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073136FEDC675495BC05EA7848
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015ebf0c445aaa86c0c7b65a26901913e4f395246009a496d8520067e16b761ce006af2c5194a4cd9778afc28c7db97291836d76ba3faa1b75b868088a4c7b4d5ea13d3b6203d0ed8e39f12535c248fed7606bb82c8b8796e51fd89fcaf9e5a832
server-timing: cdn-cache; desc=HIT, edge; dur=1, inner; dur=2
content-length: 36079

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 151ms
151ms Ping
text/plain 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 389dbd6d.4b0130d7
date: Wed, 06 Dec 2023 10:10:02 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-231206101002F7575611D634CE0FFEDC-0AD50CFA154E4079-00
x-cache: TCP_MISS from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 126,23.38.99.92
server-timing: cdn-cache; desc=MISS, edge; dur=93, origin; dur=39, inner; dur=37
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231206101002F7575611D634CE0FFEDC
x-cache-remote: TCP_MISS from a23-220-104-205.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.220.104.205
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c88b45a0bce1c12334db7c5c154c7e3c51e615d54ba796a86f21a9c4aeacf158a799e5ee2bbb3617fc086dac99d5bff8f1cb77e5446ff8a36fce87e6cfacd12cb78d512f50c28931ba15510c78b6bb2cb93e9f320e7b99d28e065a3e600e1f59cb
access-control-allow-headers: Authorization,*
expires: Wed, 06 Dec 2023 10:10:02 GMT

POST
H2 200 page Show response
rs.fullstory.com/rec/ 5 KB
1 KB 138ms
136ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/page
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: b7edd734b54862cb1781b70b924cb8515aa402c6af294aa6d1eb949baacfa5f3

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: gzip
via: 1.1 google
content-type: application/json; charset=utf-8
access-control-allow-origin: https://auth-staging.paystubs.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1455

GET
H/1.1 200
OK counters.gif
forms-eu1.hsforms.com/embed/v3/ 35 B
1016 B 124ms
66ms Image
image/gif 172.65.232.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms-eu1.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date: Wed, 06 Dec 2023 10:10:02 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
CF-Cache-Status: DYNAMIC
x-evy-trace-route-service-name: envoyset-translator
X-HubSpot-Correlation-Id: 36610c15-46b0-461e-9439-98ae76b2afaf
x-envoy-upstream-service-time: 2
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
Content-Length: 35
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 36610c15-46b0-461e-9439-98ae76b2afaf
Server: cloudflare
X-Trace: 2B60417E30C8590F9FA7F27C6CDD2BA89C32C657A6000000000000000000
Vary: origin
Content-Type: image/gif
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: fra04/star-hubspot-td/envoy-proxy-7b5f5fb655-hfvq9
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: false
X-Robots-Tag: none
CF-RAY: 8313bca028ad8fdd-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11223038493

Requested by

Host: js-eu1.hsadspixel.net
URL: https://js-eu1.hsadspixel.net/fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7c22454e5d47862c5fc269e434cc8509deb3f31e6e69a5f677e8fc3265ca5b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81805
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 10:10:02 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
80 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11223038493&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TGJ7XBD

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55e03b6c6624e0649f7ff83ca2562a65d1e5d7ecf7cd6098e762dca92141fd1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81947
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 06 Dec 2023 10:10:02 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/ 4 KB
2 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11223038493/?random=1701857402889&cv=11&fst=1701857402889&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2s&ref=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&hn=www.googleadservices.com&frm=0&tiba=Sign%20In%20with%20Auth0&did=dZTQ1Zm&gdid=dZTQ1Zm&auid=1871898161.1701857401&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11223038493

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

599cdf93ef0d029be161570fe867b35fec0aedef8cd30c0f00cc04341b3a24ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1630
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/ Frame 9DC5 3 KB
2 KB 109ms
109ms Fetch
application/json 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/config?domain=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

674450643890edb90f79441c359d3c2e1840d7691de0135afe09a24118a7d856

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/widget/config_iframe.html?host=https://wchat.freshchat.com&token=bd0364fa-d424-407a-b9d3-de0b797de041&origin=https://auth-staging.paystubs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: 2dc4456c-6f6f-4d65-9039-69103b808a44
x-trace-id: 00-1398864dbccc4695c6f9005d81f246ae-1b4756c1acef0cdc-00
server: fwe
vary: accept-encoding
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 2601
x-ratelimit-remaining: 2998
x-ratelimit-limit: 3000

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 15ms
15ms Script
application/javascript 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/211021221
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:02 GMT
content-encoding: br
last-modified: Mon, 04 Dec 2023 12:08:18 GMT
etag: W/"0x8DBF4C1B3818466"
vary: Accept-Encoding
x-azure-ref: 20231206T101002Z-nfqnkn5bqx6avdpswcn6r7nmk400000001w000000000bw4u
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: a83e7593-d01e-0008-28ad-2634d4000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H3 200 /
www.google.com/pagead/1p-user-list/11223038493/ 42 B
64 B 20ms
20ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11223038493/?random=1701857402889&cv=11&fst=1701856800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2s&ref=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&frm=0&tiba=Sign%20In%20with%20Auth0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN9UONJ1BsyCooAM6humA_8kjBMsb_Z1tzle9UGYdjhff2DO_E&random=753033248&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/11223038493/ 42 B
64 B 21ms
20ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11223038493/?random=1701857402889&cv=11&fst=1701856800000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2s&ref=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&frm=0&tiba=Sign%20In%20with%20Auth0&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaN9UONJ1BsyCooAM6humA_8kjBMsb_Z1tzle9UGYdjhff2DO_E&random=753033248&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 06 Dec 2023 10:10:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
wchat.freshchat.com/widget/ Frame 98EF 5 KB
3 KB 95ms
95ms Document
text/html 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

5d75013e212e3aff8232bfd81eaa3721784d1bae390124a6b4788f2d689eb94b

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-type: text/html
date: Wed, 06 Dec 2023 10:10:03 GMT
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: d2734a3d-0d7b-41d0-8c83-2a09e52eaf59
x-server: 4z8vk
x-trace-id: 00-32b276035c6ab19eb8cb9f60b5c89fa7-b56ac8d6dfc1bf5c-00
x-xss-protection: 1; mode=block

GET
H2 200 widget.css
wchat.freshchat.com/widget/css/ 9 KB
2 KB 96ms
96ms Stylesheet
text/css 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/widget.css?t=1701857403020

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

1746b268addac39a01bc462c8e85434841637a136be1c0234b2eae14988e3d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: e9dfe126-4484-4ef2-b608-11ff17b4d0a9
x-trace-id: 00-94e739e4bbc891fbcd6f3e445bb28439-2d6693c2fe1eec7a-00
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 4z8vk
expires: Thu, 05 Dec 2024 10:10:03 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
701 B 140ms
140ms Ping
text/plain 23.38.98.28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.98.28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-38-98-28.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 4b013144
date: Wed, 06 Dec 2023 10:10:03 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2312061010039380DE256A3541EB2BCB-1ECA914B20454533-00
x-cache: TCP_MISS from a23-38-99-92.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing: inner; dur=24, cdn-cache; desc=MISS, edge; dur=8, origin; dur=120
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202312061010039380DE256A3541EB2BCB
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 120,23.38.99.92
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c8c3ca2e002d16816d4a641785da0f8872a1d05d5ebc279bd47d5674782b0cd76f2a0c18967d77562c66521e418957541569da446e56c9569d9f184cea398e83c73255c9365a7b141cc5234756535c84d0
access-control-allow-headers: Authorization,*
expires: Wed, 06 Dec 2023 10:10:03 GMT

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
305 B 190ms
190ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://auth-staging.paystubs.com
Date: Wed, 06 Dec 2023 10:10:03 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

GET
H2 200 collect Show response
gtm.paystubs.com/g/ 65 B
150 B 246ms
246ms XHR
text/plain 35.193.123.107
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://gtm.paystubs.com/g/collect?v=2&tid=G-MDB3MHPDXM&gtm=45je3bt0v9117494111z89116618575&_p=1701857402480&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1198723921.1701857401&ul=en-us&sr=1600x1200&ur=DE-BW&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=DE&sst.gse=1&sst.etld=google.de&sst.gcsub=region1&sst.gcd=11l1l1l1l1&sst.tft=1701857402480&_s=1&sid=1701857401&sct=1&seg=1&dl=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%253D%253D%26code_challenge%3DJJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&dr=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&dt=Sign%20In%20with%20Auth0&en=page_view&ep.timestamp=2023-12-06%2011%3A10%3A02&tfd=1954&richsstsse

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.193.123.107 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

107.123.193.35.bc.googleusercontent.com

Software

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
x-content-type-options: nosniff
content-type: text/plain
access-control-allow-origin: https://auth-staging.paystubs.com
cache-control: no-cache
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-accel-buffering: no

GET
H2 200 vendor.d64d219ca4493f67a3970efc52d51c86.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 23 KB
4 KB 9ms
8ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.d64d219ca4493f67a3970efc52d51c86.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:06:35 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 07:47:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 211
x-amz-server-side-encryption: AES256
etag: W/"d64d219ca4493f67a3970efc52d51c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: NsU50-2BPVPTLGc5VkM3VbF6bMRHm3uf3cvtbmCSwX35xlTVK9ew0Q==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 0
419 B 9ms
9ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:53 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 71
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 0
last-modified: Thu, 16 Nov 2023 07:47:36 GMT
server: AmazonS3
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: Xcxhm91MId44kUfXfULmCn1xyfBtmw3R9oYwD8QjGenfMfCoRbKqZg==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 vendor.862630a2b93632e0d7bbae6d63246102.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 684 KB
181 KB 10ms
9ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a7fecbfe24b0884ff617e8bb7bd0871397a39e6de70a6d2ff276743988f532bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:34 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 04:32:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 100
x-amz-server-side-encryption: AES256
etag: W/"862630a2b93632e0d7bbae6d63246102"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 2C2kFzZDD2Xr_sINnzEIWEHlSnFpIAnp1QLlou3aXn0wK4NmSMv3kg==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 211.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 772 KB
199 KB 8ms
8ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/211.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6433a43310293748cf1fddd99a260723f22d8202abe6c37e736716eb1f0a7c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:06:19 GMT
content-encoding: gzip
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 06:28:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 244
x-amz-server-side-encryption: AES256
etag: W/"47c822f8cee790a907c6e7dd37148e0b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: tZ2qIO9lwE_M8cURBqeuGjqzr8WJ4MgYcLWv5hdRB7bkB7VgnITSew==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 chunk.3fbff7b122c7b213cc66.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 242 KB
30 KB 8ms
8ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.3fbff7b122c7b213cc66.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81e1190b4b0400c87e2ee7e235c30c7ee39496d454efd09ab343198cba0b050b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:45 GMT
content-encoding: gzip
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 06:28:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 246
x-amz-server-side-encryption: AES256
etag: W/"05b1e01be3b51279f3932e908f6579db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: wOt2QCCVauWIZL266AyC5R7MMLIfqVgZS6XsTnKtb-q9t1Y8TOKeJw==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 fd-messaging.cbe37f3b3fd8dc523e51.css
assetscdn-wchat.freshchat.com/static/ Frame 98EF 242 KB
27 KB 9ms
9ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.cbe37f3b3fd8dc523e51.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81e1190b4b0400c87e2ee7e235c30c7ee39496d454efd09ab343198cba0b050b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:06:35 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 04:32:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 210
x-amz-server-side-encryption: AES256
etag: W/"05b1e01be3b51279f3932e908f6579db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: UbZHIAYtTe2mvAgLXKCV5lcFcgl7kjgKWufrRoWcBMCYM7pPC9Gd_A==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 fd-messaging.74e39c50d73aede4e975.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 736 KB
132 KB 8ms
8ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bd6183cdbfa6ccf8e90f38d8c971232f0e0186e78ffbd6908c5dd5e27bae08dd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:54 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 27 Nov 2023 06:49:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 70
x-amz-server-side-encryption: AES256
etag: W/"cfbdd7cc27f6369f9f18ba232aa13732"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: YeS135EBBfdFaZlbB-uvk-1336khPBLQvsWXV_AfHXwQyjFDpniunA==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame 98EF 82 KB
25 KB 41ms
15ms Script
text/javascript 18.239.50.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.50.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-50-89.ams58.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 637ae8e55dd9c6199b38e4b0a04f7960a4564fab961c5046702eb27b019f514c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-amz-version-id: _X3Qz9F7lBkY6fY5ZFJvKfTDFca1Mb.F
content-encoding: gzip
via: 1.1 a752e456797165fcc0a1e5de08b5353c.cloudfront.net (CloudFront)
date: Wed, 06 Dec 2023 10:10:03 GMT
last-modified: Thu, 04 May 2023 08:20:06 GMT
server: AmazonS3
x-amz-cf-pop: AMS58-P3
age: 2
x-amz-server-side-encryption: AES256
etag: W/"b93463e6b790a2959a44cc7ba847f9ab"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache
x-amz-cf-id: i6902K1Kp6gGTOY47jUsABAm1oqcGgBL_kdKXpH-OP8YphDHiYiCVQ==

GET
H2 200 chunk.53225951580d96ba885c.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 5 KB
2 KB 7ms
7ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.53225951580d96ba885c.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9037e86768130186d676f65444b051b348944719247563d521046bca6af241b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:55 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 04:32:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 69
x-amz-server-side-encryption: AES256
etag: W/"16f166059cdfefcc4cccee6866835222"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: 4d8R-m-Y69D6sFo3cqaHQ7K3W3rUwLZvK82qrsB1jEu5StfxfFUD7w==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 chunk.7be603f8fb2482fb972b.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 11 KB
4 KB 9ms
9ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.7be603f8fb2482fb972b.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 52a64558e7d0d7e73cd2fea7064fc02b849852b98e3c344f25fc6a5f1d449b8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Thu, 16 Nov 2023 07:47:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 3
x-amz-server-side-encryption: AES256
etag: W/"516f14e4be6e5d509f7f85c85054d45f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: YbOD0yTJty1-6i9p2A1_NOtdAVzqXrDfLZY61Ob1gTUt4w0bnk6BzQ==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 co-browsing.js Show response
wchat.freshchat.com/widget/js/ 26 KB
8 KB 97ms
97ms Script
application/javascript 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

1e10e9493470eb296ba1ba705a39455e226be2906bd24a41e1f2b8287ff8f62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: 0ba2ef3f-8917-494f-893f-b0890be38429
x-trace-id: 00-29cba8b9ddf0585f411e9284079b3b0e-2a5219dd9aa233a5-00
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 5kljg
expires: Thu, 05 Dec 2024 10:10:03 GMT

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 4 KB
5 KB 7ms
7ms Media
audio/mpeg 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 06 Dec 2023 10:06:52 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Thu, 16 Nov 2023 07:47:36 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
vary: Accept-Encoding
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: CoQ8m-WbXtO8woTIYVWrTA93k9xz_VAmsuWxGRBWTdOiwZN3QO-wmw==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 user Show response
wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/ Frame 98EF 63 B
1000 B 99ms
99ms XHR
application/json 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/user

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 3
content-length: 63
x-xss-protection: 1; mode=block
x-request-id: c4028c8f-de97-4760-a2bc-9936304d84b0
x-trace-id: 00-dafa86dd31be9923c1dc46caa6081e3d-6ceb42ad43470e55-00
server: fwe
x-ratelimit-remaining: 2997
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 4082
x-ratelimit-limit: 3000

GET
H2 200 cb.css
wchat.freshchat.com/widget/css/ 1 KB
1 KB 96ms
95ms Stylesheet
text/css 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/css/cb.css?t=1701857403414

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/js/co-browsing.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-envoy-upstream-service-time: 1
x-xss-protection: 1; mode=block
x-request-id: 81c2e87a-c6ca-41f7-a8b8-b92144638084
x-trace-id: 00-254e88f21bc1462e9032273e8ba1ab5d-6d85f06d57aeaaa0-00
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
server: fwe
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: text/css
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 5kljg
expires: Thu, 05 Dec 2024 10:10:03 GMT

GET
H2 200 widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/ Frame 98EF 7 KB
3 KB 98ms
97ms XHR
application/json 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

e5ed62b844e7d530d3371fbf3b724ba259b801436f1f2826afa27ae144ac1dc3

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 0
x-status: HIT
x-xss-protection: 1; mode=block
x-request-id: 13311cda-3793-4e80-b9d0-0343a1f99503
x-trace-id: 00-3ac42be69bd6838b0516b1d7615d723c-0a1058468bed4313-00
server: fwe
vary: accept-encoding
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 3063
x-ratelimit-remaining: 2996
x-ratelimit-limit: 3000

GET
H2 200 frame.html Show response
dntcl.qualaroo.com/ Frame 2E9E 323 B
696 B 13ms
13ms Document
text/html 2400:52e0:1e00::1082:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://dntcl.qualaroo.com/frame.html
Requested by: Host: cl.qualaroo.com
URL: https://cl.qualaroo.com/ki.js/83441/jkd.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::1082:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-1082 /
Resource Hash: 2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=604800
cdn-cache: HIT
cdn-cachedat: 10/11/2023 07:02:52
cdn-edgestorageid: 1080
cdn-fileserver: 639
cdn-proxyver: 1.04
cdn-pullzone: 99568
cdn-requestcountrycode: DE
cdn-requestid: e852176de642bb14b54121bd58564d70
cdn-requestpullcode: 206
cdn-requestpullsuccess: True
cdn-status: 200
cdn-storageserver: DE-167
cdn-uid: 50c043fb-dcd1-4574-9faf-b60384f66f78
content-encoding: gzip
content-type: text/html
date: Wed, 06 Dec 2023 10:10:03 GMT
last-modified: Sun, 09 Jul 2023 20:56:17 GMT
server: BunnyCDN-DE1-1082
vary: Accept-Encoding

POST
H3 200 challenge Show response
auth-staging.paystubs.com/usernamepassword/ 18 B
414 B 360ms
360ms XHR
application/json 2606:4700::6813:a818
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth-staging.paystubs.com/usernamepassword/challenge

Requested by

Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6813:a818 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Auth0-Client: eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOC4xIn0=
Referer: https://auth-staging.paystubs.com/login?state=hKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg&client=BfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV&protocol=oauth2&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2Fcallback&audience=https%3A%2F%2Fpcom-backend-staging-poc.paystubs.com%2Fapi&we=&response_type=code&response_mode=query&nonce=UFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%3D%3D&code_challenge=JJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8&code_challenge_method=S256&auth0Client=eyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%3D%3D
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-auth0-requestid: a911c3400e8abb2e0a24
alt-svc: h3=":443"; ma=86400
content-length: 18
server: cloudflare
etag: W/"12-9fs4x/hyJ5DkqQF2LYZkOdHRWWM"
x-ratelimit-remaining: 99
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-transform
x-ratelimit-reset: 1701857404
x-ratelimit-limit: 100
cf-ray: 8313bca40f9318b5-FRA

GET
H2 200 widget.js Show response
paystubs-help.freshchat.com/js/ 66 KB
21 KB 337ms
106ms Script
application/javascript 76.223.64.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://paystubs-help.freshchat.com/js/widget.js

Requested by

Host: pcom-react-bhautik-billing-plan.react-dev.paystubs.com
URL: https://pcom-react-bhautik-billing-plan.react-dev.paystubs.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.64.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a44946a9dd66b7704.awsglobalaccelerator.com

Software

fwe /

Resource Hash

1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

x-trace-id: 00-6eed285462efabd27dbdb982fb164dd1-ff4addb4228f449f-00
date: Wed, 06 Dec 2023 10:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 28 Nov 2023 06:29:01 GMT
server: fwe
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/javascript
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 4z8vk
x-envoy-upstream-service-time: 2
x-xss-protection: 1; mode=block
x-request-id: a96c13b8-2b5c-4538-9d47-9e9012d1e1ce

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
479 B 41ms
41ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=881765916&v=1.1&a=139577915&r=https%3A%2F%2Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%2F&pu=https%3A%2F%2Fauth-staging.paystubs.com%2Flogin%3Fstate%3DhKFo2SBsZVpxQXlVVlEwcUFiWWh6OTRJdkZQN1F5MGptN19rOKFupWxvZ2luo3RpZNkgR3JSM0FaM2wtcmNzTTZhZUw0RnRSUl9PbGlGMFYxSWqjY2lk2SBCZkRRd0g3RHhweG56dnNaQ1JadTBBYURWdThUTnVhVg%26client%3DBfDQwH7DxpxnzvsZCRZu0AaDVu8TNuaV%26protocol%3Doauth2%26scope%3Dopenid%2520profile%2520email%26redirect_uri%3Dhttps%253A%252F%252Fpcom-react-bhautik-billing-plan.react-dev.paystubs.com%252Fcallback%26audience%3Dhttps%253A%252F%252Fpcom-backend-staging-poc.paystubs.com%252Fapi%26we%3D%26response_type%3Dcode%26response_mode%3Dquery%26nonce%3DUFNMd2sxRV91amxTaWpNckNSeWkwYWJLQWhrckJud3RCVlJzflRiVHV5Vg%253D%253D%26code_challenge%3DJJViJf2Ulq2LKl1_lJ6mMFflXD5ojrGdYuAaEkeAov8%26code_challenge_method%3DS256%26auth0Client%3DeyJuYW1lIjoiYXV0aDAtcmVhY3QiLCJ2ZXJzaW9uIjoiMi4yLjMifQ%253D%253D&t=Sign+In+with+Auth0&cts=1701857403519&vi=8c24be563468a13f54d0fb6d69cbad49&nc=false&u=125208469.8c24be563468a13f54d0fb6d69cbad49.1701857401340.1701857401340.1701857401340.1&b=125208469.2.1701857401340&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 6bd9166c-250b-4eac-b5f7-40f19ed3d338
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 6
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 6bd9166c-250b-4eac-b5f7-40f19ed3d338
last-modified: Wed, 06 Dec 2023 10:10:03 GMT
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWN658u%2FKEXuoxBOxVnM5v0XwJrXBltl1eyDH3mEu2NhsKiPsdJUlijeHAG78qgtxB108m8Rz1sFvBp7enO5C%2F8ugTmhiMikAncZ8qTd6XiMVdSIIc2Yu%2BN0gifaRy1wJ4quuQ2C2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: fra04/analytics-tracking-td/envoy-proxy-85847fc4bc-fcpg5
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
cf-ray: 8313bca40c5c1da8-FRA
x-robots-tag: none

GET
H2 200 chunk.2698cbc54893ba236dd8.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 89 KB
17 KB 9ms
8ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.2698cbc54893ba236dd8.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 094dccbde50750bdc829f1b8ec56f8ced7a2a779c1ccceb8617e081a004d76e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:27 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 27 Nov 2023 06:49:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 99
x-amz-server-side-encryption: AES256
etag: W/"e048ab7fc94211ea2584c25aadd40ded"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: HwGnNSY1Eys1wSOZxYJ-5IJ2D7X0Irdk-ZKUz5ZwB8HbFq61Jcm9UA==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 chunk.a8bd42a8a78cde988e6c.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 279 KB
48 KB 9ms
9ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.a8bd42a8a78cde988e6c.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c43cff818d5b51126b010ad24300beea18a8758b10b0cda32437bee23da59ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:19 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 06:28:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 65
x-amz-server-side-encryption: AES256
etag: W/"3b4a9be62b2aa15f314060b68c136623"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: f7-RJzLun57E0iaXoqCbjFPqkI3dVAUvhMBWsZMlY1DsVUJc5_bO6w==
expires: Wed, 27 Nov 2024 06:28:51 GMT

PUT
H2 200 activity Show response
wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/user/5616bc31-0558-447f-99b1-cbbfeefb63b6/ Frame 98EF 17 B
954 B 100ms
100ms XHR
application/json 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/user/5616bc31-0558-447f-99b1-cbbfeefb63b6/activity?widgetInfoTraceId=2e50ba6d-feff-4b1c-ad69-c6c9b4a8c31f

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/211.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 4
content-length: 17
x-xss-protection: 1; mode=block
x-request-id: 2dc8e6d0-e9cb-4aa8-a934-939068a7a4bf
x-trace-id: 00-15388d0f55014078fba8251864f24b44-6810a05390411a34-00
server: fwe
x-ratelimit-remaining: 2995
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
access-control-allow-credentials: true
x-server: 5323
x-ratelimit-limit: 3000

GET
H2 200 index.html Show response
738093812852724.webpush.freshchat.com/ Frame 8F50 30 KB
7 KB 470ms
425ms Document
text/html 108.156.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://738093812852724.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-102.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Wed, 06 Dec 2023 10:10:04 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 80779e7124f8d44ce2216c35ac5328a8.cloudfront.net (CloudFront)
x-amz-cf-id: _kQA2iElA5ITtVrzI5PFdft1B24oCn-ceh2gzVFXPDUl5AHq8ef1_A==
x-amz-cf-pop: AMS1-P2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 categories Show response
wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/omni/faq/ Frame 98EF 81 B
1 KB 128ms
128ms XHR
application/json 34.196.69.230
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/bd0364fa-d424-407a-b9d3-de0b797de041/omni/faq/categories?per_page=100&platform=web&locale=en-us&page=1

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.862630a2b93632e0d7bbae6d63246102.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.196.69.230 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-196-69-230.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8779ea02c05847c1209231f40c56422c447c523ba2b512a5f904cdd426f295ed

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=bd0364fa-d424-407a-b9d3-de0b797de041&referrer=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t&eagerLoad=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:10:03 GMT
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
strict-transport-security: max-age=31536000; includeSubDomains
nel: { "report_to": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true}
x-ratelimit-total: 3000
x-b3-traceid: 29e47c390f85784ec1ad30948bace257
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 32
content-length: 81
x-xss-protection: 1; mode=block
x-request-id: 277f310b-c095-4d68-9ffb-73139cfc4476
x-trace-id: 00-24a51299706c68b36c5f076ee2425865-257936c80a9e6d6d-00, 00-24a51299706c68b36c5f076ee2425865-ac6883549a724954-00
x-fd-request-id: 4886fc5b-be1c-47fa-a34e-fdc2cfdc6cad
server: fwe
x-ratelimit-remaining: 2994
report-to: { "group": "nel-endpoint-freshchat", "max_age": 2592000, "include_subdomains": true, "endpoints": [{"url": "https://edge-admin.us-east-1.freshedge.net/nelreports/freshchat"}]}
content-type: application/json;charset=UTF-8
x-fw-ratelimiting-managed: true
cache-control: no-store
x-b3-spanid: 5c6905e680afa0ab
access-control-allow-credentials: true
x-server: 2601
x-ratelimit-limit: 3000

GET
H2 200 9849.css
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 16 KB
3 KB 8ms
8ms Stylesheet
text/css 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/9849.css
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:19 GMT
content-encoding: br
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Mon, 20 Nov 2023 04:32:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 62
x-amz-server-side-encryption: AES256
etag: W/"20f054b8b45ccd177447feada77d0895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: m2FBfKQO5bXl7haIdyo5fi2pNSuOLGYcjh6aqgpFP11464GNYm2SRQ==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 chunk.fd314e4ac1e6a45b6b94.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 137 B
585 B 9ms
9ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.fd314e4ac1e6a45b6b94.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44c7b3c33a1d28e0360f7b972e222118b5c746c1c774c67f3fd6ab9e53e9974f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:19 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 62
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 137
last-modified: Tue, 28 Nov 2023 06:28:54 GMT
server: AmazonS3
etag: "a89e4a96c2e88cb6a5a23d73c000bcae"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: 9um1TqRtfjz3TDK2zoJJ9JjMc-hENcTuDq0ADVpWp09bErNCqp1rGQ==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
H2 200 chunk.cf2220b6d090e27b9496.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 48 KB
14 KB 8ms
8ms Script
application/javascript 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.cf2220b6d090e27b9496.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.74e39c50d73aede4e975.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5936b3730015c46ef27548aff7b2162d0878761a5fda6f9d026fbeaef34c0ed3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:09:19 GMT
content-encoding: gzip
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
last-modified: Tue, 28 Nov 2023 06:28:54 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 62
x-amz-server-side-encryption: AES256
etag: W/"c6a94cb46d8753f365405e99cf7185f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000, no-transform, public
x-amz-cf-id: FuI6bAk7CKT90jAvHelHFE_xY61Xfj3b0YW51VWvq8D8yh4Wg3mijg==
expires: Wed, 27 Nov 2024 06:28:51 GMT

GET
BLOB 200
OK e36d2186-6e78-42f5-8488-2340e4c26c4a
https://wchat.freshchat.com/ Frame 98EF 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/e36d2186-6e78-42f5-8488-2340e4c26c4a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Length: 152
Content-Type

GET
H2 200 freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
assetscdn-wchat.freshchat.com/static/assets/ Frame 98EF 663 B
1 KB 8ms
7ms Image
image/svg+xml 143.204.215.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-55.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 10:08:01 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
age: 183
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 663
last-modified: Thu, 16 Nov 2023 07:47:36 GMT
server: AmazonS3
etag: "cd452acf4efb05843ef7575e5a9de756"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
accept-ranges: bytes
x-amz-cf-id: vV7nYC0mCszc-Fqu3t3as60DOYGA_B9lWriinpWuRezKZAvkxeFH-A==
expires: Wed, 27 Nov 2024 06:28:51 GMT

POST
H3 200 v2 Show response
rs.fullstory.com/rec/bundle/ 29 B
43 B 240ms
221ms XHR
application/json 35.186.194.58
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=MCM6B&UserId=18f74fa2-9474-458f-829a-04df3d81a023&SessionId=5e93deb4-4a44-4a9d-bf51-6bebf5ead69e&PageId=b5a78650-8704-4e7a-8608-33f0c43335fb&Seq=1&PageStart=1701857402971&PrevBundleTime=0&LastActivity=858
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 58.194.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 1f918cf1c2cb52eba568f43b1143f0f2490405c85ea71d85753df60f7c38aee6

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://auth-staging.paystubs.com
date: Wed, 06 Dec 2023 10:10:04 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
content-type: application/json; charset=utf-8

GET
H2 200 fc_logo.png
738093812852724.webpush.freshchat.com/ Frame 8F50 4 KB
4 KB 13ms
13ms Image
image/png 108.156.60.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://738093812852724.webpush.freshchat.com/fc_logo.png
Requested by: Host: 738093812852724.webpush.freshchat.com
URL: https://738093812852724.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.156.60.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-156-60-102.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://738093812852724.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9hdXRoLXN0YWdpbmcucGF5c3R1YnMuY29t
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 08:04:38 GMT
via: 1.1 80779e7124f8d44ce2216c35ac5328a8.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P2
age: 7538
etag: "e87df9f10dcf497ae292dc234200465c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: LytiEqnnCAhkaEU8vLwl49GsshOl7gWoBJWSTR2Z3wKlqPOgE0-70Q==

POST
H/1.1 204
No Content collect Show response
o.clarity.ms/ 0
305 B 99ms
99ms XHR
text/plain 52.152.143.207
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://o.clarity.ms/collect
Requested by: Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://auth-staging.paystubs.com
Date: Wed, 06 Dec 2023 10:10:04 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.tpmn.io
URL: https://ad.tpmn.io/pixelct.tpmn?tpmn_nid=26a681017b4fdc02f3aef3aa921ede3e&tpmn_buid=9c73551b-ac6c-4367-a586-2f78d9726379

Domain: tg.socdm.com
URL: https://tg.socdm.com/aux/idsync?proto=niva&dsp_uid=9c73551b-ac6c-4367-a586-2f78d9726379

Domain: i.liadm.com
URL: https://i.liadm.com/s/28292?bidder_id=71340&bidder_uuid=9c73551b-ac6c-4367-a586-2f78d9726379&_li_chk=true&previous_uuid=2e0361f59b5a482e82ffa78233530f6a

Domain: o.clarity.ms
URL: https://o.clarity.ms/collect

Domain: rts-static-prod.freshworksapi.com
URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js

Domain: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.53225951580d96ba885c.js

Domain: rs.fullstory.com
URL: https://rs.fullstory.com/rec/bundle/v2?OrgId=MCM6B&UserId=18f74fa2-9474-458f-829a-04df3d81a023&SessionId=5e93deb4-4a44-4a9d-bf51-6bebf5ead69e&PageId=19898eff-2b22-4f6f-9553-32990a06696e&Seq=1&PageStart=1701857401345&PrevBundleTime=0&IsNewSession=true&SkipResponseBody=true

Domain: www.woopra.com
URL: https://www.woopra.com/track/push/

Domain: bat.bing.com
URL: https://bat.bing.com/actionp/0?ti=211021221&tm=gtm002&Ver=2&mid=41aa1d1b-1d39-4d20-affa-37bf031bdeb8&sid=9e110440941f11ee90ef83801d41ea1d&vid=9e10f090941f11eeba5875457ec2dad2&vids=1&msclkid=N&evt=pageHide

Domain: o.clarity.ms
URL: https://o.clarity.ms/collect

Domain: o4505159641530368.ingest.sentry.io
URL: https://o4505159641530368.ingest.sentry.io/api/4505192500625408/envelope/?sentry_key=66b3d6bc5f5b4ac5ad1fdb2e4933582b&sentry_version=7&sentry_client=sentry.javascript.react%2F7.80.1

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

68 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
auth-staging.paystubs.com/usernamepassword/login	1970-01-20 16:58:41	Name: _csrf Value: ktrISH9gcVZVAXMPkw6zRqwN
i.liadm.com/s	1970-01-20 17:27:29	Name: _li_ss Value: CgcKBQgKENUW
pcom-react-bhautik-billing-plan.react-dev.paystubs.com/	1970-01-21 02:20:17	Name: ki_r Value:
.paystubs.com/	1970-01-20 18:53:53	Name: _gcl_au Value: 1.1.1871898161.1701857401
.paystubs.com/	1970-01-21 02:20:17	Name: _ga Value: GA1.1.1198723921.1701857401
.pcom-react-bhautik-billing-plan.react-dev.paystubs.com/	1970-01-21 02:20:17	Name: wooTracker Value: UkFlq7ecmFiU
.tiktok.com/	1970-01-21 02:05:53	Name: _ttp Value: 2ZAGJrmXZMMqFsKAzfGHCsnmcmq
pcom-react-bhautik-billing-plan.react-dev.paystubs.com/	1969-12-31 23:59:59	Name: _na Value: 9c73551b-ac6c-4367-a586-2f78d9726379
pcom-react-bhautik-billing-plan.react-dev.paystubs.com/	1970-01-21 02:20:17	Name: ki_t Value: 1701857400845%3B1701857400845%3B1701857401155%3B1%3B2
.bing.com/	1970-01-21 02:05:53	Name: MUID Value: 2EF978ADDC3A6E3326596B72DDB16F19
.paystubs.com/	1970-01-21 02:05:53	Name: _tt_enable_cookie Value: 1
.paystubs.com/	1970-01-21 02:05:53	Name: _ttp Value: 1OaKR0Zlx2gdZ2CtzjKjhw10dbV
.paystubs.com/	1970-01-20 18:53:53	Name: _fbp Value: fb.1.1701857401307.234585057
.paystubs.com/	1970-01-20 21:03:29	Name: __hstc Value: 125208469.8c24be563468a13f54d0fb6d69cbad49.1701857401340.1701857401340.1701857401340.1
.paystubs.com/	1970-01-20 21:03:29	Name: hubspotutk Value: 8c24be563468a13f54d0fb6d69cbad49
.paystubs.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.linkedin.com/	1970-01-21 01:29:53	Name: bcookie Value: "v=2&440a67ee-55e6-4462-8e19-1f5efbfb6d1c"
.linkedin.com/	1970-01-20 21:03:29	Name: li_gc Value: MTswOzE3MDE4NTc0MDE7MjswMjEjKEUJZtBBqOPM8BF/7mcaaRSbkNDAXPqBgKcUHHeusg==
.linkedin.com/	1970-01-20 16:45:43	Name: lidc Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2808:u=1:x=1:i=1701857401:t=1701943801:v=2:sig=AQE5K6g4AWCRxm59efBO5nl86e988Kn6"
.hubspot.com/	1970-01-20 16:44:19	Name: __cf_bm Value: LiCPcI6QXufWdUKpKFKC9yGz1zjpmeRJ1x_r0LgNUYk-1701857401-0-Af9g2VTy5J+4j3m/KyPg73V/eRRMvVrGhu67KTOVsdphADSFgopnDDa8S9dkiHVVxzzE1iO5dhH5lCe6sEr59r0=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 8VVS1WyFfd4EgOdcLEAqNjuYQG2KtiY3lz2CEfxTJEM-1701857401460-0-604800000
www.clarity.ms/	1970-01-21 01:29:53	Name: CLID Value: 29c1c91812be4a2588af28aa7a782669.20231206.20241205
.paystubs.com/	1970-01-21 01:29:53	Name: _clck Value: 1g3qw49%7C2%7Cfhb%7C0%7C1435
.c.bing.com/	1970-01-20 16:54:22	Name: MR Value: 0
.doubleclick.net/	1970-01-21 02:05:53	Name: IDE Value: AHWqTUnxc3I4aX0e5tZ1QDGYKFTkpYK8q3erDFjf6iFKCR2hcaKeOLTXpJuRC7C6mWQ
.casalemedia.com/	1970-01-21 01:29:53	Name: CMID Value: ZXBIeb.VsB.DHo1pdQhZYQAA
.casalemedia.com/	1970-01-20 18:53:53	Name: CMPS Value: 5129
.casalemedia.com/	1970-01-20 18:53:53	Name: CMPRO Value: 5129
.paystubs.com/	1970-01-21 01:29:53	Name: _fw_crm_v Value: 8d22fcd6-58e3-4f69-e1dd-7a52bcb62d75
.adnxs.com/	1970-01-20 18:53:53	Name: uuid2 Value: 5888799030065900167
.c.bing.com/	1970-01-21 02:05:53	Name: SRM_B Value: 2EF978ADDC3A6E3326596B72DDB16F19
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 02:05:53	Name: MUID Value: 2EF978ADDC3A6E3326596B72DDB16F19
.c.clarity.ms/	1970-01-20 16:54:22	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:44:18	Name: ANONCHK Value: 0
auth-staging.paystubs.com/	1970-01-21 01:30:15	Name: did Value: s%3Av0%3A9e4f2cb0-941f-11ee-b382-c19dd9d23205.7dQZo1Pb9mkYmtNbD1WtJXeCGy8JjBYp8P0BCcRMf70
auth-staging.paystubs.com/	1970-01-20 16:48:36	Name: auth0 Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOe7m5U33BV5ALeepJ7hjXncTRAEDgaHoWt1P3tL6HbsJKMDk2EXJfxkbkSrF1J0QqaZ6cgOWk_p8vJHGmtrTbemY29va2llg6dleHBpcmVz1_-W60EAZXQ8-a5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.1CdFR0ah%2BquTF1%2Bte%2FJYgzw022DmyENV16vXeHu%2FNkY
auth-staging.paystubs.com/	1970-01-21 01:30:15	Name: did_compat Value: s%3Av0%3A9e4f2cb0-941f-11ee-b382-c19dd9d23205.7dQZo1Pb9mkYmtNbD1WtJXeCGy8JjBYp8P0BCcRMf70
auth-staging.paystubs.com/	1970-01-20 16:48:36	Name: auth0_compat Value: s%3Av1.gadzZXNzaW9ugqZoYW5kbGXEQOe7m5U33BV5ALeepJ7hjXncTRAEDgaHoWt1P3tL6HbsJKMDk2EXJfxkbkSrF1J0QqaZ6cgOWk_p8vJHGmtrTbemY29va2llg6dleHBpcmVz1_-W60EAZXQ8-a5vcmlnaW5hbE1heEFnZc4PcxQAqHNhbWVTaXRlpG5vbmU.1CdFR0ah%2BquTF1%2Bte%2FJYgzw022DmyENV16vXeHu%2FNkY
exchange.mediavine.com/	1970-01-20 17:04:27	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%229e621870-941f-11ee-8824-6d49ccf57a64%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:04:27	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%229e621870-941f-11ee-8824-6d49ccf57a64%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:04:27	Name: am_tokens Value: %7B%22mv_uuid%22%3A%229e621870-941f-11ee-8824-6d49ccf57a64%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 17:04:27	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%229e621870-941f-11ee-8824-6d49ccf57a64%22%2C%22version%22%3A%22eu-v1%22%7D
.omnitagjs.com/	1970-01-20 17:27:29	Name: ayl_visitor Value: 63cb5f74818f2657730d1c1b81a3d8c9
.media.net/	1970-01-21 01:29:53	Name: visitor-id Value: 3448590019171800000V10
.postrelease.com/	1970-01-21 01:29:53	Name: opt_out Value: 1
.tremorhub.com/	1970-01-21 01:30:14	Name: tvid Value: f515190d662b4f14baae67fca88f519a
.paystubs.com/	1970-01-21 02:20:17	Name: FPID Value: FPID2.2.0FZJNZHOEMFb%2Foo15ongMJ6159wcYIcrfJin9z9t1zQ%3D.1701857401
.paystubs.com/	1970-01-20 16:45:29	Name: FPLC Value: LG5%2BrPfiK0WYNDvWiIRlMvRCjF7NFPBqY7soLM3epnkRpwgFbaagcG8EGiehFh25l8m3zxjda14M633Sa3bn%2BQ2YwxokED%2BuZO9dAVCGSsMKgNU3PXRIGi3StzW1%2FA%3D%3D
.liadm.com/	1970-01-21 02:20:17	Name: lidid Value: 2e0361f5-9b5a-482e-82ff-a78233530f6a
.auth-staging.paystubs.com/	1970-01-21 02:20:17	Name: wooTracker Value: XQAUCnpCtVWR
auth-staging.paystubs.com/	1969-12-31 23:59:59	Name: _na Value: 2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
.paystubs.com/	1970-01-21 02:20:17	Name: _ga_MDB3MHPDXM Value: GS1.1.1701857401.1.1.1701857402.0.0.0
.paystubs.com/	1970-01-20 16:45:43	Name: _uetsid Value: 9e110440941f11ee90ef83801d41ea1d
.paystubs.com/	1970-01-21 02:05:53	Name: _uetvid Value: 9e10f090941f11eeba5875457ec2dad2
.tremorhub.com/	1970-01-20 17:27:29	Name: tv_UICR Value: 2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
.adnxs.com/	1970-01-20 18:53:53	Name: anj Value: dTM7k!M4.FD>6NRF']wIg2IlfDJOCC!A#F9.TSyt/ABf=Bw?B4#il/i9U?6h.rL8/ZcXFk1tC<?>i8@1.toTPk.o?#Jf)+aA00H.g4dkXstGt!@H%a`*n!
exchange.mediavine.com/	1970-01-20 17:04:27	Name: niva Value: %7B%22id%22%3A%222cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8%22%2C%22version%22%3A%22niva%22%7D
.media.net/	1970-01-20 17:27:29	Name: data-c Value: 2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8~~3
.media.net/	1970-01-20 17:27:29	Name: data-c-ts Value: 1701857402
.paystubs.com/	1970-01-20 16:44:19	Name: fs_lua Value: 1.1701857402971
.paystubs.com/	1970-01-21 01:29:53	Name: fs_uid Value: #MCM6B#18f74fa2-9474-458f-829a-04df3d81a023:5e93deb4-4a44-4a9d-bf51-6bebf5ead69e:1701857401344::2#/1733393400
.tpmn.co.kr/	1970-01-20 17:27:29	Name: criteo Value: 2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
.tpmn.io/	1970-01-20 17:27:29	Name: criteo Value: 2cac4aa0-2f03-4ada-9cba-2b2c4bc4bda8
.paystubs.com/	1970-01-20 16:45:43	Name: _clsk Value: z9q48t%7C1701857403271%7C1%7C1%7Co.clarity.ms%2Fcollect
auth-staging.paystubs.com/	1970-01-21 02:20:17	Name: ki_t Value: 1701857403511%3B1701857403511%3B1701857403511%3B1%3B1
auth-staging.paystubs.com/	1970-01-21 02:20:17	Name: ki_r Value: aHR0cHM6Ly9wY29tLXJlYWN0LWJoYXV0aWstYmlsbGluZy1wbGFuLnJlYWN0LWRldi5wYXlzdHVicy5jb20v
.paystubs.com/	1970-01-20 16:44:19	Name: __hssc Value: 125208469.2.1701857401340

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

738093812852724.webpush.freshchat.com
ad.360yield.com
ad.tpmn.co.kr
ad.tpmn.io
ade.clmbtech.com
analytics.tiktok.com
api-eu1.hubapi.com
api.nivaai.com
api.stripe.com
assetscdn-wchat.freshchat.com
auth-staging.paystubs.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn-static.paystubs.com
cdn.auth0.com
cl.qualaroo.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dntcl.qualaroo.com
eb2.3lift.com
edge.fullstory.com
exchange.mediavine.com
forms-eu1.hscollectedforms.net
forms-eu1.hsforms.com
googleads.g.doubleclick.net
gtm.paystubs.com
i.liadm.com
ib.adnxs.com
jadserve.postrelease.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hsadspixel.net
js-eu1.hscollectedforms.net
js.stripe.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
merchant-ui-api.stripe.com
o.clarity.ms
o4505159641530368.ingest.sentry.io
partner.mediawallahscript.com
paystubs-help.freshchat.com
pcom-react-bhautik-billing-plan.react-dev.paystubs.com
pixel.rubiconproject.com
px.ads.linkedin.com
q.stripe.com
r.casalemedia.com
r.stripe.com
rs.fullstory.com
rtb-csync.smartadserver.com
rts-static-prod.freshworksapi.com
secure.adnxs.com
snap.licdn.com
static.woopra.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tg.socdm.com
track-eu1.hubspot.com
uploads-ssl.webflow.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
wchat.freshchat.com
widget.freshworks.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.nivaai.com
www.woopra.com
x.bidswitch.net
ad.tpmn.io
assetscdn-wchat.freshchat.com
bat.bing.com
i.liadm.com
o.clarity.ms
o4505159641530368.ingest.sentry.io
rs.fullstory.com
rts-static-prod.freshworksapi.com
tg.socdm.com
www.woopra.com
108.156.60.102
124.146.153.170
13.248.245.213
141.226.228.48
143.204.215.55
151.101.128.176
151.101.193.91
162.55.95.216
172.217.18.2
172.64.151.101
172.65.192.122
172.65.202.201
172.65.208.22
172.65.219.229
172.65.232.43
172.65.238.60
172.65.240.166
178.250.1.9
18.239.36.32
18.239.50.89
18.239.69.69
18.66.112.13
185.86.138.150
2.19.104.4
2.19.216.27
23.38.98.28
2400:52e0:1e00::1080:1
2400:52e0:1e00::1082:1
2600:1f18:612b:4280:bda1:9df6:36cc:93
2600:9000:2449:7400:10:474e:104a:2961
2606:4700::6813:a818
2620:1ec:22::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a02:26f0:480:c::210:f190
2a02:26f0:480:f::213:7edd
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3200::90:1
3.125.15.233
3.33.220.150
3.68.140.79
3.69.41.2
3.71.149.231
34.102.166.132
34.117.157.22
34.120.195.249
34.160.124.226
34.196.69.230
34.240.123.193
34.248.234.146
35.186.194.58
35.192.42.214
35.193.123.107
35.201.112.186
37.252.171.149
37.252.171.85
44.219.110.252
52.152.143.207
52.50.201.227
54.186.23.98
54.187.119.242
54.211.0.120
54.246.5.75
54.76.156.92
54.76.53.164
68.219.88.97
69.173.144.165
70.42.32.31
76.223.64.65
76.76.21.22
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
08e57da2e4e7172c19d9982a1ccc90402da5c4453093123e982e1fa7f9eccc8f
094dccbde50750bdc829f1b8ec56f8ced7a2a779c1ccceb8617e081a004d76e7
09f07f0a0c4d0396c7dd81ea1873fb81c83913096ab2461e6a8c52566e1869ce
0a39871377278f3eb590fc0d64a4b46137a8959030f6b3fe9b5c7ef7e7da2015
0ad17c7d661733bbf1cfe9bc6e85033bfed43c87c94cb72ba02f484adf1593c0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10bdda36dcff1675fc2c5a6db3302e6a3b5addb65fc342cb59ad10ebb2a29661
11788b09fd68530090570b96be13fc8f3f76fd14ede52598b40f4421dc7e9c04
12c15d09c171fb3d000989e553e09f267ca5ddfec2827ba4f7620015df8e0225
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
1746b268addac39a01bc462c8e85434841637a136be1c0234b2eae14988e3d3c
1c29229a800cc364c4bdbd63abdd676f570302a3b90c618ffe54f54447bc0d83
1ce88aa2cd221354d7ba1a07337a09e1632241bc1d755c2db614b1de1c383217
1e10e9493470eb296ba1ba705a39455e226be2906bd24a41e1f2b8287ff8f62b
1f20c5af2c4861e43a210d8f6bbf672f7683797a3e80912b4e405ce46a330de7
1f918cf1c2cb52eba568f43b1143f0f2490405c85ea71d85753df60f7c38aee6
20beff9c8aad2f98db1451d2d71b6ae4ef15c00ab8754c80509597a3d2581f45
25dae1888760b37dbff06288494fb41311061429bade1fc162aa8c6ca585e21d
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
2ca3d44191e822500b330ae74a7b981fddc94188da2e683a1e1508fd188d2b1b
2e3281ce824bc83f86243254926e320d7a51fd34e310d76f38ddf5ca4430bcd8
2e8900ba4a5768754de4fc21bcdde72bdcafa25c6c766a7f3bc44bf6c21fc412
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3580b20bc68ce1a365622443141e6b7fc7db8f8742c3f738301de102e4f64b25
37df52e26bc28fe44838f554fb169278981dea426ef0eb3fcb356ee26bccae6f
3ba2f0475e28a35e15fd558465091bf070e41239d7781fc4f0d367fa84a7e94f
3c4fe844b18496bf0be2ed42cc178e8039788647be2793f00a8e7972c69204ad
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44c7b3c33a1d28e0360f7b972e222118b5c746c1c774c67f3fd6ab9e53e9974f
44f91ba008e71c7c2443ded8af0b28115d101d6228f2cf402f0218c91c3e7919
45a954ecdd7c519adf252b5ce83214ff75936c07168c3e696ddad91664c82632
467ccbacec57c9cf78730076b29b925ebc5e809a49ec1f300a00dd108bb5f16c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb1aaf85b26e49c15234bb3db9fec2cdc83c7ca9ffbbf03b489f8bdb624a9dc
4c43cff818d5b51126b010ad24300beea18a8758b10b0cda32437bee23da59ba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52849fa881a24ed0355833bb931e752f4e992ceb77b2dfd878874f4e4166ee2a
52a64558e7d0d7e73cd2fea7064fc02b849852b98e3c344f25fc6a5f1d449b8b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e03b6c6624e0649f7ff83ca2562a65d1e5d7ecf7cd6098e762dca92141fd1b
5936b3730015c46ef27548aff7b2162d0878761a5fda6f9d026fbeaef34c0ed3
599cdf93ef0d029be161570fe867b35fec0aedef8cd30c0f00cc04341b3a24ef
5c489c23f7192a19dc73e1c5ca3e5ec4611803b7a347e0638c797d316573c591
5c64435f07e61b7860c6fdfc7b918f7483557be76fba80d11dc075096d6f814f
5d75013e212e3aff8232bfd81eaa3721784d1bae390124a6b4788f2d689eb94b
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
5e70258376726dd01dc6b24171f0caeffd2e01de8f80faa0ff703c0c50799b0a
637ae8e55dd9c6199b38e4b0a04f7960a4564fab961c5046702eb27b019f514c
6433a43310293748cf1fddd99a260723f22d8202abe6c37e736716eb1f0a7c05
65e824fcf534553c1cbfb6a8404a0e6fa966604c846bf5fc348b27d9ade63bb9
674450643890edb90f79441c359d3c2e1840d7691de0135afe09a24118a7d856
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6db1cd54c258f6e658484ecf694dd9e02f278effa38b13ecc23ac5cf4c0be3c3
720f1310d438fb883b9342113b4edb34973a73e0707bd6c46c4961e82ed08b43
7a9ae3d49c9ea02f3915ad9c400addeefabaa073c58a17cedab13334b6db9a87
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
80b2f78cd58c98116e945004bee55da41f0506adacc10e362b75d95a4bdb24df
81e1190b4b0400c87e2ee7e235c30c7ee39496d454efd09ab343198cba0b050b
8376431f05ed0574aa914db9f36153ed5837a067d6d3450847c49d89b37ad1bf
842cc4b7277aa4070e812687e553c32ebc03920c3a188cc0c7efcafa056e5453
8779ea02c05847c1209231f40c56422c447c523ba2b512a5f904cdd426f295ed
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d360baaff8d57b4e3ddf90898d2ce5e30f995c4d6ca8ac60f0bdf50d7bb974f
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9037e86768130186d676f65444b051b348944719247563d521046bca6af241b4
9213bf77e387d83295bc8f3fbedd1f0d95601ab5f0a1f1b8927af599531c2b23
93ac8e22ef8a241ddd954362cc979528693e4b7732dc5de26154d9bbf60011fb
93b04a3a6e5c5e1fe28c7e7c0a50351b232c214b20fb91365711510283864b7b
96271179d44086ad6cfba78c4788e3ac34dac8c8bfd18d2c2226d12d5abd0063
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a3d08747462129e4b1e6756b57c9f24cc8dd7a6ad095cc416f5dbd52aaa5f7b2
a50b51ac483825c4c798132f572dc813498c9087ff4f4d4b0cafd5deba43d130
a7fecbfe24b0884ff617e8bb7bd0871397a39e6de70a6d2ff276743988f532bd
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
b04ba4d5260643ffb3391278327417e0ee2b05220260770cb6a21b1fd148dbd6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b7edd734b54862cb1781b70b924cb8515aa402c6af294aa6d1eb949baacfa5f3
bae1f759fd4cd9055a14e9384f474c8e53358ea04bffda92bde1e11b0599c61c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce6f4fc4cd70c68aafb0c99f3dd99a4e46c0d978a2e0333d0e6a2e2e30faee8
bd3dde64a6e766a4d1ed233c47cc6f6549b44b631dcb67594ff77c61b2c71bd5
bd6183cdbfa6ccf8e90f38d8c971232f0e0186e78ffbd6908c5dd5e27bae08dd
be89fd0886decfb4e9e5b23f3901fa4c9f58003971266405b8803a19b4019d42
beec0d053c8f74c5fc8aeac7373378e9a1897eea0ed27e8edf56383f71201655
c01cdbf532e04e0405e5a197ca95d698bc179640c8e1945487a5db0a05923caa
c7c22454e5d47862c5fc269e434cc8509deb3f31e6e69a5f677e8fc3265ca5b3
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1c6c4ecc6aac6f284affdf616776945dad82db976b7ecbeb44617a2c18f68da
d5bfe620623e7eae6c89f6bdcaf2c3082a69a028bf4387a65dd3b067945e9a2b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
ddce5d923065edc47c2b3a1d0157f2cfc0d502566b43b1014a51cb18ebd77cb3
df998f2ab79818d229edfab989eb187dd3d94f0f40377fde4f5f97e08b691ecf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e555979fe2948f7bda9f457c4121bcbbc7fbc00e2779932ef143638753ff51ba
e55fce53854248a6e48a2af29f66d6a96fa9f2933b9bc4c99ad77eceaf2f9779
e5ed62b844e7d530d3371fbf3b724ba259b801436f1f2826afa27ae144ac1dc3
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e91eb30938159de40e2b32c1bfd2e93951efdb2c86817fb16d92879456ea86c5
e9916b7ea5a194cb444a45801fe85ba6e328ab0afd9194da82461e16059834c2
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd15c214dd7af23d3a1c8df699cfcac47b583c70aa96d30abb3b0c213d1b0fb
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f2154f49d7d4ed6c74a1ad1dc0e39ef3136fd859059986ed5bcd3050d59867b3
f696470f2e95ff07d29a87cba78d7163193a3eeaf91ad5c58a7181be5a57c36e
fd899442c2e228b75ababfc6183c7829fd72af587f4333908d230bedfa0fd576

auth-staging.paystubs.com Open in urlscan Pro 2606:4700::6813:a818 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

73 %HTTPS

23 %IPv6

58 Domains

78 Subdomains

73 IPs

7 Countries

6128 kBTransfer

16772 kBSize

68 Cookies

0 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

auth-staging.paystubs.com Open in urlscan Pro
2606:4700::6813:a818 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

73 %
HTTPS

23 %
IPv6

58
Domains

78
Subdomains

73
IPs

7
Countries

6128 kB
Transfer

16772 kB
Size

68
Cookies

256 HTTP transactions
0 data transactions