urlscan.io logo urlscan.io
SecurityTrails logo

campaigns.payback.in Open in urlscan Pro
84.16.234.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1kx.in/DSXNn602fw2
Effective URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credi...
Submission: On August 26 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 18 domains to perform 36 HTTP transactions. The main IP is 84.16.234.4, located in Germany and belongs to LEASEWEB-DE-FRA-10, DE. The main domain is campaigns.payback.in.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on December 15th 2017. Valid for: 3 years.
This is the only time campaigns.payback.in was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 103.250.30.30 132781 (UNICEL-AS...)
7 84.16.234.4 28753 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 172.217.16.194 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 159.65.153.72 14061 (DIGITALOC...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 216.58.207.66 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a05:f500:10:... 14413 (LINKEDIN)
1 1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
3 88.99.67.90 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
36 21
1    103.250.30.30 (India)

ASN132781 (UNICEL-AS Unicel Technologies Pvt Ltd, IN)
1kx.in
7    84.16.234.4 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
campaigns.payback.in
1    2a00:1450:4001:820::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:26f0:6c00:291::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
s.go-mpulse.net
686eb704.akstat.io
3    159.65.153.72 (Bengaluru, India)

ASN14061 (DIGITALOCEAN-ASN, US)
cdn-jp.gsecondscreen.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    216.58.207.66 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s25-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a02:26f0:10c:382::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
snap.licdn.com
1    2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
c.go-mpulse.net
1    2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a05:f500:10:101::b93f:9105 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin.com
1    2a00:1450:4001:824::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:81d::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
xds.gsecondscreen.com
3    88.99.67.90 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: js4dc10.gamooga.com
evbk.gamooga.com
1    2a00:1450:4001:817::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ae.gsecondscreen.com
Domain Requested by
7 campaigns.payback.in campaigns.payback.in
3 evbk.gamooga.com cdn-jp.gsecondscreen.com
campaigns.payback.in
3 cdn-jp.gsecondscreen.com campaigns.payback.in
cdn-jp.gsecondscreen.com
2 www.facebook.com campaigns.payback.in
2 px.ads.linkedin.com 1 redirects campaigns.payback.in
2 www.google.de campaigns.payback.in
2 www.google.com 1 redirects campaigns.payback.in
2 connect.facebook.net campaigns.payback.in
connect.facebook.net
2 www.google-analytics.com 1 redirects www.googletagmanager.com
2 ssl.google-analytics.com campaigns.payback.in
1 686eb704.akstat.io s.go-mpulse.net
1 ae.gsecondscreen.com cdn-jp.gsecondscreen.com
1 xds.gsecondscreen.com cdn-jp.gsecondscreen.com
1 www.linkedin.com 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 c.go-mpulse.net s.go-mpulse.net
1 snap.licdn.com campaigns.payback.in
1 securepubads.g.doubleclick.net www.googletagservices.com
1 stats.g.doubleclick.net 1 redirects
1 s.go-mpulse.net campaigns.payback.in
1 www.googletagservices.com www.googletagmanager.com
1 fonts.googleapis.com campaigns.payback.in
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com campaigns.payback.in
1 1kx.in 1 redirects
36 25

This site contains no links.

Subject Issuer Validity Valid
*.payback.in
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2020-12-23		 3 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
akstat.io
DigiCert Secure Site ECC CA-1		 2020-05-06 -
2021-08-05		 a year crt.sh
*.gsecondscreen.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-21 -
2022-02-25		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2020-08-05 -
2021-02-05		 6 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-08-11 -
2020-11-03		 3 months crt.sh
*.gamooga.com
Sectigo RSA Domain Validation Secure Server CA		 2020-02-21 -
2022-02-27		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Frame ID: 12E7B3681E6250CA3821A650E2DDEE11
Requests: 33 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/UMU92-J4N5Z-8GYRY-Z69CP-KSHVP
Frame ID: 2F67585A65F221FCCE48812F6BAC16CD
Requests: 2 HTTP requests in this frame

Frame: https://xds.gsecondscreen.com/xds2/
Frame ID: 987EA73083C6929099DA12805C064DFB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1kx.in/DSXNn602fw2 HTTP 302
    https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

36
Requests

100 %
HTTPS

76 %
IPv6

18
Domains

25
Subdomains

21
IPs

6
Countries

665 kB
Transfer

1817 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1kx.in/DSXNn602fw2 HTTP 302
    https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1823745741&t=pageview&_s=1&dl=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&ul=en-us&de=UTF-8&dt=Landing%20page&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=111930629.62125817.1598423795.1598423795.1598423795.1&_utmz=111930629.1598423795.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1598423795432&_u=YQBCAEAB~&jid=1997394528&gjid=1056394957&cid=62125817.1598423795&tid=UA-24162196-5&_gid=562374341.1598423795&_r=1&gtm=2wg8c05TB5DW2&z=2078077584 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24162196-5&cid=62125817.1598423795&jid=1997394528&_gid=562374341.1598423795&gjid=1056394957&_v=j83&z=2078077584 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24162196-5&cid=62125817.1598423795&jid=1997394528&_v=j83&z=2078077584 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24162196-5&cid=62125817.1598423795&jid=1997394528&_v=j83&z=2078077584&slf_rd=1&random=3706112989
Request Chain 22
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=494066&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&time=1598423795513 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D494066%26url%3Dhttps%253A%252F%252Fcampaigns.payback.in%252Fpb%252Foct2019%252Fpaybackchalao%252Findex.php%253Femail%253DSMS%2526mobile%253D919445693735%2526camp_id%253DPBI000001388_TG01_Credit-200%2526lcn%253D9401165555707006%26time%3D1598423795513%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=494066&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&time=1598423795513&liSync=true

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set index.php
campaigns.payback.in/pb/oct2019/paybackchalao/
Redirect Chain
  • http://1kx.in/DSXNn602fw2
  • https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.16.234.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.1 / PHP/5.4.16
Resource Hash
bf7a4aa4839ae17de4e638b0da029caeab6af005ce9cab7b6a0558b5b3c38966

Request headers

Host
campaigns.payback.in
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.16.1
Date
Wed, 26 Aug 2020 06:36:35 GMT
Content-Type
text/html
Transfer-Encoding
chunked
X-Powered-By
PHP/5.4.16
Set-Cookie
PHPSESSID=d5bf45i1rg0lsgubcubbsoc0o1; path=/ SERVERID=web1; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma
no-cache

Redirect headers

Server
Apache-Coyote/1.1
Location
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Content-Length
0
Date
Wed, 26 Aug 2020 06:36:33 GMT
style.css
campaigns.payback.in/pb/oct2019/paybackchalao/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://campaigns.payback.in/pb/oct2019/paybackchalao/css/style.css
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.16.234.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.1 /
Resource Hash
be5136fc3e10998329c9332f648818ee0ec9f11ee94bc41ec93a3b14af5b2bc3

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Last-Modified
Wed, 05 Feb 2020 06:04:06 GMT
Server
nginx/1.16.1
Accept-Ranges
bytes
ETag
"5e3a5ad6-1605"
Content-Length
5637
Content-Type
text/css
logo_new01.jpg
campaigns.payback.in/pb/oct2019/paybackchalao/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns.payback.in/pb/oct2019/paybackchalao/images/logo_new01.jpg
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.16.234.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.1 /
Resource Hash
e8727280a7fe6211207b618af70f400a2f7f841d869fddc103d8817797705e38

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Last-Modified
Wed, 25 Sep 2019 08:59:06 GMT
Server
nginx/1.16.1
Accept-Ranges
bytes
ETag
"5d8b2c5a-1794"
Content-Length
6036
Content-Type
image/jpeg
green_200_web1.jpg
campaigns.payback.in/pb/oct2019/paybackchalao/images/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns.payback.in/pb/oct2019/paybackchalao/images/green_200_web1.jpg
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.16.234.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.1 /
Resource Hash
48e3d04c5c1a158339f11c022e67e3aca17bd0a48dea2432fc70182903325f17

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Last-Modified
Mon, 17 Feb 2020 07:35:12 GMT
Server
nginx/1.16.1
Accept-Ranges
bytes
ETag
"5e4a4230-f505"
Content-Length
62725
Content-Type
image/jpeg
green_200_mob1.jpg
campaigns.payback.in/pb/oct2019/paybackchalao/images/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://campaigns.payback.in/pb/oct2019/paybackchalao/images/green_200_mob1.jpg
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.16.234.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.1 /
Resource Hash
bb062c296fa94aff885f7e92925a500127f71bfe8eee7f470019a7174dab924a

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Last-Modified
Mon, 17 Feb 2020 07:33:56 GMT
Server
nginx/1.16.1
Accept-Ranges
bytes
ETag
"5e4a41e4-c7e2"
Content-Length
51170
Content-Type
image/jpeg
gtm.js
www.googletagmanager.com/ 		210 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5TB5DW2
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
af7fd18940b45f57b8e2c33f3576c8328f45ad1b352ef1af01f24f8c9e48fe74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:35 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51148
x-xss-protection
0
last-modified
Wed, 26 Aug 2020 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 26 Aug 2020 06:36:35 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
1127
date
Wed, 26 Aug 2020 06:17:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 26 Aug 2020 08:17:48 GMT
payback_regular_0-webfont.woff2
campaigns.payback.in/pb/oct2019/paybackchalao/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://campaigns.payback.in/pb/oct2019/paybackchalao/fonts/payback_regular_0-webfont.woff2
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.16.234.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

Origin
https://campaigns.payback.in
Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Last-Modified
Fri, 26 Jul 2019 08:29:12 GMT
Server
nginx/1.16.1
Accept-Ranges
bytes
ETag
"5d3ab9d8-743c"
Content-Length
29756
Content-Type
font/woff2
__utm.gif
ssl.google-analytics.com/r/ 		35 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1622987396&utmhn=campaigns.payback.in&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Landing%20page&utmhid=1823745741&utmr=-&utmp=%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&utmht=1598423795375&utmac=UA-26929511-1&utmcc=__utma%3D111930629.62125817.1598423795.1598423795.1598423795.1%3B%2B__utmz%3D111930629.1598423795.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1311497055&utmredir=1&utmu=qhAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 06:36:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TB5DW2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f2.1e100.net
Software
cafe /
Resource Hash
509bc86c3091dae312dbaa4d1f3aa0d23d1e36658c4c740f133979e943467f87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11322
x-xss-protection
0
server
cafe
etag
12800975097695341278
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 26 Aug 2020 06:36:35 GMT
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TB5DW2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
4855
date
Wed, 26 Aug 2020 05:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Wed, 26 Aug 2020 07:15:40 GMT
css
fonts.googleapis.com/ 		2 KB
573 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bree+Serif|Merienda
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2200dc1dc2672da70af4909cbbb82c228e94800ba1866a73313eeb2d17d1a3a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Aug 2020 06:36:35 GMT
server
ESF
date
Wed, 26 Aug 2020 06:36:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Aug 2020 06:36:35 GMT
gpt.js
www.googletagservices.com/tag/js/ 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5TB5DW2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aceccb20c838128f1292c8dac200156813e1ea0fdf632d29c9ae6da65e3d479e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"613 / 680 of 1000 / last-modified: 1598393454"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
18609
x-xss-protection
0
expires
Wed, 26 Aug 2020 06:36:35 GMT
UMU92-J4N5Z-8GYRY-Z69CP-KSHVP
s.go-mpulse.net/boomerang/ Frame 2F67 		155 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.go-mpulse.net/boomerang/UMU92-J4N5Z-8GYRY-Z69CP-KSHVP
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:291::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
8480446e5e20ccd3b4685bbf81b7e1f0dce0f8dd0c51c0f6eabd9febd0345092

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:35 GMT
content-encoding
br
last-modified
Thu, 20 Aug 2020 03:51:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=604800
timing-allow-origin
*
content-length
39823
ta.min.js
cdn-jp.gsecondscreen.com/static/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-jp.gsecondscreen.com/static/ta.min.js
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.65.153.72 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
0b73a6e19604f77c2c2fddff5803673aebb236cabf539c9c5352929c25be9246

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Content-Encoding
gzip
Last-Modified
Fri, 10 Jul 2020 12:59:29 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
W/"5f086631-eb5b"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 26 Aug 2020 07:09:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
Cr0kP9WIGK510NBo46CGx3NBLuo9AxKRyTgJhez64QGa0R1mjQlQw0AaVK9rncTmr3JN83Aul0ZRMPUj9UT2uw==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 26 Aug 2020 06:36:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
payback_light-webfont.woff2
campaigns.payback.in/pb/oct2019/paybackchalao/fonts/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://campaigns.payback.in/pb/oct2019/paybackchalao/fonts/payback_light-webfont.woff2
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.16.234.4 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx/1.16.1 /
Resource Hash

Request headers

Origin
https://campaigns.payback.in
Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Last-Modified
Fri, 26 Jul 2019 08:29:12 GMT
Server
nginx/1.16.1
Accept-Ranges
bytes
ETag
"5d3ab9d8-7264"
Content-Length
29284
Content-Type
font/woff2
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1823745741&t=pageview&_s=1&dl=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D91944569...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-24162196-5&cid=62125817.1598423795&jid=1997394528&_gid=562374341.1598423795&gjid=1056394957&_v=j83&z=2078077584
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24162196-5&cid=62125817.1598423795&jid=1997394528&_v=j83&z=2078077584
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24162196-5&cid=62125817.1598423795&jid=1997394528&_v=j83&z=2078077584&slf_rd=1&random=3706112989
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24162196-5&cid=62125817.1598423795&jid=1997394528&_v=j83&z=2078077584&slf_rd=1&random=3706112989
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 06:36:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 26 Aug 2020 06:36:35 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-24162196-5&cid=62125817.1598423795&jid=1997394528&_v=j83&z=2078077584&slf_rd=1&random=3706112989
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
217703465263582
connect.facebook.net/signals/config/ 		524 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/217703465263582?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
628e1861893de46047077fb196b39579e0ddc5f397c150f8740eebfa3449c3b2
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
vD54nOTDGBE4rBjrs9iw2/B6AvNFXIoAG6SUdG3UiKz7wVdefzAz5qsoWiUkNk/luFh4Z7Ju89g/chSFJrmf9A==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Wed, 26 Aug 2020 06:36:35 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl_2020082001.js
securepubads.g.doubleclick.net/gpt/ 		258 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020082001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.207.66 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s25-in-f2.1e100.net
Software
sffe /
Resource Hash
8be8c0daa0cf8dce34bd0fd8a255ec5a4df53131e6ecdfbf1890be9c407098e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Aug 2020 08:39:59 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
92724
x-xss-protection
0
expires
Wed, 26 Aug 2020 06:36:35 GMT
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:382::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=14630
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
config.json
c.go-mpulse.net/api/ Frame 2F67 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.go-mpulse.net/api/config.json?key=UMU92-J4N5Z-8GYRY-Z69CP-KSHVP&d=campaigns.payback.in&t=5328079&v=1.500.0&if=&sl=0&si=sl9jjcc1jge-NaN&plugins=ConfigOverride,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,LOGN&acao=
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/UMU92-J4N5Z-8GYRY-Z69CP-KSHVP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
127b4ace10bacecb4255526b6c8aa17bda50dcc9ce01a46687fb9ec2dbd2ed78

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1345
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/873968447/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/873968447/?random=1598423795510&cv=9&fst=1598423795510&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&tiba=Landing%20page&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
df2ffedaf005d93ed6cfce35cc9abe6a5503e4143affb9db02e9af6085b87911
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 06:36:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1096
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=494066&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI0000...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D494066%26url%3Dhttps%253A%252F%252Fcampaigns.payback.in%252Fpb%252Foct2019%252Fpa...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=494066&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI0000...
0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=494066&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&time=1598423795513&liSync=true
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:35 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lva1
status
200
x-li-proto
http/2
x-li-pop
prod-efr5
content-type
application/javascript
content-length
0
x-li-uuid
wbg+Mvm9LhagbggEQysAAA==

Redirect headers

content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options
nosniff
linkedin-action
1
status
302
content-length
0
x-li-uuid
IZ5WLvm9LhZAu0MDzyoAAA==
pragma
no-cache
x-li-pop
afd-prod-edc2
x-msedge-ref
Ref A: CDD5F96C02DE48D1B8DDD2AFCD468DDC Ref B: FRAEDGE0909 Ref C: 2020-08-26T06:36:35Z
x-frame-options
sameorigin
date
Wed, 26 Aug 2020 06:36:34 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=2592000
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=494066&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&time=1598423795513&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/873968447/ 		42 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/873968447/?random=1598423795510&cv=9&fst=1598421600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&frm=0&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&tiba=Landing%20page&async=1&fmt=3&is_vtc=1&random=2626297225&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 06:36:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/873968447/ 		42 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/873968447/?random=1598423795510&cv=9&fst=1598421600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&frm=0&url=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&tiba=Landing%20page&async=1&fmt=3&is_vtc=1&random=2626297225&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/2+QUIC/46
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 06:36:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=217703465263582&ev=PageView&dl=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&rl=&if=false&ts=1598423795581&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1598423795580.1929903475&it=1598423795465&coo=false&rqm=GET
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:35 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 26 Aug 2020 06:36:35 GMT
jquery-noamd.min.js
cdn-jp.gsecondscreen.com/static/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-jp.gsecondscreen.com/static/jquery-noamd.min.js
Requested by
Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/ta.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.65.153.72 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e1cde1cfc7df2afcb9cd0a364f043a51eca868973ca6077b4d2b80d1945ffbe7

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 15 Dec 2015 21:13:43 GMT
Server
nginx/1.10.3 (Ubuntu)
ETag
W/"56708287-17214"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Wed, 26 Aug 2020 07:09:47 GMT
/
xds.gsecondscreen.com/xds2/ Frame 987E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://xds.gsecondscreen.com/xds2/
Requested by
Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/ta.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash

Request headers

:method
GET
:authority
xds.gsecondscreen.com
:scheme
https
:path
/xds2/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006

Response headers

status
200
date
Wed, 26 Aug 2020 05:45:04 GMT
expires
Wed, 26 Aug 2020 06:45:04 GMT
etag
"4Fq9Gg"
x-cloud-trace-context
c8d85a75c5c6ffeb982e3f6ff32e9e62
content-type
text/html
content-encoding
gzip
server
Google Frontend
content-length
869
age
3092
cache-control
public, max-age=3600
/
cdn-jp.gsecondscreen.com/newconf/4982abc5-4607-4aa6-a9a4-5bd97bf583a2/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-jp.gsecondscreen.com/newconf/4982abc5-4607-4aa6-a9a4-5bd97bf583a2/?callback=_ta_on_conf&_=1598423796299
Requested by
Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/jquery-noamd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.65.153.72 Bengaluru, India, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1dbb9853682e1fc5a796325dea8ecb351362d2c0c73547bb4ddc5e5a99362e50
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 26 Aug 2020 06:36:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, Cookie
Server
nginx/1.10.3 (Ubuntu)
X-Frame-Options
DENY
Content-Type
text/javascript
Cache-Control
max-age=15
Transfer-Encoding
chunked
Connection
keep-alive
/
evbk.gamooga.com/nv/ 		29 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://evbk.gamooga.com/nv/?callback=_ta_on_nv&_=1598423796454
Requested by
Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/jquery-noamd.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.67.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
js4dc10.gamooga.com
Software
/
Resource Hash
2e01d7084947b89b37f5105b6e890a41752a6007f33b254800ba6f5fcad90b68

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Aug 2020 06:36:36 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Expires
-1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/javascript
/
ae.gsecondscreen.com/vi/ 		158 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ae.gsecondscreen.com/vi/?callback=_ss_on_ajax_vi&_=1598423796455
Requested by
Host: cdn-jp.gsecondscreen.com
URL: https://cdn-jp.gsecondscreen.com/static/jquery-noamd.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
3ce959610ae36e5ffde7acd35776be6d0fffc9d07cb26e078985fad3e476fcd9

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:36 GMT
content-encoding
gzip
server
Google Frontend
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
status
200
x-cloud-trace-context
ba1b5b3b06f92a77ef461ebf1d516b3f
cache-control
no-cache
content-length
160
/
evbk.gamooga.com/mev/ 		2 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evbk.gamooga.com/mev/?c=4982abc5-4607-4aa6-a9a4-5bd97bf583a2&v=qcyTOgzdhSivoSP1&s=fqldr6bv0h&t=1fx&z=159842379663988&data=WyJzdGFydGVkIHNlc3Npb24iLHsibG9jYXRpb24iOiJSb3R0ZW5idXJnIC0gQmFkZW4tV3VydHRlbWJlcmcsIEdlcm1hbnkiLCJJUCI6IjJhMDE6NGY4OjE5Mjo1NDE0OjoyIiwiYnJvd3NlciI6IkNocm9tZSA4My4wLjQxMDMiLCJPUyI6Ik1hYyBPUyBYIDEwLjE0LjUiLCJyZWZlcnJlciI6Iihub25lKSIsInJlcGVhdCI6ZmFsc2UsImRvbWFpbiI6ImNhbXBhaWducy5wYXliYWNrLmluIiwiYmFzZSBPUyI6Ik1hYyBPUyBYIiwiYmFzZSBicm93c2VyIjoiQ2hyb21lIiwiY291bnRyeSI6Ikdlcm1hbnkiLCJ1dG0gY2FtcGFpZ24iOiIobm9uZSkiLCJ1dG0gbWVkaXVtIjoiZGlyZWN0IC8gb3JnYW5pYyIsInV0bSBzb3VyY2UiOiIobm9uZSkiLCJ1dG0gdGVybSI6Iihub25lKSIsImZyb21fbW9iaWxlIjpmYWxzZX1d
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.67.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
js4dc10.gamooga.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Aug 2020 06:36:36 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Expires
-1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
/
evbk.gamooga.com/mev/ 		2 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://evbk.gamooga.com/mev/?c=4982abc5-4607-4aa6-a9a4-5bd97bf583a2&v=qcyTOgzdhSivoSP1&s=fqldr6bv0h&t=1fx&z=15984237966418253&data=WyJ2aXNpdGVkIHBhZ2UiLHsidGl0bGUiOiJMYW5kaW5nIHBhZ2UiLCJ1cmwiOiIvcGIvb2N0MjAxOS9wYXliYWNrY2hhbGFvL2luZGV4LnBocD9lbWFpbD1TTVMmbW9iaWxlPTkxOTQ0NTY5MzczNSZjYW1wX2lkPVBCSTAwMDAwMTM4OF9URzAxX0NyZWRpdC0yMDAmbGNuPTk0MDExNjU1NTU3MDcwMDYiLCJmcm9tX3BhZ2UiOiIobm9uZSkifV0=
Requested by
Host: campaigns.payback.in
URL: https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
88.99.67.90 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
js4dc10.gamooga.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Aug 2020 06:36:36 GMT
Cache-Control
private, no-cache, no-store, must-revalidate
Expires
-1
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
/
686eb704.akstat.io/ 		0
205 B 		Other
General
Check archive.org
Download Go to
Full URL
https://686eb704.akstat.io/
Requested by
Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/UMU92-J4N5Z-8GYRY-Z69CP-KSHVP
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:6c00:291::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 26 Aug 2020 06:36:36 GMT
status
204
content-type
image/gif
access-control-allow-origin
https://campaigns.payback.in
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
0
expires
Wed, 26 Aug 2020 06:36:36 GMT
/
www.facebook.com/tr/ 		44 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=217703465263582&ev=Microdata&dl=https%3A%2F%2Fcampaigns.payback.in%2Fpb%2Foct2019%2Fpaybackchalao%2Findex.php%3Femail%3DSMS%26mobile%3D919445693735%26camp_id%3DPBI000001388_TG01_Credit-200%26lcn%3D9401165555707006&rl=&if=false&ts=1598423797085&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Landing%20page%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.23&r=stable&ec=1&o=30&fbp=fb.1.1598423797084.1076427089&it=1598423795465&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://campaigns.payback.in/pb/oct2019/paybackchalao/index.php?email=SMS&mobile=919445693735&camp_id=PBI000001388_TG01_Credit-200&lcn=9401165555707006
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 26 Aug 2020 06:36:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 26 Aug 2020 06:36:37 GMT

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| dataLayer object| _gaq object| _gat object| gaGlobal object| google_tag_manager function| postscribe object| google_tag_data string| GoogleAnalyticsObject function| ga object| crlink object| appmetalink object| metalink object| link2 function| navigateToLinkTarget number| BOOMR_lstart object| _taq function| fbq function| _fbq object| gaplugins object| gaData object| googletag object| ggeac object| googleToken object| googleIMState object| google_js_reporting_queue string| _linkedin_partner_id object| _linkedin_data_partner_ids object| BOOMR object| BOOMR_mq function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| lintrk boolean| _already_called_lintrk number| BOOMR_configt function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| SecondScreenUtils string| FCM_WPP_PREFIX string| FCM_ENDPOINT_PREFIX string| GCM_ENDPOINT_PREFIX undefined| $ undefined| jQuery undefined| _ta_on_conf string| path string| sear_path function| show_wp_request function| hide_wp_request number| count undefined| idleTime undefined| idleInterval function| timerIncrement function| lead_test function| initiate_aggregation undefined| _ta_on_nv undefined| _ss_on_ajax_vi number| BOOMR_onload undefined| tvc_cardno object| tvc_cookie string| tvc_current_page undefined| tvc_prev_page

13 Cookies

Domain/Path Name / Value
.payback.in/ Name: RT
Value: "sl=1&ss=1598423794283&tt=2417&obo=0&bcn=%2F%2F686eb704.akstat.io%2F&sh=1598423796708%3D1%3A0%3A2417&dm=payback.in&si=2c9d2af3-51f2-435b-8d74-b41dc6337963&ld=1598423796708"
.payback.in/ Name: _fbp
Value: fb.1.1598423795580.1929903475
.payback.in/ Name: _gid
Value: GA1.2.562374341.1598423795
campaigns.payback.in/ Name: PHPSESSID
Value: d5bf45i1rg0lsgubcubbsoc0o1
campaigns.payback.in/ Name: SERVERID
Value: web1
.payback.in/ Name: __utma
Value: 111930629.62125817.1598423795.1598423795.1598423795.1
.payback.in/ Name: _ga
Value: GA1.2.62125817.1598423795
.payback.in/ Name: __utmb
Value: 111930629.1.10.1598423795
.payback.in/ Name: __utmt
Value: 1
.payback.in/ Name: __utmz
Value: 111930629.1598423795.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.payback.in/ Name: _gat_UA-24162196-5
Value: 1
.payback.in/ Name: __utmc
Value: 111930629
.payback.in/ Name: _gcl_au
Value: 1.1.1755505049.1598423795

1 Console Messages

Source Level URL
Text
console-api log (Line 34)
Message:
Regular permissions

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1kx.in
686eb704.akstat.io
ae.gsecondscreen.com
c.go-mpulse.net
campaigns.payback.in
cdn-jp.gsecondscreen.com
connect.facebook.net
evbk.gamooga.com
fonts.googleapis.com
googleads.g.doubleclick.net
px.ads.linkedin.com
s.go-mpulse.net
securepubads.g.doubleclick.net
snap.licdn.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
xds.gsecondscreen.com
103.250.30.30
159.65.153.72
172.217.16.194
216.58.207.66
2620:1ec:21::14
2a00:1450:4001:801::2008
2a00:1450:4001:801::200e
2a00:1450:4001:806::2003
2a00:1450:4001:809::2004
2a00:1450:4001:817::2002
2a00:1450:4001:817::200a
2a00:1450:4001:817::2013
2a00:1450:4001:81d::2013
2a00:1450:4001:820::2002
2a00:1450:4001:820::2008
2a00:1450:4001:824::2004
2a00:1450:400c:c06::9d
2a02:26f0:10c:382::25ea
2a02:26f0:6c00:192::11a6
2a02:26f0:6c00:291::11a6
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9105
84.16.234.4
88.99.67.90
0b73a6e19604f77c2c2fddff5803673aebb236cabf539c9c5352929c25be9246
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127b4ace10bacecb4255526b6c8aa17bda50dcc9ce01a46687fb9ec2dbd2ed78
1dbb9853682e1fc5a796325dea8ecb351362d2c0c73547bb4ddc5e5a99362e50
2200dc1dc2672da70af4909cbbb82c228e94800ba1866a73313eeb2d17d1a3a0
2e01d7084947b89b37f5105b6e890a41752a6007f33b254800ba6f5fcad90b68
3ce959610ae36e5ffde7acd35776be6d0fffc9d07cb26e078985fad3e476fcd9
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
48e3d04c5c1a158339f11c022e67e3aca17bd0a48dea2432fc70182903325f17
509bc86c3091dae312dbaa4d1f3aa0d23d1e36658c4c740f133979e943467f87
628e1861893de46047077fb196b39579e0ddc5f397c150f8740eebfa3449c3b2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8480446e5e20ccd3b4685bbf81b7e1f0dce0f8dd0c51c0f6eabd9febd0345092
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8be8c0daa0cf8dce34bd0fd8a255ec5a4df53131e6ecdfbf1890be9c407098e8
aceccb20c838128f1292c8dac200156813e1ea0fdf632d29c9ae6da65e3d479e
af7fd18940b45f57b8e2c33f3576c8328f45ad1b352ef1af01f24f8c9e48fe74
bb062c296fa94aff885f7e92925a500127f71bfe8eee7f470019a7174dab924a
be5136fc3e10998329c9332f648818ee0ec9f11ee94bc41ec93a3b14af5b2bc3
bf7a4aa4839ae17de4e638b0da029caeab6af005ce9cab7b6a0558b5b3c38966
df2ffedaf005d93ed6cfce35cc9abe6a5503e4143affb9db02e9af6085b87911
e1cde1cfc7df2afcb9cd0a364f043a51eca868973ca6077b4d2b80d1945ffbe7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8727280a7fe6211207b618af70f400a2f7f841d869fddc103d8817797705e38
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955