urlscan.io logo urlscan.io
SecurityTrails logo

partner.paynewest.com Open in urlscan Pro
54.172.173.44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://partner.paynewest.com/
Effective URL: https://partner.paynewest.com/
Submission: On January 24 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 42 HTTP transactions. The main IP is 54.172.173.44, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is partner.paynewest.com.
TLS certificate: Issued by Amazon on May 19th 2022. Valid for: a year.
This is the only time partner.paynewest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

24    54.172.173.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-173-44.compute-1.amazonaws.com
partner.paynewest.com
1    2a00:1450:400d:80c::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    65.9.66.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-72.fra56.r.cloudfront.net
nexus.ensighten.com
2    2a00:1450:400d:805::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:400d:80d::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.172.148.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-148-236.compute-1.amazonaws.com
cs.choozle.com
1    2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org
1    143.204.205.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-113.fra53.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
Apex Domain
Subdomains		 Transfer
24 paynewest.com
partner.paynewest.com
4 MB
4 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 2892
12 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 153
91 KB
2 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 622
408 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
20 KB
2 gstatic.com
fonts.gstatic.com
49 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
2 KB
1 cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
658 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
350 B
1 choozle.com
cs.choozle.com — Cisco Umbrella Rank: 7424
123 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
185 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
44 KB
42 12
Domain Requested by
24 partner.paynewest.com 1 redirects partner.paynewest.com
4 nexus.ensighten.com partner.paynewest.com
nexus.ensighten.com
3 connect.facebook.net partner.paynewest.com
connect.facebook.net
2 insight.adsrvr.org 1 redirects d1eoo1tco6rr5e.cloudfront.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com partner.paynewest.com
1 d1eoo1tco6rr5e.cloudfront.net nexus.ensighten.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cs.choozle.com partner.paynewest.com
1 www.facebook.com partner.paynewest.com
1 www.googletagmanager.com partner.paynewest.com
42 12

This site contains links to these domains. Also see Links.

Domain
www.paynewest.com
Subject Issuer Validity Valid
*.paynewest.com
Amazon		 2022-05-19 -
2023-06-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-07 -
2023-10-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-03 -
2023-02-01		 3 months crt.sh
*.choozle.com
Amazon		 2022-05-18 -
2023-06-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh

This page contains 2 frames:

Primary Page: https://partner.paynewest.com/
Frame ID: CA7C3A1FD69D826FAD9343A5ABB1B270
Requests: 41 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
Frame ID: B4DBEF411F20729FBB187F6F6DD3F7BE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PayneWest Insurance

Page URL History Show full URLs

  1. http://partner.paynewest.com/ HTTP 301
    https://partner.paynewest.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

42
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

12
Subdomains

13
IPs

4
Countries

4292 kB
Transfer

4636 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://partner.paynewest.com/ HTTP 301
    https://partner.paynewest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://insight.adsrvr.org/tags/v6sgpuv/2d1y2pp/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
partner.paynewest.com/
Redirect Chain
  • http://partner.paynewest.com/
  • https://partner.paynewest.com/
10 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3d7d56eddba326a173d8750a43d330a6dabb4162b0f684958d9eb654a081fa58
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=86400
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Tue, 24 Jan 2023 19:14:57 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
134
Content-Type
text/html
Date
Tue, 24 Jan 2023 19:14:57 GMT
Location
https://partner.paynewest.com:443/
Server
awselb/2.0
index.css
partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/ 		207 KB
208 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
78f515220a1ccefff4e4392b39e01d1f4dd700b0e2512040da9ded02abe5c922
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:17 GMT
server
Apache
etag
"33d11-5f0fd4889c593"
x-frame-options
SAMEORIGIN
content-type
text/css
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
212241
x-xss-protection
1; mode=block
modernizr.js
partner.paynewest.com/static/bower_components/modernizr/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/bower_components/modernizr/modernizr.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:25 GMT
server
Apache
etag
"c897-5f0fd3ab02906"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
51351
x-xss-protection
1; mode=block
js
www.googletagmanager.com/gtag/ 		110 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-92545998-1
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc68ff3a9dcabdcc3032e37e7a7af6b9946c4123800810cce3339c8e0e3e0fa7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44111
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 24 Jan 2023 19:14:58 GMT
auto-tile.png
partner.paynewest.com/static/images/template-sets/paynewest/ 		194 KB
194 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.paynewest.com/static/images/template-sets/paynewest/auto-tile.png
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
3c2997fb6f5ef453dcb7e989a8e4aeefc0651ffe91d3fc0cb85b3b70d8f25a0c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:27 GMT
server
Apache
etag
"30767-5f0fd3acc0da9"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
198503
x-xss-protection
1; mode=block
home-tile.png
partner.paynewest.com/static/images/template-sets/paynewest/ 		243 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.paynewest.com/static/images/template-sets/paynewest/home-tile.png
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
452d9d2dbfcd0a8eacfea5815028b610ee3896cb70d338d41d9407ce88050a55
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:16 GMT
server
Apache
etag
"3ca8c-5f0fd48779540"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
248460
x-xss-protection
1; mode=block
renters-tile.png
partner.paynewest.com/static/images/template-sets/paynewest/ 		236 KB
237 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.paynewest.com/static/images/template-sets/paynewest/renters-tile.png
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
47ee18b63cddcbd2729885b6477280b5d31e16d8586d9527da2c5477c20c9d62
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:27 GMT
server
Apache
etag
"3b1fb-5f0fd3acf5969"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
242171
x-xss-protection
1; mode=block
pet-tile.png
partner.paynewest.com/static/images/template-sets/paynewest/ 		257 KB
258 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.paynewest.com/static/images/template-sets/paynewest/pet-tile.png
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
574819c3d95e592151e8ad51ab8080219496a3175e5a735dd006fbed744e46aa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:16 GMT
server
Apache
etag
"404ee-5f0fd48792b82"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
263406
x-xss-protection
1; mode=block
paynewest-logo-long.svg
partner.paynewest.com/static/images/template-sets/paynewest/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.paynewest.com/static/images/template-sets/paynewest/paynewest-logo-long.svg
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5966e46f1733f41a387b3813d25e6ae985c452c9c0603e5c68040a66354b5b7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:16 GMT
server
Apache
etag
"6b34-5f0fd4877d3c0"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
27444
x-xss-protection
1; mode=block
jquery.min.js
partner.paynewest.com/static/bower_components/jquery/dist/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/bower_components/jquery/dist/jquery.min.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:14 GMT
server
Apache
etag
"15d83-5f0fd485ac621"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
89475
x-xss-protection
1; mode=block
foundation.min.js
partner.paynewest.com/static/bower_components/foundation/js/ 		100 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/bower_components/foundation/js/foundation.min.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
cef0a473ee23e3e911b8f315cc4e62bdfbff0bbc437b26625c18af2e4ea22617
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:25 GMT
server
Apache
etag
"18fcb-5f0fd3ab009c6"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
102347
x-xss-protection
1; mode=block
jquery-ui-1.13.2.min.js
partner.paynewest.com/static/javascripts/ui/ 		249 KB
250 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/javascripts/ui/jquery-ui-1.13.2.min.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:17 GMT
server
Apache
etag
"3e46c-5f0fd487d7146"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
255084
x-xss-protection
1; mode=block
jquery.validate.min.js
partner.paynewest.com/static/javascripts/ 		24 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/javascripts/jquery.validate.min.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:17 GMT
server
Apache
etag
"6019-5f0fd487d61a6"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
24601
x-xss-protection
1; mode=block
additional-methods.min.js
partner.paynewest.com/static/javascripts/ 		22 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/javascripts/additional-methods.min.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:27 GMT
server
Apache
etag
"569e-5f0fd3ad2d40a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
22174
x-xss-protection
1; mode=block
mlp_additional_methods.js
partner.paynewest.com/static/javascripts/ 		16 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/javascripts/mlp_additional_methods.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
6e979d18c7df292cde08db08d79e8a1c86cbe77ecd0beaf7adb4fe6bd93a099d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:27 GMT
server
Apache
etag
"41f8-5f0fd3ad3128a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
16888
x-xss-protection
1; mode=block
app.js
partner.paynewest.com/static/javascripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/javascripts/app.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
22119010940d813140fa75191d3db6e5650b11617c5971090345e3cffea1db6c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:17 GMT
server
Apache
etag
"401-5f0fd487d61a6"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
1025
x-xss-protection
1; mode=block
css-browser-selector.js
partner.paynewest.com/static/javascripts/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/javascripts/css-browser-selector.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3752cae7a214e9df58315a35bf3e3d02b8dc086ea047e9bfdd119fcefa76234
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:17 GMT
server
Apache
etag
"2564-5f0fd487d61a6"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
9572
x-xss-protection
1; mode=block
jquery.paroller.min.js
partner.paynewest.com/static/javascripts/ 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/javascripts/jquery.paroller.min.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
64aa0e3eea8da9c03f1d590839e2447c6857ec66aa4b76f38d5e1332ac7026f4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:17 GMT
server
Apache
etag
"109e-5f0fd487d61a6"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
4254
x-xss-protection
1; mode=block
index.js
partner.paynewest.com/static/javascripts/ 		163 B
523 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/javascripts/index.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
9f7e65a3acb8f83dde736f93df9aaf573a27fde1b0c38b3301844b036b818290
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:27 GMT
server
Apache
etag
"a3-5f0fd3ad2d40a"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
163
x-xss-protection
1; mode=block
Bootstrap.js
nexus.ensighten.com/choozle/6784/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/6784/Bootstrap.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
331e28331399f0bb400e8fe8e3c1100050817871865395b84ad59bbc30eb74bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 06:06:36 GMT
x-amz-version-id
ulOL8dbjmfF5mDUcGVoddb_KNV1U.4EY
content-encoding
gzip
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
133703
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 12 Aug 2021 22:21:25 GMT
server
AmazonS3
etag
W/"4fec5f6dbc52d3484d5bdd8d4de5bd47"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
bljZX-Yra3NKCflCAKoKWjRzsroUcDW__MoqDE49ROJ-dZ4YK6CqHw==
css2
fonts.googleapis.com/ 		5 KB
581 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Archivo:wght@400;500;600;700&display=swap
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a273285d6589ce696e89df6a6b76260cae524fd5aa943e3fd9c07b028e9491c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 19:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 19:14:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 19:14:58 GMT
css2
fonts.googleapis.com/ 		4 KB
1014 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2012dcca80a96212c828cea503c4d99b9630ce483981e6e9ab8b0297daf05516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 24 Jan 2023 19:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 19:14:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 24 Jan 2023 19:14:58 GMT
ProximaNova-Regular.ttf
partner.paynewest.com/static/fonts/jaguar/ttf/ 		88 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/fonts/jaguar/ttf/ProximaNova-Regular.ttf
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
1b97de2f84b1da3c65b47e3e5025583919d4707603716006a1cb8ac9d0bf94cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Origin
https://partner.paynewest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:25 GMT
server
Apache
etag
"16000-5f0fd3ab132a6"
x-frame-options
SAMEORIGIN
content-type
application/font-sfnt
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
90112
x-xss-protection
1; mode=block
paynewest-logo-long.svg
partner.paynewest.com/static/images/template-sets/paynewest/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.paynewest.com/static/images/template-sets/paynewest/paynewest-logo-long.svg?1657289854
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
5966e46f1733f41a387b3813d25e6ae985c452c9c0603e5c68040a66354b5b7e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:27 GMT
server
Apache
etag
"6b34-5f0fd3acd4629"
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
27444
x-xss-protection
1; mode=block
index-hero.png
partner.paynewest.com/static/images/template-sets/paynewest/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.paynewest.com/static/images/template-sets/paynewest/index-hero.png?1657289854
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ed14a23eb221a34e9433f7114c239f5216d9ef6a82ff00a61abcc2a6714337cc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:27 GMT
server
Apache
etag
"19d16a-5f0fd3acd07a9"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
1692010
x-xss-protection
1; mode=block
k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
fonts.gstatic.com/s/archivo/v18/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/archivo/v18/k3kPo8UDI-1M0wlSV9XAw6lQkqWY8Q82sLydOxI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
68c831b3324ca6fea43d48681ac2b9338b794ecdb60ff7fa7059a997d4007604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://partner.paynewest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 16:42:52 GMT
x-content-type-options
nosniff
age
95526
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31516
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 19:34:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jan 2024 16:42:52 GMT
maze.png
partner.paynewest.com/static/images/template-sets/paynewest/ 		468 KB
469 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.paynewest.com/static/images/template-sets/paynewest/maze.png?1657289854
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
0f6da078181ec02a264b5aeb37ed248ef5e40b51765e8684f31f5a70a6537641
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:25:16 GMT
server
Apache
etag
"74f2e-5f0fd4877d3c0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
479022
x-xss-protection
1; mode=block
ProximaNova-Bold.ttf
partner.paynewest.com/static/fonts/jaguar/ttf/ 		87 KB
88 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://partner.paynewest.com/static/fonts/jaguar/ttf/ProximaNova-Bold.ttf
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.172.173.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-172-173-44.compute-1.amazonaws.com
Software
Apache /
Resource Hash
85e039a585eae5723473d6d4fbd575cd6ac6dddfe5a5ab43b70579d69b60caf4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://partner.paynewest.com/static/stylesheets/template-sets/paynewest-base/index.css
Origin
https://partner.paynewest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'; upgrade-insecure-requests;
last-modified
Thu, 29 Dec 2022 20:21:25 GMT
server
Apache
etag
"15c74-5f0fd3ab132a6"
x-frame-options
SAMEORIGIN
content-type
application/font-sfnt
cache-control
private, max-age=86400
accept-ranges
bytes
content-length
89204
x-xss-protection
1; mode=block
tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXw.woff2
fonts.gstatic.com/s/archivonarrow/v28/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/archivonarrow/v28/tss0ApVBdCYD5Q7hcxTE1ArZ0bbwiXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Archivo+Narrow:wght@400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75a06255783cd39b9a9f24cd51d3a9c0ee78b535636b8dfca075a8e519416937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://partner.paynewest.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Thu, 19 Jan 2023 21:05:12 GMT
x-content-type-options
nosniff
age
425386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17508
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 18:00:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jan 2024 21:05:12 GMT
truncated
/ 		34 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/gif
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 24 Jan 2023 19:14:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27859
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
vlPjtZwk6c2hWCRTIYQGBVH2PHXgEUpivd2pyETtPAiowBVj5c2U0pYFhv1Nu4448w98hiif5FcQsCSNtkz42A==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
serverComponent.php
nexus.ensighten.com/choozle/6784/ 		407 B
710 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/6784/serverComponent.php?r=9013.438622676887&ClientID=923&PageID=https%3A%2F%2Fpartner.paynewest.com%2F
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/6784/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-72.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e5eedd5394ab0f46c613d16d23fa13ee5b6e0aa3aa6af7dc9900977b7b51efaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:14:59 GMT
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
content-length
407
x-amz-cf-id
4KamnuuUSpZsvRuvZ8aD3iWpLs1WUkaVq449sYo05Zjxj1VN7Hqg1w==
expires
Tue, 24 Jan 2023 19:14:58 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-92545998-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Jan 2023 18:21:44 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3195
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20085
expires
Tue, 24 Jan 2023 20:21:44 GMT
24df353f4f799a7289de6fea6cfa7ae3.js
nexus.ensighten.com/choozle/6784/code/ 		799 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/6784/code/24df353f4f799a7289de6fea6cfa7ae3.js?conditionId0=421905
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/6784/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5907f5afebdcdc19988b353d3cf27ab115aa5853c46742be2bc2057ad29d032f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 24 Jan 2023 19:15:00 GMT
x-amz-version-id
cLaDf3iL.xo.GzAkTVJypgW64rF7djy2
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
last-modified
Thu, 12 Aug 2021 22:21:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"fb88c1c470549007fa27a55a5792852f"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
799
x-amz-cf-id
uFZYR1fwevJ2e8VoVLKTe2SkYilH53kCCcO60llC_NYzuk2smwVppg==
9bd9e807f3648707fa534bf40950bcdf.js
nexus.ensighten.com/choozle/6784/code/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/choozle/6784/code/9bd9e807f3648707fa534bf40950bcdf.js?conditionId0=4822376&conditionId1=4822346
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/6784/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-72.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77247a540e9a2e6057238feaf2595c128e4efa01b451c98bdae47006e1a17465

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 23 Jan 2023 06:06:44 GMT
x-amz-version-id
RYXg3t9UyjwQ9o_OcZhk736ym_IMkAaq
content-encoding
gzip
via
1.1 6165dcc1fdf84ac65e8204c05709f1ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
133695
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 12 Aug 2021 22:21:28 GMT
server
AmazonS3
etag
W/"f9933ddc928a6ec3cfbc919c54f63f51"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
1qNzRPrR-ZjQ1h4MAgElfqwTjhN_PkyynmPnZntbXfoYB4kwVZZvcw==
365194407426103
connect.facebook.net/signals/config/ 		150 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/365194407426103?v=2.9.94&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
721ddb57af9c7e91cc151722c118af2d34b915db44cfd143aa666bba59a19a01
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 24 Jan 2023 19:14:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
IeYdlFTqyLly59xmRm1dRVZuURHS93p9LAhS761vMsISsADSbpJJGN1MXHp5mF/PPAzVrrcPPMp1AvHA1Gj6Qg==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
inferredevents.js
connect.facebook.net/signals/plugins/ 		72 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.94
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 24 Jan 2023 19:14:59 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
21972
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
TE6VTfMY0do+tvrM1LSPSt681S6l8I/j2+1EdCupKF1t6LRJZ/WMDFSbC1Eaof+9BMT+uyRCc2sa9Y/EOs+M7w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1431088781&t=pageview&_s=1&dl=https%3A%2F%2Fpartner.paynewest.com%2F&ul=en-us&de=UTF-8&dt=PayneWest%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1412206233&gjid=474059322&cid=1349193868.1674587699&tid=UA-92545998-1&_gid=1136449200.1674587699&_r=1&_slc=1&gtm=2ou1n0&z=374397780
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://partner.paynewest.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 24 Jan 2023 19:14:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://partner.paynewest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=365194407426103&ev=PageView&dl=https%3A%2F%2Fpartner.paynewest.com%2F&rl=&if=false&ts=1674587699318&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=28&fbp=fb.1.1674587699315.2137318624&it=1674587699084&coo=false&exp=b2&rqm=GET
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 24 Jan 2023 19:14:59 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
11701
cs.choozle.com/dp/chz/ 		35 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.choozle.com/dp/chz/11701?d=partner.paynewest.com&cb=5853476353
Requested by
Host: partner.paynewest.com
URL: https://partner.paynewest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.148.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-148-236.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://partner.paynewest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
35
Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		1 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-92545998-1&cid=1349193868.1674587699&jid=1412206233&gjid=474059322&_gid=1136449200.1674587699&_u=YEBAAUAAAAAAACAAI~&z=332853943
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://partner.paynewest.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 24 Jan 2023 19:14:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://partner.paynewest.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframe
d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/ Frame B4DB
Redirect Chain
  • https://insight.adsrvr.org/tags/v6sgpuv/2d1y2pp/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
133 B
658 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/choozle/6784/code/9bd9e807f3648707fa534bf40950bcdf.js?conditionId0=4822376&conditionId1=4822346
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.205.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-205-113.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc566b627ce2f3c3f3df65710317f6c704cd4ecfdb8d423ed1900c45edeb7fcd

Request headers

Referer
https://partner.paynewest.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
133
Content-Type
text/html
Date
Tue, 24 Jan 2023 19:15:01 GMT
ETag
"e4b425383a5f2ddfdc98a1279549ec90"
Last-Modified
Sat, 02 Oct 2021 00:00:18 GMT
Server
AmazonS3
Via
1.1 73f3a23156999272233949c078c30858.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dNOLc4psax3zbG6lC3_Xk8cJdC-XwL3I31-5PPpMr8yoivbRvoN0ZA==
X-Amz-Cf-Pop
FRA53-C1
X-Cache
RefreshHit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
183
content-type
text/html; charset=UTF-8
date
Tue, 24 Jan 2023 19:14:59 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
/
insight.adsrvr.org/track/evnt/ Frame B4DB 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=v6sgpuv&ct=0:2d1y2pp&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/v6sgpuv/2d1y2pp/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 24 Jan 2023 19:15:00 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| html5 object| Modernizr function| gtag object| dataLayer function| $ function| jQuery object| Foundation object| mySVGsToInject string| css_browser_selector_ns object| html function| css_browser_selector object| ensBootstraps object| Bootstrapper function| fbq function| _fbq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

8 Cookies

Domain/Path Name / Value
.paynewest.com/ Name: session_id
Value: ae2bfd12-554e-4667-e2f5-2941fdb639b4
.paynewest.com/ Name: mdrfc
Value: paynewest-organic
.paynewest.com/ Name: template_set
Value: paynewest-base
.paynewest.com/ Name: tracking_codes
Value: web
.paynewest.com/ Name: _ga
Value: GA1.2.1349193868.1674587699
.paynewest.com/ Name: _gid
Value: GA1.2.1136449200.1674587699
.paynewest.com/ Name: _gat_gtag_UA_92545998_1
Value: 1
.paynewest.com/ Name: _fbp
Value: fb.1.1674587699315.2137318624

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
cs.choozle.com
d1eoo1tco6rr5e.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
nexus.ensighten.com
partner.paynewest.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
143.204.205.113
15.197.193.217
2a00:1450:400d:805::200a
2a00:1450:400d:80a::2003
2a00:1450:400d:80c::2008
2a00:1450:400d:80d::200e
2a00:1450:4025:401::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.172.148.236
54.172.173.44
65.9.66.72
0f6da078181ec02a264b5aeb37ed248ef5e40b51765e8684f31f5a70a6537641
1b97de2f84b1da3c65b47e3e5025583919d4707603716006a1cb8ac9d0bf94cc
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2012dcca80a96212c828cea503c4d99b9630ce483981e6e9ab8b0297daf05516
22119010940d813140fa75191d3db6e5650b11617c5971090345e3cffea1db6c
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
331e28331399f0bb400e8fe8e3c1100050817871865395b84ad59bbc30eb74bb
3c2997fb6f5ef453dcb7e989a8e4aeefc0651ffe91d3fc0cb85b3b70d8f25a0c
3d7d56eddba326a173d8750a43d330a6dabb4162b0f684958d9eb654a081fa58
452d9d2dbfcd0a8eacfea5815028b610ee3896cb70d338d41d9407ce88050a55
47ee18b63cddcbd2729885b6477280b5d31e16d8586d9527da2c5477c20c9d62
574819c3d95e592151e8ad51ab8080219496a3175e5a735dd006fbed744e46aa
5849e07d0d6cbb144829b98da75fda4a8eb3fc2b5749d48cc94bb170db54859a
5907f5afebdcdc19988b353d3cf27ab115aa5853c46742be2bc2057ad29d032f
5966e46f1733f41a387b3813d25e6ae985c452c9c0603e5c68040a66354b5b7e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f
64aa0e3eea8da9c03f1d590839e2447c6857ec66aa4b76f38d5e1332ac7026f4
68c831b3324ca6fea43d48681ac2b9338b794ecdb60ff7fa7059a997d4007604
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e979d18c7df292cde08db08d79e8a1c86cbe77ecd0beaf7adb4fe6bd93a099d
721ddb57af9c7e91cc151722c118af2d34b915db44cfd143aa666bba59a19a01
75a06255783cd39b9a9f24cd51d3a9c0ee78b535636b8dfca075a8e519416937
77247a540e9a2e6057238feaf2595c128e4efa01b451c98bdae47006e1a17465
78f515220a1ccefff4e4392b39e01d1f4dd700b0e2512040da9ded02abe5c922
7dfc3ef73c1284c7aff3c5cdac3812d212c8b899037d7860c8ba20a1defb9a7f
85e039a585eae5723473d6d4fbd575cd6ac6dddfe5a5ab43b70579d69b60caf4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9f7e65a3acb8f83dde736f93df9aaf573a27fde1b0c38b3301844b036b818290
a273285d6589ce696e89df6a6b76260cae524fd5aa943e3fd9c07b028e9491c3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
bc68ff3a9dcabdcc3032e37e7a7af6b9946c4123800810cce3339c8e0e3e0fa7
cef0a473ee23e3e911b8f315cc4e62bdfbff0bbc437b26625c18af2e4ea22617
dc566b627ce2f3c3f3df65710317f6c704cd4ecfdb8d423ed1900c45edeb7fcd
e3752cae7a214e9df58315a35bf3e3d02b8dc086ea047e9bfdd119fcefa76234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5eedd5394ab0f46c613d16d23fa13ee5b6e0aa3aa6af7dc9900977b7b51efaf
ed14a23eb221a34e9433f7114c239f5216d9ef6a82ff00a61abcc2a6714337cc
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0