app.paywithextend.com Open in urlscan Pro
2606:4700:10::ac43:c6d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.paywithextend.com/
Effective URL:
https://app.paywithextend.com/
Submission: On December 08 via api (December 8th 2023, 2:58:14 am UTC) from US — Scanned from DE

Summary HTTP 58 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 11 domains to perform 58 HTTP transactions. The main IP is 2606:4700:10::ac43:c6d, located in United States and belongs to CLOUDFLARENET, US. The main domain is app.paywithextend.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 27th 2023. Valid for: a year.

This is the only time app.paywithextend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:10:... 2606:4700:10::6816:4883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:c6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	18.66.248.29 18.66.248.29	16509 (AMAZON-02) (AMAZON-02)
2	34.203.136.155 34.203.136.155	14618 (AMAZON-AES) (AMAZON-AES)
1	108.138.26.69 108.138.26.69	16509 (AMAZON-02) (AMAZON-02)
7	2600:9000:215... 2600:9000:2156:8800:6:f240:b1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.84 108.157.4.84	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:109b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223d:800:1f:d442:bb40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:119b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 5	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
58	22

1 2606:4700:10::6816:4883 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

app.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:c6d (United States)

ASN13335 (CLOUDFLARENET, US)

app.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.66.248.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-29.dus51.r.cloudfront.net

app-assets.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.203.136.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-136-155.compute-1.amazonaws.com

api.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-69.fra56.r.cloudfront.net

prox.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2156:8800:6:f240:b1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdks.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-84.dus51.r.cloudfront.net

brand-assets.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:109b (United States)

ASN13335 (CLOUDFLARENET, US)

js.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223d:800:1f:d442:bb40:93a1 (United States)

ASN16509 (AMAZON-02, US)

sa.paywithextend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:119b (United States)

ASN13335 (CLOUDFLARENET, US)

find.userpilot.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	paywithextend.com 1 redirects app.paywithextend.com app-assets.paywithextend.com api.paywithextend.com prox.paywithextend.com sdks.paywithextend.com brand-assets.paywithextend.com sa.paywithextend.com	11 MB
7	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693	43 KB
6	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 327 www.linkedin.com — Cisco Umbrella Rank: 629 px4.ads.linkedin.com — Cisco Umbrella Rank: 6419	5 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	461 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	googleapis.com firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 525 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 470	2 KB
3	userpilot.io js.userpilot.io — Cisco Umbrella Rank: 19771 find.userpilot.io — Cisco Umbrella Rank: 23751	240 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6765	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	409 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 763	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	168 KB
58	11

	Domain	Requested by
9	app-assets.paywithextend.com	app.paywithextend.com app-assets.paywithextend.com
7	sdks.paywithextend.com	app-assets.paywithextend.com sdks.paywithextend.com
6	www.google.com	app-assets.paywithextend.com www.gstatic.com www.google.com app.paywithextend.com
5	www.google-analytics.com	sdks.paywithextend.com app-assets.paywithextend.com app.paywithextend.com
4	px.ads.linkedin.com	3 redirects app-assets.paywithextend.com
4	www.gstatic.com	www.google.com www.gstatic.com
2	firebaseremoteconfig.googleapis.com	app-assets.paywithextend.com
2	www.google.de	app.paywithextend.com
2	stats.g.doubleclick.net	www.googletagmanager.com app-assets.paywithextend.com
2	sa.paywithextend.com	app-assets.paywithextend.com
2	fonts.gstatic.com	www.google.com
2	snap.licdn.com	sdks.paywithextend.com snap.licdn.com
2	js.userpilot.io	sdks.paywithextend.com js.userpilot.io
2	www.googletagmanager.com	sdks.paywithextend.com www.google-analytics.com
2	firebaseinstallations.googleapis.com	app-assets.paywithextend.com
2	api.paywithextend.com	app-assets.paywithextend.com
2	app.paywithextend.com	1 redirects
1	px4.ads.linkedin.com	app.paywithextend.com
1	www.linkedin.com	1 redirects
1	find.userpilot.io	app-assets.paywithextend.com
1	region1.analytics.google.com	www.googletagmanager.com
1	brand-assets.paywithextend.com	app.paywithextend.com
1	prox.paywithextend.com	app-assets.paywithextend.com
58	23

This site contains links to these domains. Also see Links.

Domain
support.paywithextend.com
www.paywithextend.com

Subject Issuer	Validity	Valid
app.paywithextend.com Cloudflare Inc ECC CA-3	`2023-11-27` - `2024-11-25`	a year	crt.sh
paywithextend.com Amazon RSA 2048 M01	`2023-06-27` - `2024-07-25`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-19` - `2024-02-19`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh

This page contains 2 frames:

Primary Page: https://app.paywithextend.com/
Frame ID: 2FC301B17BA95955B4E538E814E883C5
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=qw8f97z3zt26
Frame ID: F5D9EF3E19C97F159A4DB96FCEDD1E21
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Create virtual cards with the card in your pocket. | Extend

Page URL History Show full URLs

http://app.paywithextend.com/ HTTP 301
https://app.paywithextend.com/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

58
Requests

98 %
HTTPS

78 %
IPv6

11
Domains

23
Subdomains

22
IPs

3
Countries

12708 kB
Transfer

14912 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://support.paywithextend.com/hc/en-us
Title: Visit our help center

Search URL Search Domain Scan URL

URL: https://support.paywithextend.com/hc/en-us/articles/4405626696087-FAQs
Title: FAQ page

Search URL Search Domain Scan URL

URL: https://www.paywithextend.com/support-request
Title: Contact us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.paywithextend.com/ HTTP 301
https://app.paywithextend.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1836018%26time%3D1702004290019%26url%3Dhttps%253A%252F%252Fapp.paywithextend.com%252Fsignin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true&e_ipv6=AQKIiUCE5tBAHwAAAYxHXHQpnkcq2dxiZyRHJK2lZsY9Fl4wIeCcWRRR5kCXFvGDjA4_t2qTQPOHVnL99lJq9vOYx0wh

58 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.paywithextend.com/
Redirect Chain

http://app.paywithextend.com/
https://app.paywithextend.com/

24 KB
6 KB

580ms
559ms

Document
text/html

2606:4700:10::ac43:c6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.paywithextend.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:c6d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

1e5b317f39169e78835265b4535287a1975e50ff792191b7a72b0fbba514a274

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'nonce-0WVnPdQwe_iCGVbZlRV17iv-f0XYgJ4u' paywithextend.com .paywithextend.com cdn.segment.com cdn.plaid.com connect.facebook.net www.google-analytics.com snap.licdn.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com/ http://964-YBI-786.mktoweb.com/ http://munchkin.marketo.net/161/munchkin.js https://js.userpilot.io/ http://js.userpilot.io/ https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js .codat.io
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 8321beae597f1cbb-FRA
content-encoding: gzip
content-security-policy: script-src 'self' 'nonce-0WVnPdQwe_iCGVbZlRV17iv-f0XYgJ4u' paywithextend.com *.paywithextend.com cdn.segment.com cdn.plaid.com connect.facebook.net www.google-analytics.com snap.licdn.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com/ http://964-YBI-786.mktoweb.com/ http://munchkin.marketo.net/161/munchkin.js https://js.userpilot.io/ http://js.userpilot.io/ https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js *.codat.io
content-type: text/html; charset=utf-8
date: Fri, 08 Dec 2023 02:58:08 GMT
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display capture=(), document-domain=(), encrypted-media=(), execution-while-not rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-powered-by: Express
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 8321beacdf613651-FRA
Connection: keep-alive
Content-Type: text/html
Date: Fri, 08 Dec 2023 02:58:07 GMT
Location: https://app.paywithextend.com:443/
Server: cloudflare
Transfer-Encoding: chunked

GET
H2 200 client.b55905057a5baa4ce5d9.css
app-assets.paywithextend.com/ 157 KB
26 KB 154ms
74ms Stylesheet
text/css 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15440dc9b45240d256ceac25efd245ce5de70cf8ecc921e36d456e2bb97013d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 08:48:50 GMT
x-amz-version-id: xodMX78FbwAYXteC7qdUtwWXEFMZeTrS
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 16:51:10 GMT
server: AmazonS3
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/"6c3cc2074219137b7a6934c945e225ed"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
age: 65359
x-amz-cf-id: ottj7kAGuXCFLHspxhWkneUjBmCrrNxC2HSLoXkE6My-cKZvdTB6aA==

GET
H2 200 client.25ed3538083d617dd6ec.js Show response
app-assets.paywithextend.com/ 10 MB
10 MB 106ms
27ms Script
application/javascript 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08f3816994290cf48cbf5f8466e31cb836210f6fe8e4f1f2ab7bb0d23f2750fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: QUYn90YpWag8Wo4LgOwmt9S9Ah_HbIkZ
date: Thu, 07 Dec 2023 15:30:28 GMT
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 15:18:43 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 41261
x-amz-server-side-encryption: AES256
etag: "27b42f2b305a958b24101d6654138eac-3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10931371
x-amz-cf-id: osssfEN-fvbHEYS5iKOGG4v9ZXefyZLunX-9dtRyZAql7EJm_k8NFw==

OPTIONS
H2 200 config
api.paywithextend.com/ Frame 0
0 584ms
172ms Preflight 34.203.136.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.paywithextend.com/config?locale=en-US
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.203.136.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-203-136-155.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-extend-app-id,x-extend-brand,x-extend-platform,x-extend-platform-version
Access-Control-Request-Method: GET
Origin: https://app.paywithextend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-extend-app-id, x-extend-brand, x-extend-platform, x-extend-platform-version
access-control-allow-methods: PATCH,POST,PUT,GET,OPTIONS,DELETE
access-control-allow-origin: https://app.paywithextend.com
access-control-expose-headers: xsrf-token
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length: 0
date: Fri, 08 Dec 2023 02:58:09 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
x-rate-limit-remaining: 499

GET
H2 200 config Show response
api.paywithextend.com/ 3 KB
4 KB 174ms
173ms XHR
application/vnd.paywithextend.v2021-03-12+json 34.203.136.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.paywithextend.com/config?locale=en-US

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.203.136.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-203-136-155.compute-1.amazonaws.com

Software

Resource Hash

0afbab5134781e30fcb9d5eeec2e9d7be116227183ed9a47edb0cddfcf40a04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

X-Extend-App-ID: app.paywithextend.com
X-Extend-Platform: web
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
X-Extend-Brand: br_2F0trP1UmE59x1ZkNIAqsg
Accept: application/vnd.paywithextend.v2021-03-12+json
Referer: https://app.paywithextend.com/
X-Extend-Platform-Version: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 02:58:10 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
x-content-type-options: nosniff
x-rate-limit-remaining: 499
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-frame-options: DENY
content-type: application/vnd.paywithextend.v2021-03-12+json
access-control-allow-origin: https://app.paywithextend.com
access-control-expose-headers: xsrf-token
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
x-xss-protection: 0
expires: 0

GET
H2 200 unresolved Show response
prox.paywithextend.com/statuspage/ 173 B
714 B 491ms
421ms XHR
application/json 108.138.26.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prox.paywithextend.com/statuspage/unresolved
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-69.fra56.r.cloudfront.net
Software: / Express
Resource Hash: 0fe2870da6a56a000de0b298676e7dd9c2daf75774c04c563b885ac3ff4540ec

Request headers

Accept: application/json, text/plain, */*
Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
x-amzn-remapped-content-length: 173
x-amz-cf-pop: FRA56-P7
x-amzn-requestid: f50ec182-a8bb-497c-ad75-4b6f77e8218b
x-amzn-remapped-connection: close
x-powered-by: Express
x-cache: Miss from cloudfront
x-amz-apigw-id: PmnqUENVoAMEHJA=
content-length: 173
etag: W/"ad-Qoeq0lFA2yaxqXwL1xDjwKOxnZ8"
x-amzn-trace-id: Root=1-65728641-797aadc31beec81337db9c48;Sampled=0;lineage=73d32313:0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-amzn-remapped-date: Fri, 08 Dec 2023 02:58:09 GMT
x-amz-cf-id: jwSi1Eqg5Zz8PrzEwYmCa_eHWf5GweH1jsRC-HlrRWbAVi-mkpZGHA==

GET
H2 200 931.ab51c103a3c78868b3d6.js
app-assets.paywithextend.com/ 0
4 KB 27ms
27ms Other
application/javascript 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/931.ab51c103a3c78868b3d6.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: 63k5Yygzj5.M1YZ46FC91CRNijfmS7ZS
content-encoding: gzip
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 08:40:27 GMT
last-modified: Thu, 30 Nov 2023 19:50:10 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 65863
x-amz-server-side-encryption: AES256
etag: W/"25ab5e1ae2b4e405eea8a93830a7a637"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: cvutDWkrvlUbUiIHazvvDV3t7wdmtRRJLBppzQM7b6WQ_HmUfupnOA==

GET
H2 200 settings Show response
sdks.paywithextend.com/v1/projects/j2caJXDlV5RKVZcqbQFITeCywiI1hD8c/ 6 KB
6 KB 61ms
8ms Fetch
application/json 2600:9000:2156:8800:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/v1/projects/j2caJXDlV5RKVZcqbQFITeCywiI1hD8c/settings
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8800:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569d8834ffd7575aa035d0cfd5dd94d6498b7a03abb6756916b6cc763a6bbb5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: rmql7aT85PN5RWiWI2wFW.HklLPmfOes
via: 1.1 1b412557b82dda96e078541f9ee8dfb2.cloudfront.net (CloudFront), 1.1 9c7c26f5beeb09381cea450ea3581b36.cloudfront.net (CloudFront)
date: Fri, 08 Dec 2023 00:37:06 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
age: 8464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 5647
last-modified: Tue, 05 Dec 2023 00:00:53 GMT
server: AmazonS3
etag: "b3ee894ad4129e86e0bbb470cdc038af"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Juu56oXJ9yJpOGnVv2dalYSU8o178sYMytKTP-NNonWiu7k1AkfHjg==

GET
H2 200 Cards.8b42b318ea51b8444e581cafc0ddcfe2.png
app-assets.paywithextend.com/ 175 KB
175 KB 20ms
20ms Image
image/png 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-assets.paywithextend.com/Cards.8b42b318ea51b8444e581cafc0ddcfe2.png
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31670b6f34930da0c4840c00653bde5e20def00aa9ccf20cf2adfb0b6968221f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 08:21:25 GMT
x-amz-version-id: gvxXbEswYaQy6Mv5ogdJQYqHcjLZXRl8
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 16:51:10 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 67005
etag: "5e8813f8d62bfe21e16faf0139f98275"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 178911
x-amz-cf-id: RCJIHi46VKaKaytUUBVbx9z-Op8LJ49MCmy6aEYhoiJtKiOjnJdQig==

GET
H2 200 Budgets.981e040452a269b5ca58b2fd2308c705.png
app-assets.paywithextend.com/ 301 KB
302 KB 19ms
18ms Image
image/png 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app-assets.paywithextend.com/Budgets.981e040452a269b5ca58b2fd2308c705.png
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d4ea00b845af63d9834e20e6b63fa80b8dfd0db2475c5240d77473af7b6f8700

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 08:21:25 GMT
x-amz-version-id: h2SIAWJTKLj3WJG7Ri00TKqx.DhYH8jJ
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
last-modified: Tue, 05 Dec 2023 16:51:10 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 67005
etag: "0620569dfea77ed9e84ac9dc70a63c96"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 307995
x-amz-cf-id: SoyeI298Ahb98xk6tt99g7TCrP4vem7Hdkbpn-jwpy35eH84l3Y2gA==

GET
H2 200 PrimaryLogo.svg
brand-assets.paywithextend.com/extend/ 10 KB
4 KB 50ms
16ms Image
image/svg+xml 108.157.4.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brand-assets.paywithextend.com/extend/PrimaryLogo.svg
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-84.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a6bb0a4639bef59bc8a79695e376fd7a9dc879ae90c5697dd84a8dc52923506

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: iOWWSvmxxQqKAxVmkl.7wgL1eO3ZP4tn
content-encoding: gzip
via: 1.1 68ce2f06efd4c9639aadce9f9d7fb096.cloudfront.net (CloudFront)
date: Fri, 08 Dec 2023 02:58:09 GMT
last-modified: Mon, 07 Dec 2020 22:29:19 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 57071
x-amz-server-side-encryption: AES256
etag: W/"5a6733fdead5ac41308ff52c224e9eb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 8ujpGkzFnfJ8KZ3Brr96-YeHzb9H8OqM5ceQ067uF_ajyP27i1fnrg==

GET
H2 200 Rubik-Medium.4ddab52b8ff256c808344c15164118c6.ttf
app-assets.paywithextend.com/ 133 KB
63 KB 498ms
476ms Font
font/ttf 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/Rubik-Medium.4ddab52b8ff256c808344c15164118c6.ttf
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc1dd76abe28078cd5a69ee986ccf3a3d7e74bd95d9fff16db7700daca37dcfb

Request headers

Referer: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Origin: https://app.paywithextend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
x-amz-version-id: dTusUA2jSZyzMBlUAw5TU9PiUxBTgUo3
content-encoding: gzip
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 05 Dec 2023 16:51:10 GMT
server: AmazonS3
etag: W/"c87313aa86b7caa31a9a0accaa584970"
access-control-max-age: 5000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: https://app.paywithextend.com
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
x-amz-cf-id: aavoVv4Dm_5FDXBL1GQL1SPx1OAcQV5eEpGUZjhBZLIv5DKYS2iGZA==

GET
H2 200 Rubik-Regular.37a4d906e92edcd9484c83065d6a1838.ttf
app-assets.paywithextend.com/ 130 KB
62 KB 521ms
498ms Font
font/ttf 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/Rubik-Regular.37a4d906e92edcd9484c83065d6a1838.ttf
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c93ef2613d2207307a8e91ceb6719e0c6e313c10e58860bdaca02a849b72b97

Request headers

Referer: https://app-assets.paywithextend.com/client.b55905057a5baa4ce5d9.css
Origin: https://app.paywithextend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
x-amz-version-id: DvetCgTWE8oKKCJ.H5aDR7ssAWH93M4x
content-encoding: gzip
via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Tue, 05 Dec 2023 16:51:10 GMT
server: AmazonS3
etag: W/"b3d0902b533ff4c4f1698a2f96ddabab"
access-control-max-age: 5000
access-control-allow-methods: GET
content-type: font/ttf
access-control-allow-origin: https://app.paywithextend.com
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-credentials: true
x-amz-cf-id: yqEkvB9RTsBxpGpPmic6DFvaOwAs12PF_32uD9e8JTNdi2n9funZww==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 61ms
39ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd30135294a45fa4a31b23a780f4578eb8267047c2d065f7f75331bca15639a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 02:58:09 GMT

GET
H2 200 ajs-destination.3cc384d7ca9be1b2a57c.js Show response
app-assets.paywithextend.com/ 9 KB
3 KB 19ms
19ms Script
application/javascript 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/ajs-destination.3cc384d7ca9be1b2a57c.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e69659c4f74253398b0a7cc8c898f144376a3bbd461e0973837d34178539fea3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 04:38:10 GMT
x-amz-version-id: .lPlXaoVz3h_DOo4oBIx1B.mrivGiaYo
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 16:51:10 GMT
server: AmazonS3
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/"3cd60efc1a6c275173c52a0afa082171"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 80400
x-amz-cf-id: sMIzghjjztbtXt8HJ_issL3qbDhx8Y2J8evEBg5Ru52uZ2_FAMiBrA==

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/extend-app-stage/ 626 B
680 B 285ms
285ms Fetch
application/json 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/extend-app-stage/installations

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b8eb9db1e24973fa2f1a91d7625e4862f42593f60856b0d48e6c5f56c48fbf2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://app.paywithextend.com/
x-goog-api-key: AIzaSyBrG5GmplxwBeBBnBU2p4o2mHzT_k4Eons
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuOSBmaXJlLWNvcmUtZXNtMjAxNy8wLjkuOSBmaXJlLWpzLyBmaXJlLWpzLWFsbC1hcHAvOS4yMS4wIGZpcmUtaWlkLzAuNi40IGZpcmUtaWlkLWVzbTIwMTcvMC42LjQgZmlyZS1yYy8wLjQuNCBmaXJlLXJjLWVzbTIwMTcvMC40LjQiLCJkYXRlcyI6WyIyMDIzLTEyLTA4Il19XX0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
content-type: application/json

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.paywithextend.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 490
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/extend-app-stage/ Frame 0
0 95ms
22ms Preflight
text/html 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/extend-app-stage/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://app.paywithextend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.paywithextend.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 02:58:09 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 schemaFilter.0c1ed66f693b92eb4304.js Show response
app-assets.paywithextend.com/ 1 KB
1 KB 33ms
33ms Script
application/javascript 18.66.248.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://app-assets.paywithextend.com/schemaFilter.0c1ed66f693b92eb4304.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-29.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4988e4d2efb9fdd679216e7a8f5277286947c2ed049ef20286622f8a4638ce93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 04:38:11 GMT
x-amz-version-id: 67VZbaxB6EmPARqAL9_3PJxMZJRS4IxU
content-encoding: gzip
last-modified: Tue, 05 Dec 2023 16:51:10 GMT
server: AmazonS3
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
etag: W/"399cdcdfa418810c09a6b915dc3b11c0"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 80399
x-amz-cf-id: 9LLXUVIO9WPoSRKqCUy2A41einqQxxpR8ZsehV2Ckf2pO6giDas9LA==

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ 504 KB
202 KB 40ms
7ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.paywithextend.com/
Origin: https://app.paywithextend.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 21:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 21:08:26 GMT

GET
H2 200 472df9b8be6018a4880f.js Show response
sdks.paywithextend.com/next-integrations/actions/google-analytics-4-web/ 189 KB
190 KB 47ms
19ms Script
application/javascript 2600:9000:2156:8800:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/actions/google-analytics-4-web/472df9b8be6018a4880f.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8800:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0a2429363885c1f27f5d20759bf8213eeea483ce52a8f14b168befe4d7d4edec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: h89tCGbXXZpldquHNOnMB_LjCv57MWZQ
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date: Fri, 08 Dec 2023 02:58:09 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 193315
last-modified: Mon, 04 Dec 2023 18:51:01 GMT
server: AmazonS3
etag: "d3d8aa605969e9fd95b2064de9dc363d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: f1VmNWQ1YJSaXjwjYiVO-wdBBYZjk0hOTq19yqR1DzN623qx3Sncsw==

GET
H2 200 5e05af4df784c6e238cc.js Show response
sdks.paywithextend.com/next-integrations/actions/userpilot/ 169 KB
170 KB 66ms
39ms Script
application/javascript 2600:9000:2156:8800:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/actions/userpilot/5e05af4df784c6e238cc.js
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8800:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6579424c695e40d41e5d90b50184629ed71f723742d6fae5c46f1e1fd46d48dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: NE0.v0mvPt7BsTqSfYp6ahwXUoaZI7BH
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date: Fri, 08 Dec 2023 02:58:09 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 172977
last-modified: Mon, 04 Dec 2023 18:51:01 GMT
server: AmazonS3
etag: "da6162135330bb78344b68dd5fe09ad7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: hAjHeXYXCv791jvhcTvN7qYRQellNErfbV0hqz2umuYy_dyXRMiy3g==

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F5D9 39 KB
24 KB 29ms
29ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=qw8f97z3zt26

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c57784b021619001c7a28581b35997cea670d980462acfc8279dca5151c21bf2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-15MgTglv9OJLD28PYT8XMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.paywithextend.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-15MgTglv9OJLD28PYT8XMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 02:58:09 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 b0eab045596385f932c0.js Show response
sdks.paywithextend.com/next-integrations/actions/962/ 23 KB
24 KB 32ms
31ms Script
application/javascript 2600:9000:2156:8800:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/actions/962/b0eab045596385f932c0.js
Requested by: Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/actions/google-analytics-4-web/472df9b8be6018a4880f.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8800:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 659bf6fd03ae6ef2baabe1ec8bb4073f9834ea694254bc78f8839589a4eeb285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: zk9rxxlqKCjHbsFrMYTC7R6tXRM31okT
via: 1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date: Fri, 08 Dec 2023 02:58:09 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24043
last-modified: Mon, 04 Dec 2023 18:50:59 GMT
server: AmazonS3
etag: "566a0711c9f794ab81f9adf75b9544ce"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: YcQK99RuF0zWykY4jBYufDeuMm07iwLh-KZEOaYBRNbm_etDZIJsZw==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame F5D9 55 KB
24 KB 21ms
7ms Stylesheet
text/css 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=qw8f97z3zt26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 01:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3638
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 01:57:31 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/ Frame F5D9 504 KB
202 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 21:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20983
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206640
x-xss-protection: 0
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 21:08:26 GMT

GET
H2 200 google-analytics.dynamic.js.gz Show response
sdks.paywithextend.com/next-integrations/integrations/google-analytics/2.18.5/ 16 KB
5 KB 8ms
8ms Script
application/javascript 2600:9000:2156:8800:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/integrations/google-analytics/2.18.5/google-analytics.dynamic.js.gz
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8800:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: K4QGNkPJBd_QhAl8Ep7SDksdcNN7fIa5
content-encoding: gzip
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 05:06:44 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
age: 78686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4743
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "36786f75981fc0efd629c4a89e1c78ec"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: 16cOtO0lba4COGV_wolvhTjyQQnYWUnphv0MhsQeOfHAFtugkDifjw==

GET
H2 200 linkedin-insight-tag.dynamic.js.gz Show response
sdks.paywithextend.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/ 2 KB
2 KB 8ms
8ms Script
application/javascript 2600:9000:2156:8800:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/integrations/linkedin-insight-tag/1.0.1/linkedin-insight-tag.dynamic.js.gz
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8800:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 03:59:22 GMT
content-encoding: gzip
via: 1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
x-amz-version-id: PgMPNrJn4UXeGYnax_P5hY3ZIibnCzEY
x-amz-cf-pop: FRA6-C1, FRA50-C1
age: 82728
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1061
last-modified: Wed, 18 Oct 2023 10:36:35 GMT
server: AmazonS3
etag: "9fb524ce2b800e7ddc8a15d53c31c3d1"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
x-amz-cf-id: 8I-E_IpBX8PH_rAlOja1B2yOuwi9Ym5h6s-K5wpMuW3XASBoUuPFwA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 248 KB
83 KB 54ms
19ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN

Requested by

Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/actions/962/b0eab045596385f932c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

39a4a1283a6ba279fbee01d971606c82aeac8c2c3cde79eb99a171085313deca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84945
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 02:58:09 GMT

GET
H2 200 latest.js Show response
js.userpilot.io/sdk/ 3 KB
1 KB 56ms
16ms Script
text/javascript 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/latest.js

Requested by

Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/actions/962/b0eab045596385f932c0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b5c9b5d4c81382665a41deec56c92daaff3c6b217d1c3e69cc827d314f5be7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: HR8XBWBF7GWBR494
age: 62
x-amz-server-side-encryption: AES256
x-amz-id-2: q8hEQAsNk1W/lVFDHBoTIFXH/99wHkBxek6E5RJrX3IRwzTH1ftm6rSHllAg31ePlLYGAAP5ylI=
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 09:52:47 GMT
server: cloudflare
etag: W/"3bf644bb390fb3bbeae585f0b1c99f15"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=120
cf-ray: 8321bebb99401989-FRA

GET
H2 200 commons.c42222c4cb2f8913500f.js.gz Show response
sdks.paywithextend.com/next-integrations/integrations/vendor/ 73 KB
22 KB 11ms
8ms Script
application/javascript 2600:9000:2156:8800:6:f240:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdks.paywithextend.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8800:6:f240:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: uOfxQOMLwdt.eKHcMs4MBn7QUxA0mLtL
content-encoding: gzip
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
date: Thu, 07 Dec 2023 05:06:43 GMT
x-amz-cf-pop: FRA6-C1, FRA50-C1
age: 78686
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 22177
last-modified: Wed, 18 Oct 2023 10:36:32 GMT
server: AmazonS3
etag: "befb217271e2e926c7d898f1c85f6cb7"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: gzZH7_Hvlr__25w7dbR-OfRLMc5yxf8sH_rH1QcLU_i2bolr4AcHsw==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1 KB
805 B 70ms
16ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

ecf9967a9685eff0fdc0555125aeb40dc81a85c8de18c48c2a705132ef6129bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Dec 2023 10:28:06 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=27016
accept-ranges: bytes
content-length: 595

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 46ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: sdks.paywithextend.com
URL: https://sdks.paywithextend.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 01:41:49 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4580
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Dec 2023 03:41:49 GMT

GET
H3 200 Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js Show response
www.google.com/js/bg/ Frame F5D9 17 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/Bxq4bn_S_WQLi1emfppw4efsWzB07mtlRa5_2O6sP_s.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=qw8f97z3zt26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:11:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 218791
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6850
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 04 Dec 2024 14:11:38 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F5D9 2 KB
2 KB 7ms
7ms Image
image/png 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 15:37:20 GMT
x-content-type-options: nosniff
age: 300049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 11 Dec 2023 15:37:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5D9 15 KB
16 KB 29ms
6ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 23:26:56 GMT
x-content-type-options: nosniff
age: 12673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:26:56 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5D9 15 KB
15 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:01:27 GMT
x-content-type-options: nosniff
age: 107802
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:01:27 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F5D9 102 B
134 B 17ms
16ms Other
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=qw8f97z3zt26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 02:58:09 GMT

GET
H2 200 app.js Show response
js.userpilot.io/sdk/version/1.432/ 1 MB
238 KB 16ms
15ms Script
text/javascript 2606:4700::6812:109b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.userpilot.io/sdk/version/1.432/app.js

Requested by

Host: js.userpilot.io
URL: https://js.userpilot.io/sdk/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:109b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6990af64abb9639879a500be6da3e9352090bb3d9a6a4b3e0d26bd26c8d28d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
x-amz-request-id: DVQDMNGXYJMAND18
age: 61519
x-amz-server-side-encryption: AES256
x-amz-id-2: xrYIf6F5NlU5GrUow4mrV4RVMQ1gqhhGrqQpvq7OP1I95KvxtwwcwRTvR/KEBoLs0gdiQg5k4zGHpDPNjlbgGQ==
cf-bgj: minify
last-modified: Thu, 07 Dec 2023 09:52:44 GMT
server: cloudflare
etag: W/"df55fdc6c75a1cf481e33266410af779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=86400
cf-ray: 8321bebbd97b1989-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
164 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1567775968&t=pageview&_s=1&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=Viewed%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACgCIAB~&jid=1561885036&gjid=1612310434&cid=594645493.1702004290&tid=UA-99983352-2&_gid=242117818.1702004290&_r=1&_slc=1&z=539097447

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9a97c70378082ab4dced1471b7b1299039402905e3ccb5acccd75d8f6e41d433

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 02:58:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1567775968&t=event&ni=1&_s=2&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=Viewed%2F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Viewed%2F%20Page&ev=0&_u=aEBAAEABAAAAACgCIAD~&jid=&gjid=&cid=594645493.1702004290&tid=UA-99983352-2&_gid=242117818.1702004290&z=845287477

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 11:43:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54893
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
sa.paywithextend.com/v1/ 21 B
333 B 722ms
579ms Fetch
application/json 2600:9000:223d:800:1f:d442:bb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.paywithextend.com/v1/p

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:800:1f:d442:bb40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://app.paywithextend.com
content-length: 21
x-amz-cf-id: ySsgqfmL9QYhbjtOm9CfwnD3ZZc2IvR694jx-tOAmFjxAs7w5YlUkA==

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1567775968&t=pageview&_s=3&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=Viewed%2Fsignin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABAAAAACgCIAD~&jid=&gjid=&cid=594645493.1702004290&tid=UA-99983352-2&_gid=242117818.1702004290&z=284084319

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 11:43:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54893
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1567775968&t=event&ni=1&_s=4&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&dp=%2Fsignin&ul=en-us&de=UTF-8&dt=Viewed%2Fsignin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=All&ea=Viewed%20Viewed%2Fsignin%20Page&ev=0&_u=aEBAAEABAAAAACgCIAD~&jid=&gjid=&cid=594645493.1702004290&tid=UA-99983352-2&_gid=242117818.1702004290&z=1300866929

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Dec 2023 11:43:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54893
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 p Show response
sa.paywithextend.com/v1/ 21 B
334 B 706ms
567ms Fetch
application/json 2600:9000:223d:800:1f:d442:bb40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sa.paywithextend.com/v1/p

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223d:800:1f:d442:bb40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://app.paywithextend.com
content-length: 21
x-amz-cf-id: pZN6mdvZwhn1wJm8Kjn8I8zkDeIwUPdDVmPtAAcUpnh2CsNAMx-bVw==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 36ms
13ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8W0EQ1D2FN&gtm=45je3bt0v883899832&_p=1702004289808&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-US&cid=594645493.1702004290&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=kA&_s=1&dt=Create%20virtual%20cards%20with%20the%20card%20in%20your%20pocket.%20%7C%20Extend&dl=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&sid=1702004289&sct=1&seg=0&en=Viewed%20Viewed%2F%20Page&_fv=1&_ss=1&ep.event_category=All&epn.value=0&tfd=2505
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 02:58:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 63ms
21ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8W0EQ1D2FN&cid=594645493.1702004290&gtm=45je3bt0v883899832&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 02:58:10 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 37ms
17ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8W0EQ1D2FN&cid=594645493.1702004290&gtm=45je3bt0v883899832&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=1309553862

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 02:58:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 31 KB
12 KB 13ms
13ms Script
application/javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 13:47:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=13154
accept-ranges: bytes
content-length: 12150

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
353 B 57ms
20ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-99983352-2&cid=594645493.1702004290&jid=1561885036&gjid=1612310434&_gid=242117818.1702004290&_u=aEBAAEAAAAAAACgCIAB~&z=863755549

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 08 Dec 2023 02:58:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.paywithextend.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 252 KB
85 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8W0EQ1D2FN&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e756b0d636afa34b0417ea9bb5bc62ca05678e01c2e60047396f1ca21e468b3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86694
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 02:58:09 GMT

GET
H2 200 NX-83c21197 Show response
find.userpilot.io/v1/lookups/ 62 B
534 B 744ms
712ms XHR
application/json 2606:4700::6812:119b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://find.userpilot.io/v1/lookups/NX-83c21197

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:119b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: EXPIRED
content-encoding: gzip
x-cache: Hit from findex
x-request-id: F5674n0_Z39NQgYC5I6h
last-modified: Thu, 07 Dec 2023 21:10:21 GMT
server: cloudflare
vary: Accept-Encoding
x-ratelimit-remaining: 59999
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-apo-via: origin,host
x-ratelimit-limit: 60000
x-ratelimit-reset: 1702004340000
cf-ray: 8321bebc8a8c9b2e-FRA

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1836018%26time%3D1702004290019%26url%3Dhttps%253A%252F%252Fapp.paywithextend.com%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true&e_ipv6=AQKIiUCE5tBAHwAAAYxHXHQpnkcq2dxiZ...

0
264 B

190ms
148ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true&e_ipv6=AQKIiUCE5tBAHwAAAYxHXHQpnkcq2dxiZyRHJK2lZsY9Fl4wIeCcWRRR5kCXFvGDjA4_t2qTQPOHVnL99lJq9vOYx0wh
Requested by: Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9A652AD235CD4457AABDF5278385F9F8 Ref B: FRAEDGE1513 Ref C: 2023-12-08T02:58:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYL9sEoiadAJx52EophkQ==

Redirect headers

date: Fri, 08 Dec 2023 02:58:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 412D4FEF5E3640739F1A587A1628A5F3 Ref B: FRAEDGE1222 Ref C: 2023-12-08T02:58:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1836018&time=1702004290019&url=https%3A%2F%2Fapp.paywithextend.com%2Fsignin&cookiesTest=true&liSync=true&e_ipv6=AQKIiUCE5tBAHwAAAYxHXHQpnkcq2dxiZyRHJK2lZsY9Fl4wIeCcWRRR5kCXFvGDjA4_t2qTQPOHVnL99lJq9vOYx0wh
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYL9sElpqr8KYMMyXhjZw==

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 29ms
29ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-99983352-2&cid=594645493.1702004290&jid=1561885036&_u=aEBAAEAAAAAAACgCIAB~&z=1589914651

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 02:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 23ms
20ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-99983352-2&cid=594645493.1702004290&jid=1561885036&_u=aEBAAEAAAAAAACgCIAB~&z=1589914651

Requested by

Host: app.paywithextend.com
URL: https://app.paywithextend.com/signin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.paywithextend.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 02:58:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/extend-app-stage/namespaces/ 2 KB
1 KB 207ms
206ms Fetch
application/json 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/extend-app-stage/namespaces/firebase:fetch?key=AIzaSyBrG5GmplxwBeBBnBU2p4o2mHzT_k4Eons

Requested by

Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

67d2f1331c708f39fe290dbf3dfa0d14373ce72e9dee37c5682f13a9d153af7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://app.paywithextend.com/
If-None-Match: *
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-extend-app-stage-firebase-fetch-1315025197
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.paywithextend.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1000
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/extend-app-stage/namespaces/ Frame 0
0 50ms
14ms Preflight
text/html 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/extend-app-stage/namespaces/firebase:fetch?key=AIzaSyBrG5GmplxwBeBBnBU2p4o2mHzT_k4Eons

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://app.paywithextend.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.paywithextend.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Fri, 08 Dec 2023 02:58:10 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame F5D9 14 KB
10 KB 86ms
86ms XHR
application/json 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

97dfdd9999e0f5adcf9891acf113c03ec7572cc71b49d5fb549f3468550c9995

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lda69MgAAAAALa0nw9lUWo7NBrvsQzwwAvwEAuL&co=aHR0cHM6Ly9hcHAucGF5d2l0aGV4dGVuZC5jb206NDQz&hl=de&v=cwQvQhsy4_nYdnSDY4u7O5_B&size=invisible&cb=qw8f97z3zt26
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Fri, 08 Dec 2023 02:58:10 GMT

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
199 B 151ms
150ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: app-assets.paywithextend.com
URL: https://app-assets.paywithextend.com/client.25ed3538083d617dd6ec.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: *
Referer: https://app.paywithextend.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 08 Dec 2023 02:58:10 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 5EAE720AE2DC4AA99835B2F65EB77790 Ref B: FRAEDGE1222 Ref C: 2023-12-08T02:58:10Z
linkedin-action: 1
vary: Origin
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
access-control-allow-origin: https://app.paywithextend.com
x-li-proto: http/2
access-control-allow-credentials: true
x-li-uuid: AAYL9sEq58+ODw8ZoZ1q9A==

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 21:05:56	Name: _GRECAPTCHA Value: 09AOX_bvibqmGoDYdM03TH7fwXVmjAF5v0N_XOzyl6TJuEWBHakgkx2cSJx1Nvhgamt_LtWkK1aPkNn-qb4OkMPnw
app.paywithextend.com/	1970-01-21 02:22:44	Name: extend_app_jwt_prod Value: undefined
app.paywithextend.com/	1970-01-21 02:22:44	Name: extend_app_refresh_token_prod Value: undefined
app.paywithextend.com/	1970-01-21 02:22:44	Name: extend_app_csp_jwt_prod Value: undefined
app.paywithextend.com/	1970-01-21 02:22:44	Name: extend_app_csp_refresh_token_prod Value: undefined
app.paywithextend.com/	1970-01-21 02:22:44	Name: extend_app_token_id_prod Value: undefined
.paywithextend.com/	1970-01-21 01:32:20	Name: ajs_anonymous_id Value: d21955e8-0eff-4b8a-9087-9b786be183a1
.paywithextend.com/	1970-01-20 16:48:10	Name: _gid Value: GA1.2.242117818.1702004290
.paywithextend.com/	1970-01-20 16:46:44	Name: _gat Value: 1
.paywithextend.com/	1970-01-21 02:22:44	Name: _ga Value: GA1.1.594645493.1702004290
.paywithextend.com/	1970-01-21 02:22:44	Name: _ga_8W0EQ1D2FN Value: GS1.1.1702004289.1.0.1702004289.60.0.0
.linkedin.com/	1970-01-20 18:56:20	Name: li_sugr Value: d81a7c7a-602f-4193-8f3f-cfeaaa61b185
.linkedin.com/	1970-01-21 01:32:20	Name: bcookie Value: "v=2&a70a6a63-37f8-47bb-80f7-590aa4db4a68"
.linkedin.com/	1970-01-20 16:48:10	Name: lidc Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2645:u=1:x=1:i=1702004290:t=1702090690:v=2:sig=AQHQQWpXv7JcsyYsQKfHU1vEwB1E36RP"
.linkedin.com/	1970-01-20 17:29:56	Name: UserMatchHistory Value: AQLXYWs2eypqeQAAAYxHXHLyslVFc7rCxfRRuoMXU48RyXivFDPTvfo7G85djT4guuWweYPsCoivHQ
.linkedin.com/	1970-01-20 17:29:56	Name: AnalyticsSyncHistory Value: AQI2GhSQxFREygAAAYxHXHLyaKiopBxFlB3A9PJ5CfzuLx7-A_eNqPb4JPRQKdzIf7I_h0Se-FSV0fVJgKtssw
.www.linkedin.com/	1970-01-21 01:32:20	Name: bscookie Value: "v=1&2023120802581077c2e849-ab87-465e-8bfa-016841a3abf8AQEwjtTLRcRLNgpMSU0zNdlTOLzzwTNd"
.linkedin.com/	1970-01-20 21:05:56	Name: li_gc Value: MTswOzE3MDIwMDQyOTA7MjswMjHJ2wFbcVmSuU/uL/POpQeQ6vzLGqXz2m7BtQbTnjVDyg==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Error with Permissions-Policy header: Parse of permissions policy failed because of errors reported by structured header parser.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'nonce-0WVnPdQwe_iCGVbZlRV17iv-f0XYgJ4u' paywithextend.com .paywithextend.com cdn.segment.com cdn.plaid.com connect.facebook.net www.google-analytics.com snap.licdn.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.googletagmanager.com/ http://964-YBI-786.mktoweb.com/ http://munchkin.marketo.net/161/munchkin.js https://js.userpilot.io/ http://js.userpilot.io/ https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js .codat.io
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.paywithextend.com
app-assets.paywithextend.com
app.paywithextend.com
brand-assets.paywithextend.com
find.userpilot.io
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.gstatic.com
js.userpilot.io
prox.paywithextend.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
sa.paywithextend.com
sdks.paywithextend.com
snap.licdn.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
108.138.26.69
108.157.4.84
13.107.42.14
18.66.248.29
2001:4860:4802:34::36
2600:9000:2156:8800:6:f240:b1c0:93a1
2600:9000:223d:800:1f:d442:bb40:93a1
2606:4700:10::6816:4883
2606:4700:10::ac43:c6d
2606:4700::6812:109b
2606:4700::6812:119b
2620:1ec:21::14
2a00:1450:4001:806::200a
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a02:26f0:480:f::213:7edd
34.203.136.155
071ab86e7fd2fd640b8b57a67e9a70e1e7ec5b3074ee6b6545ae7fd8eeac3ffb
08f3816994290cf48cbf5f8466e31cb836210f6fe8e4f1f2ab7bb0d23f2750fd
0a01e643447eecd7cc74d4b9a55a2f26bb205a874806a6dedfaace8b41082feb
0a2429363885c1f27f5d20759bf8213eeea483ce52a8f14b168befe4d7d4edec
0afbab5134781e30fcb9d5eeec2e9d7be116227183ed9a47edb0cddfcf40a04e
0c93ef2613d2207307a8e91ceb6719e0c6e313c10e58860bdaca02a849b72b97
0fe2870da6a56a000de0b298676e7dd9c2daf75774c04c563b885ac3ff4540ec
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15440dc9b45240d256ceac25efd245ce5de70cf8ecc921e36d456e2bb97013d2
15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e5b317f39169e78835265b4535287a1975e50ff792191b7a72b0fbba514a274
24bf5804628ef0429146358f8c099f413e38836a5de8c13d03d775bafccb3b49
31670b6f34930da0c4840c00653bde5e20def00aa9ccf20cf2adfb0b6968221f
39a4a1283a6ba279fbee01d971606c82aeac8c2c3cde79eb99a171085313deca
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43760313e4a6cfb7be2b72e5b0daa391e8880a24e3274e00bfc2c7b8bba09936
4988e4d2efb9fdd679216e7a8f5277286947c2ed049ef20286622f8a4638ce93
4a6bb0a4639bef59bc8a79695e376fd7a9dc879ae90c5697dd84a8dc52923506
569d8834ffd7575aa035d0cfd5dd94d6498b7a03abb6756916b6cc763a6bbb5e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6579424c695e40d41e5d90b50184629ed71f723742d6fae5c46f1e1fd46d48dc
659bf6fd03ae6ef2baabe1ec8bb4073f9834ea694254bc78f8839589a4eeb285
67d2f1331c708f39fe290dbf3dfa0d14373ce72e9dee37c5682f13a9d153af7b
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7b5c9b5d4c81382665a41deec56c92daaff3c6b217d1c3e69cc827d314f5be7f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
97dfdd9999e0f5adcf9891acf113c03ec7572cc71b49d5fb549f3468550c9995
9a97c70378082ab4dced1471b7b1299039402905e3ccb5acccd75d8f6e41d433
b17b4a5cc840a366a4c006794502f887a316402f781f85e913ac4af19a93fc13
b8eb9db1e24973fa2f1a91d7625e4862f42593f60856b0d48e6c5f56c48fbf2f
bd30135294a45fa4a31b23a780f4578eb8267047c2d065f7f75331bca15639a4
c57784b021619001c7a28581b35997cea670d980462acfc8279dca5151c21bf2
c7b92a4e3cd9b6ea5422c922f8cba9e12213368ade0cac7fa38328003a55887c
cc1dd76abe28078cd5a69ee986ccf3a3d7e74bd95d9fff16db7700daca37dcfb
d4ea00b845af63d9834e20e6b63fa80b8dfd0db2475c5240d77473af7b6f8700
d6990af64abb9639879a500be6da3e9352090bb3d9a6a4b3e0d26bd26c8d28d0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69659c4f74253398b0a7cc8c898f144376a3bbd461e0973837d34178539fea3
e756b0d636afa34b0417ea9bb5bc62ca05678e01c2e60047396f1ca21e468b3c
ecf9967a9685eff0fdc0555125aeb40dc81a85c8de18c48c2a705132ef6129bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fdda2bf7d8e87b5ac90a791a5131a9811c207171107482857b67f6b8329854fb

app.paywithextend.com Open in urlscan Pro 2606:4700:10::ac43:c6d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

58 Requests

98 %HTTPS

78 %IPv6

11 Domains

23 Subdomains

22 IPs

3 Countries

12708 kBTransfer

14912 kBSize

18 Cookies

3 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.paywithextend.com Open in urlscan Pro
2606:4700:10::ac43:c6d Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

98 %
HTTPS

78 %
IPv6

11
Domains

23
Subdomains

22
IPs

3
Countries

12708 kB
Transfer

14912 kB
Size

18
Cookies

58 HTTP transactions
0 data transactions