covidpayout.com Open in urlscan Pro
91.191.214.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.covidpayback.org/
Effective URL:
https://covidpayout.com/
Submission: On August 24 via api (August 24th 2023, 3:42:03 am UTC) from US — Scanned from US

Summary HTTP 109 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 1 countries across 19 domains to perform 109 HTTP transactions. The main IP is 91.191.214.162, located in Dallas, United States and belongs to HVC-AS, US. The main domain is covidpayout.com.
TLS certificate: Issued by R3 on August 1st 2023. Valid for: 3 months.

This is the only time covidpayout.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	192.200.102.246 192.200.102.246	53850 (GORILLASE...) (GORILLASERVERS)
1 44	91.191.214.162 91.191.214.162	29802 (HVC-AS) (HVC-AS)
4	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:821::2003	15169 (GOOGLE) (GOOGLE)
19	2606:4700:20:... 2606:4700:20::681a:6a8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:820::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:e76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:1400:d::... 2600:1400:d::1721:ee1b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3036::ac43:9b33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:991b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:7841	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:cd27	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cccc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:809::2008	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
109	21

2 192.200.102.246 (United States)

ASN53850 (GORILLASERVERS, US)
PTR: server004.webhostingpremium.com

www.covidpayback.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 91.191.214.162 (Dallas, United States) 1 redirects

ASN29802 (HVC-AS, US)
PTR: deca.startertc.com

www.covidpayout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
covidpayout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:821::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:20::681a:6a8 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.ertcexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ertcexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e76 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1400:d::1721:ee1b (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

acrobatservices.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3036::ac43:9b33 (United States)

ASN13335 (CLOUDFLARENET, US)

route.ertc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:991b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7841 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:cd27 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cccc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	covidpayout.com 1 redirects www.covidpayout.com covidpayout.com	920 KB
19	ertcexpress.com portal.ertcexpress.com cdn.ertcexpress.com	719 KB
12	gstatic.com fonts.gstatic.com	265 KB
7	ertc.com route.ertc.com	14 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45 maps.googleapis.com — Cisco Umbrella Rank: 379	68 KB
2	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2345	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	72 KB
2	adobe.com acrobatservices.adobe.com — Cisco Umbrella Rank: 405500	151 KB
2	covidpayback.org www.covidpayback.org	588 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	71 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3494	1 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3219	3 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2207	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2212	20 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2439	1 KB
109	19

	Domain	Requested by
43	covidpayout.com	www.covidpayback.org covidpayout.com
16	cdn.ertcexpress.com	portal.ertcexpress.com cdn.ertcexpress.com
12	fonts.gstatic.com	fonts.googleapis.com
7	route.ertc.com	portal.ertcexpress.com cdn.ertcexpress.com
4	fonts.googleapis.com	covidpayout.com portal.ertcexpress.com
3	portal.ertcexpress.com	covidpayout.com cdn.ertcexpress.com
2	track.hubspot.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	acrobatservices.adobe.com	portal.ertcexpress.com acrobatservices.adobe.com
2	maps.googleapis.com	portal.ertcexpress.com cdn.ertcexpress.com maps.googleapis.com
2	www.covidpayback.org	www.covidpayback.org
1	www.facebook.com
1	www.google.com	portal.ertcexpress.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	js.hsadspixel.net
1	api.hubapi.com	cdn.ertcexpress.com
1	js.hsadspixel.net	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	static.cloudflareinsights.com	portal.ertcexpress.com
1	js.hs-scripts.com	portal.ertcexpress.com
1	www.covidpayout.com	1 redirects
109	22

This site contains no links.

Subject Issuer	Validity	Valid
webdisk.covidpayback.org R3	`2023-07-24` - `2023-10-22`	3 months	crt.sh
*.covidpayout.com R3	`2023-08-01` - `2023-10-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-17`	a year	crt.sh
static.adobesigncdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-15` - `2024-04-14`	a year	crt.sh
ertc.com GTS CA 1P5	`2023-08-22` - `2023-11-20`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-02` - `2023-08-31`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://covidpayout.com/
Frame ID: 44FDA5CD760B9830EAFF8D321D9B35A4
Requests: 55 HTTP requests in this frame

Frame: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/
Frame ID: 2E14C934C9A41031C274AA9EBB29027E
Requests: 51 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Covid Payout – Covid 19 Relief for Businesses

Page URL History Show full URLs

https://www.covidpayback.org/ Page URL
https://www.covidpayout.com/ HTTP 301
https://covidpayout.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

96 %
HTTPS

90 %
IPv6

19
Domains

22
Subdomains

21
IPs

1
Countries

2338 kB
Transfer

7166 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.covidpayback.org/ Page URL
https://www.covidpayout.com/ HTTP 301
https://covidpayout.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

109 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
www.covidpayback.org/ 612 B
588 B 434ms
64ms Document
text/html 192.200.102.246
GORILLASERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covidpayback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.200.102.246 , United States, ASN53850 (GORILLASERVERS, US),
Reverse DNS: server004.webhostingpremium.com
Software: nginx /
Resource Hash: 48883de2cc804fe2686080ae4a7f8e986feb7df7ce43a0a41dd2be60435264ff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 278
content-type: text/html
date: Thu, 24 Aug 2023 03:41:54 GMT
last-modified: Mon, 24 Jul 2023 02:48:03 GMT
server: nginx
vary: Accept-Encoding

GET
H2 404 mdetect.js
www.covidpayback.org/ 0
0 65ms
63ms Script
text/html 192.200.102.246
GORILLASERVERS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.covidpayback.org/mdetect.js
Requested by: Host: www.covidpayback.org
URL: https://www.covidpayback.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.200.102.246 , United States, ASN53850 (GORILLASERVERS, US),
Reverse DNS: server004.webhostingpremium.com
Software: nginx /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.covidpayback.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:41:55 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: nginx
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 1238
content-type: text/html

GET
H/1.1

200
OK

Primary Request / Show response
covidpayout.com/
Redirect Chain

https://www.covidpayout.com/
https://covidpayout.com/

97 KB
19 KB

704ms
587ms

Document
text/html

91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/
Requested by: Host: www.covidpayback.org
URL: https://www.covidpayback.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: b0829bf9fc129fec8d82f42f250ea8c69d93e3268409517fafa4ec562d2751bc

Request headers

Referer: https://www.covidpayback.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 19171
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Aug 2023 03:41:56 GMT
Keep-Alive: timeout=3, max=100
Link: <https://covidpayout.com/index.php?rest_route=/>; rel="https://api.w.org/", <https://covidpayout.com/index.php?rest_route=/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://covidpayout.com/>; rel=shortlink
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Vary: Accept-Encoding
X-Pingback: https://covidpayout.com/xmlrpc.php

Redirect headers

Connection: Keep-Alive
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Thu, 24 Aug 2023 03:41:55 GMT
Keep-Alive: timeout=3, max=100
Location: https://covidpayout.com/
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
X-Pingback: https://covidpayout.com/xmlrpc.php
X-Redirect-By: WordPress

GET
H/1.1 200
OK style.min.css
covidpayout.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 99ms
57ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:56 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 10:56:35 GMT
Server: Apache
ETag: "19824-6027b554eb9e6-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 13841
Expires: Fri, 23 Aug 2024 03:41:56 GMT

GET
H/1.1 200
OK style.css
covidpayout.com/wp-content/themes/twentytwentyone/ 153 KB
23 KB 164ms
62ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/themes/twentytwentyone/style.css?ver=1.7
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: f2f7f242fee995f68f1b40eacb9f27ce53d583abf960ed7069b60289a87dcb38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Nov 2022 03:17:12 GMT
Server: Apache
ETag: "2624b-5ec7446d0be00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 22792
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK elementor-icons.min.css
covidpayout.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 161ms
59ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.20.0
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "4bf3-60189b7fcd47f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 3992
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK frontend-lite.min.css
covidpayout.com/wp-content/plugins/elementor/assets/css/ 103 KB
13 KB 163ms
61ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.14.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: ab59f550860dcea6de47b9999d6d9aa586f2cd631097691d013e90c61270b4ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "19c3f-60189b7fa7ed8-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 12793
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK swiper.min.css
covidpayout.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 161ms
58ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "324c-60189b7fdaf3f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 2409
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK post-5.css
covidpayout.com/wp-content/uploads/elementor/css/ 1 KB
831 B 161ms
58ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/uploads/elementor/css/post-5.css?ver=1690541673
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 09ea064d0d74a5f579d8bd9f89993b77c512bceb089db62455bc9769c32097ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:54:33 GMT
Server: Apache
ETag: "4a1-60189e7e6baa0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 393
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK frontend-lite.min.css
covidpayout.com/wp-content/plugins/elementor-pro/assets/css/ 11 KB
2 KB 162ms
58ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.14.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: ef1817d84e065a21a5a13431f364c00c0cb17eb246a501beeeb1e9ca50913aee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:46:43 GMT
Server: Apache
ETag: "2c4b-60189cbe3d3db-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 1559
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK global.css
covidpayout.com/wp-content/uploads/elementor/css/ 39 KB
3 KB 218ms
53ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/uploads/elementor/css/global.css?ver=1690541673
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 9603078d83691c1cc2badd9655952460d4fcd62d78966655a00ad9eecb3eb016

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:54:33 GMT
Server: Apache
ETag: "9d0f-60189e7eb2b57-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 2828
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK post-2.css
covidpayout.com/wp-content/uploads/elementor/css/ 27 KB
3 KB 217ms
51ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/uploads/elementor/css/post-2.css?ver=1690541673
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 911e6db474228f6bc3da73e9860f2df192a633470980617bc4bc84c8fe42ab57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:54:33 GMT
Server: Apache
ETag: "6c79-60189e7f145d6-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 2783
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 70 KB
3 KB 111ms
45ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlmarai%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.3

Requested by

Host: covidpayout.com
URL: https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36adcc25fadffefb56ff3a2f3b28e080cf9e7933659094eb5ea6326d238661ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 03:41:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 03:41:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 03:41:56 GMT

GET
H/1.1 200
OK fontawesome.min.css
covidpayout.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 221ms
56ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "e238-60189b7fd0b2f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 12582
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK solid.min.css
covidpayout.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
746 B 219ms
54ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "29d-60189b7fd0b2f-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 309
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK ertc_express_fav.png
covidpayout.com/wp-content/uploads/2022/11/ 83 KB
83 KB 270ms
60ms Image
image/png 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidpayout.com/wp-content/uploads/2022/11/ertc_express_fav.png
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: bfa7207f906f16335cb1847200dcf1d0b0e219787a20951f8237e553f049b3e1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Nov 2022 10:33:55 GMT
Server: Apache
ETag: "14acf-5eeada43852f7"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 84687
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK widget-flip-box.min.css
covidpayout.com/wp-content/plugins/elementor-pro/assets/css/ 8 KB
2 KB 195ms
54ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor-pro/assets/css/widget-flip-box.min.css
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: e47350aede388ee98af5e3ed254afa05a942809b1c635e47b111301a495014a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:46:43 GMT
Server: Apache
ETag: "21df-60189cbe3ef33-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 1288
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK print.css
covidpayout.com/wp-content/themes/twentytwentyone/assets/css/ 3 KB
1 KB 52ms
51ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.7
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 12 Nov 2020 18:36:15 GMT
Server: Apache
ETag: "b51-5b3ed2fda25c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 1084
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
BLOB 200
OK 8a9b5c69-53d0-48e9-82f2-b954310ef72b
https://covidpayout.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://covidpayout.com/8a9b5c69-53d0-48e9-82f2-b954310ef72b
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK widget-icon-list.min.css
covidpayout.com/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 53ms
51ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: dfd6f1753f09e857fa6f209c78c5e27db570e8402484bbb2d416964f4d5ec3c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "26c1-60189b7faccf7-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 972
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK bizcons-scaled-1-1-300x200.jpeg
covidpayout.com/wp-content/uploads/2022/11/ 11 KB
11 KB 51ms
51ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidpayout.com/wp-content/uploads/2022/11/bizcons-scaled-1-1-300x200.jpeg
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 3d95841bd5ae6655a3c5ebe534fae99d5cb088aaf0b0916bbe62c7bbf1bb0388

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Nov 2022 10:34:00 GMT
Server: Apache
ETag: "2a9a-5eeada480f8dc"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 10906
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK design-firm-scaled-1-1-300x209.jpeg
covidpayout.com/wp-content/uploads/2022/11/ 9 KB
10 KB 57ms
56ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidpayout.com/wp-content/uploads/2022/11/design-firm-scaled-1-1-300x209.jpeg
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 49cc70f01a24fa93d97dbb6568321be1296f84e6bc4552645f47c461c94c127f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Nov 2022 10:34:01 GMT
Server: Apache
ETag: "2562-5eeada49bcc23"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=93
Content-Length: 9570
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK responsive-embeds.js Show response
covidpayout.com/wp-content/themes/twentytwentyone/assets/js/ 1 KB
998 B 53ms
52ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.7
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 17 Dec 2020 14:57:07 GMT
Server: Apache
ETag: "467-5b6aa349db6c0-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 545
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK webpack-pro.runtime.min.js Show response
covidpayout.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 54ms
53ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.14.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: c2ed4b80cc0bfd8b35c13b9becb418d96d58f9f44048b24d6e45dba4938cac69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:46:43 GMT
Server: Apache
ETag: "15b9-60189cbe385bb-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 2523
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK webpack.runtime.min.js Show response
covidpayout.com/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 53ms
52ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "135e-60189b7fcc8c7-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 2198
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK jquery.min.js Show response
covidpayout.com/wp-includes/js/jquery/ 85 KB
30 KB 64ms
64ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 10:56:35 GMT
Server: Apache
ETag: "155ba-6027b5551463d-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 30343
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
covidpayout.com/wp-includes/js/jquery/ 13 KB
5 KB 52ms
52ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 10:56:35 GMT
Server: Apache
ETag: "3509-6027b55514e0d-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 4872
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK frontend-modules.min.js Show response
covidpayout.com/wp-content/plugins/elementor/assets/js/ 52 KB
16 KB 64ms
63ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.14.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "ce7d-60189b7fc383f-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 15540
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK wp-polyfill-inert.min.js Show response
covidpayout.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 51ms
51ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 12:04:19 GMT
Server: Apache
ETag: "1feb-5f81ce4804f72-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 2484
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
covidpayout.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 56ms
55ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 12:04:19 GMT
Server: Apache
ETag: "19cf-5f81ce4805742-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 2499
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
covidpayout.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 63ms
62ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 10:56:35 GMT
Server: Apache
ETag: "3f12-6027b55511f2d-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 5889
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK hooks.min.js Show response
covidpayout.com/wp-includes/js/dist/ 5 KB
2 KB 59ms
59ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 10:56:35 GMT
Server: Apache
ETag: "1213-6027b5550fc05-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 1567
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK i18n.min.js Show response
covidpayout.com/wp-includes/js/dist/ 9 KB
4 KB 52ms
51ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 10:56:35 GMT
Server: Apache
ETag: "24e5-6027b5550d10d-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 3692
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK frontend.min.js Show response
covidpayout.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 56ms
55ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.14.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 51187f64d3c89b9bba020ac511217aed3ea94cfc82aa3c5450b6132cfab4c039

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:46:43 GMT
Server: Apache
ETag: "5f3c-60189cbe3667c-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 6552
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK waypoints.min.js Show response
covidpayout.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 53ms
52ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "2fa6-60189b7fdc6af-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 2993
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK core.min.js Show response
covidpayout.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 55ms
54ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 12:04:19 GMT
Server: Apache
ETag: "53be-5f81ce4807e52-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 7099
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK frontend.min.js Show response
covidpayout.com/wp-content/plugins/elementor/assets/js/ 40 KB
12 KB 56ms
55ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.14.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "9f6e-60189b7fc3457-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 12248
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK elements-handlers.min.js Show response
covidpayout.com/wp-content/plugins/elementor-pro/assets/js/ 29 KB
7 KB 53ms
52ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.14.1
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 2feda11fe1d4d6dc59a32761af395530aa758ba4e27ccff22b90b3eac656fa60

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:46:43 GMT
Server: Apache
ETag: "74fb-60189cbe3473c-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 6933
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK easyertc-scaled-1-1.jpeg
covidpayout.com/wp-content/uploads/2022/11/ 193 KB
193 KB 55ms
55ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidpayout.com/wp-content/uploads/2022/11/easyertc-scaled-1-1.jpeg
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/wp-content/uploads/elementor/css/post-2.css?ver=1690541673
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 92ebce4ec69d541063f847087b2d1427041dd58a56ae3eade2a4e6e5012652d6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/wp-content/uploads/elementor/css/post-2.css?ver=1690541673
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Nov 2022 10:33:58 GMT
Server: Apache
ETag: "302ac-5eeada46bd2bb"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 197292
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
covidpayout.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 83ms
53ms Font
application/font-woff2 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://covidpayout.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "13174-60189b7fd9f9f-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H2 200 va9I4kzIxd1KFrBoQeM.woff2
fonts.gstatic.com/s/chivo/v18/ 30 KB
31 KB 95ms
33ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chivo/v18/va9I4kzIxd1KFrBoQeM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlmarai%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64aa7a01c38e5f51aa6b7cd48decf2bd9ef228857df6ff47b0f58b38c1bdfc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 03:52:37 GMT
x-content-type-options: nosniff
age: 431360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31216
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 15:51:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 03:52:37 GMT

GET
H2 200 tsstApxBaigK_hnnQ1iFow.woff2
fonts.gstatic.com/s/almarai/v12/ 46 KB
46 KB 121ms
60ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:07:15 GMT
x-content-type-options: nosniff
age: 2082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46804
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:10:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 03:07:15 GMT

GET
H2 200 tssoApxBaigK_hnnS-agtnqWow.woff2
fonts.gstatic.com/s/almarai/v12/ 47 KB
47 KB 155ms
93ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:22:42 GMT
x-content-type-options: nosniff
age: 368355
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48004
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:29:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 21:22:42 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 177ms
116ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:05:43 GMT
x-content-type-options: nosniff
age: 369374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 21:05:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 136ms
75ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 16:08:08 GMT
x-content-type-options: nosniff
age: 41629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 16:08:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 144ms
83ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 16:08:50 GMT
x-content-type-options: nosniff
age: 41587
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 16:08:50 GMT

GET
H/1.1 200
OK ownership-group-scaled-1-1-300x200.jpeg
covidpayout.com/wp-content/uploads/2022/11/ 14 KB
14 KB 53ms
51ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidpayout.com/wp-content/uploads/2022/11/ownership-group-scaled-1-1-300x200.jpeg
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 771730781accfc4376e3659f8785f1a4c3bc9b2423b846968c340febf63ba5f9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Nov 2022 10:34:03 GMT
Server: Apache
ETag: "3773-5eeada4b6c679"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 14195
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK smallrestaurant-1-300x200.jpeg
covidpayout.com/wp-content/uploads/2022/11/ 20 KB
20 KB 53ms
52ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidpayout.com/wp-content/uploads/2022/11/smallrestaurant-1-300x200.jpeg
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: ed508990efc3630ba5d70d90a54d3fa408ba901a756e7a79aa7cb2aa93e7ab6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Nov 2022 10:34:05 GMT
Server: Apache
ETag: "4f1c-5eeada4d0e60f"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 20252
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK educational-1-300x200.jpg
covidpayout.com/wp-content/uploads/2022/11/ 17 KB
17 KB 53ms
53ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidpayout.com/wp-content/uploads/2022/11/educational-1-300x200.jpg
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: bf0d2fbc27d54a1df417599f2d14039a7fcd0df06803036e7bedcc7aa48f83b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Nov 2022 10:34:05 GMT
Server: Apache
ETag: "42a4-5eeada4d8640d"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 17060
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 94ms
92ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:05:08 GMT
x-content-type-options: nosniff
age: 369409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 21:05:08 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 94ms
93ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covidpayout.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:18:32 GMT
x-content-type-options: nosniff
age: 422605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 06:18:32 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
covidpayout.com/wp-includes/js/ 18 KB
5 KB 53ms
53ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 12:04:19 GMT
Server: Apache
ETag: "4904-5f81ce4806eb2-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 5039
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
covidpayout.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 60ms
59ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 96dc57a589aa2a2646991d33dada196111b64af2b4301fdd509f59c11d4f33e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "550-60189b7fcb927-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 666
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK Boardroom-header-scaled-1-1.jpeg
covidpayout.com/wp-content/uploads/2022/11/ 271 KB
271 KB 59ms
58ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covidpayout.com/wp-content/uploads/2022/11/Boardroom-header-scaled-1-1.jpeg
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: e6105ad2f6c3e71e41e51ec5f4e1f7e70d27847c16d531d41973774089268fec

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 30 Nov 2022 10:33:55 GMT
Server: Apache
ETag: "43a59-5eeada43de0dc"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=93
Content-Length: 277081
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H/1.1 200
OK toggle.31881477c45ff5cf9d4d.bundle.min.js Show response
covidpayout.com/wp-content/plugins/elementor/assets/js/ 4 KB
2 KB 52ms
51ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covidpayout.com/wp-content/plugins/elementor/assets/js/toggle.31881477c45ff5cf9d4d.bundle.min.js
Requested by: Host: covidpayout.com
URL: https://covidpayout.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.14.1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 9489dcf799e6c85a94f8418fbc3aa4c9a7501e76d6bf1e834af71c12eaf84276

Request headers

accept-language: en-US,en;q=0.9
Referer: https://covidpayout.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 03:41:57 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Fri, 28 Jul 2023 10:41:09 GMT
Server: Apache
ETag: "eba-60189b7fcb927-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=93
Content-Length: 1401
Expires: Fri, 23 Aug 2024 03:41:57 GMT

GET
H2 200 lead-intake Show response
portal.ertcexpress.com/ Frame 2E14 4 KB
2 KB 197ms
92ms Document
text/html 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Requested by

Host: covidpayout.com
URL: https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9280e1d8ea332bac5f497f7b7ea66c52a839e761201dfbd1882d673eeefb96f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Referer: https://covidpayout.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7fb8952458f84bc6-BUF
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 24 Aug 2023 03:41:57 GMT
expect-ct: max-age=0
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kJi5hs%2Feqsb1DtDn0Hemb%2BMtkPH52IrUG4HlL1xfF3eg8lpNSMdTwC5VYOUE17YAmPPwTfD6Vb4gdi2fLR5hdrjkA0pMN9pIgYbnukmtfQ0UoVDZ3xRJIyedECvXWpQMINmuWdY9KXCV6I8P4eNUb5jnaPU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 2E14 27 KB
1 KB 44ms
42ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 02:19:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 03:41:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2E14 7 KB
745 B 41ms
40ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

735d23452911fee84d6dc55c7bdc4966663003894ac722deca63b064b2404a1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 03:24:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 03:41:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 2E14 434 B
403 B 58ms
57ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Homemade+Apple&display=swap

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9cc11853c6674ae0910357574195bffafef639ad8d628af7d88b40f649edd1af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 03:15:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Aug 2023 03:41:58 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 2E14 187 KB
63 KB 140ms
76ms Script
text/javascript 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBWoHM2_MNc0jsu215pBfJOo0rOjmh3TPM&libraries=places

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

526b56c764b3767dfd10ed8229a1e9f633d48a3b043a47b6ef5ec9701e962b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64357
x-xss-protection: 0

GET
H2 200 main.797fde5e.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 809 KB
236 KB 71ms
70ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7753856c653ac2d7d10129661a029ba9b076ee4f726267655fef5112886fc81c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"ca5c8-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPkuqAdD%2FGX4L%2BV1kQh76QfQaaTqcaUQpnAx9EXvEveoQw22zAjB9gUDRYuRzke3JJRQxQyqnfugRBaqpbY%2F4eHx2rOVepgw4RNnnMdn3Y73m4c8mtftF1YXpayr2xPkvrc2r4kUmME%2FeIkLA8E%2FXes%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb8952779134bc6-BUF
access-control-allow-headers: *

GET
H2 200 main.e176abe0.css
cdn.ertcexpress.com/static/css/ Frame 2E14 66 KB
12 KB 85ms
61ms Stylesheet
text/css 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/css/main.e176abe0.css

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfbb5535db5ca9507c9e65a9e7afae6b1fc9e8765d65b5e891ce7665864c6d91

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=67887
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"1092f-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: text/css
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sdosuif7P7DmZyEBgtsCMXfGU2C%2BYwqk4SAr3ji%2FhEsSBKjgJj%2FkLUp%2BLBMEiR1T62WZha54w6froTzyZ%2BlNcDjvE%2FMEfgDLOGHE2smxGYobg5s0%2BUDyL8cghZpzMEiYtEDYCkEyyjKnNLxxbi2KgTw%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb8952729114bc6-BUF
access-control-allow-headers: *

GET
H2 200 21903561.js Show response
js.hs-scripts.com/ Frame 2E14 1 KB
1 KB 146ms
70ms Script
application/javascript 2606:4700::6811:e76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21903561.js

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e76 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eeda878e805f2ee1a1d2fc5186bb92e16da5b307a12bb8c854d165d985e9e09

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 83176915-f0c2-4705-a084-caf83b157cdb
x-envoy-upstream-service-time: 5
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 83176915-f0c2-4705-a084-caf83b157cdb
last-modified: Thu, 24 Aug 2023 03:33:59 GMT
server: cloudflare
x-trace: 2B8DEA5B9DD842B503F3EC92A31D2226E25B1D67D6000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-kl852
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 7fb89527feb74bc9-BUF
expires: Thu, 24 Aug 2023 03:42:58 GMT

GET
H2 200 viewer.js Show response
acrobatservices.adobe.com/view-sdk/ Frame 2E14 1001 B
924 B 185ms
60ms Script
application/javascript 2600:1400:d::1721:ee1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://acrobatservices.adobe.com/view-sdk/viewer.js

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee1b New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7d0fdf6d0d2c567562ad20fc031aba1db8ee56b76d0004e9f980fa367b09eb4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-server-side-encryption: AES256
content-length: 575
last-modified: Thu, 13 Jul 2023 12:39:13 GMT
etag: "6ce7236b0fa12be296515da1002c1c30"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: max-age=60, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame 2E14 20 KB
7 KB 148ms
63ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer
Origin: https://portal.ertcexpress.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fb895280bf64bd3-BUF

GET
H2 200 universal-script Show response
route.ertc.com/v1/lst/ Frame 2E14 40 KB
12 KB 235ms
142ms Script
text/javascript 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/universal-script?ph=5fb30b78ab4439089bd4dbb1c05fec7e7f0bc196fb2351ef9e102b22a335fe90&tag=!clicked&ref_url=https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/
Requested by: Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25df70f719f668b818aa4680adc102282b837323966b4187f748e09ca83c2dd7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
front-end-https: off
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/javascript;charset=ISO-8859-1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NWFrA4LHbUvJbbTgjVXu3AlgF8iv3aCD5GcHg9U2O6vcwz7n5b5wa7DF1EEkJVj6%2FsPv%2FqqHlkcIrDTlGzs1vpIL4TeVbk8CVY7P7m19zC5gIr4mGB%2FcRhXvpYGm6IJLp7zJEq4%2BxkOpFzEKgg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
cf-ray: 7fb895280cb14bcc-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21903561/ Frame 2E14 65 KB
20 KB 159ms
69ms Script
text/javascript 2606:4700:4400::ac40:991b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21903561/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21903561.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:991b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb5b89e2d0ed9a46e314258413f94639a16b2b5617103c3e4cb532aae014fc05

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
x-amz-version-id: TKw8xhMcTqkNeDCuz3Cw97HmSNw17VnP
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: ZZ2AJEX2C14W96YT
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 1a5418cc-a0dd-4d4d-bbae-b82c14f2b5f7
x-envoy-upstream-service-time: 31
x-amz-id-2: J61LRoBi4/ftZKUxSajkju71mPjmVc8rPqyuOD5geU/5uSZ+uxmqLT+ZeS088a1G2O737Ms30uA=
x-evy-trace-listener: listener_https
x-request-id: 1a5418cc-a0dd-4d4d-bbae-b82c14f2b5f7
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 15 Aug 2023 15:44:47 GMT
server: cloudflare
etag: W/"db940c44c1cc181c046b140cb799d433"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://ertc.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-xs8lj
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7fb89528fcbd4bcc-BUF
expires: Thu, 24 Aug 2023 03:46:58 GMT

GET
H2 200 21903561.js Show response
js.hs-analytics.net/analytics/1692848400000/ Frame 2E14 66 KB
21 KB 175ms
82ms Script
text/javascript 2606:4700::6812:7841
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1692848400000/21903561.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21903561.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7841 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cef03b539865449318bfe7bed94f457585231469aa7e3d2e92b979d65f85882b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 3RXHBYESJZ9NFA87
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 46799c1c-206f-41c9-979b-e2381a9b9727
x-envoy-upstream-service-time: 20
x-amz-id-2: jpzlY7r+hsyZj/wWuC19E0v/Kt/2q9N39zcXFUhBm/FGSAvSpL9eOOm898NFwACT2gWiIfT+RO8=
x-evy-trace-listener: listener_https
x-request-id: 46799c1c-206f-41c9-979b-e2381a9b9727
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 15 Aug 2023 15:44:49 GMT
server: cloudflare
etag: W/"1cf1369d82db65066928d14a8dde9be4"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-xs8lj
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7fb8952908a04bbd-BUF
expires: Thu, 24 Aug 2023 03:46:58 GMT

GET
H2 200 fb.js Show response
js.hsadspixel.net/ Frame 2E14 6 KB
3 KB 129ms
36ms Script
application/javascript 2606:4700::6810:cd27
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21903561.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:cd27 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36a58b231f4bd34d323b5a7da9caf1a2706ecc87ca22a822763b96659043017e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
x-amz-version-id: jPXu6qi.g7uxBjG4s6uCQIhIPiNAy8nk
via: 1.1 16d910967d343c8da7828222a653755e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 101
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.396/bundles/pixels-release.js&cfRay=7f4efe5c1a834bd5-BUF
x-cache: Hit from cloudfront
x-hubspot-correlation-id: a35ff4ce-f7f5-4e5b-8db6-95415b0eda70
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: a35ff4ce-f7f5-4e5b-8db6-95415b0eda70
last-modified: Mon, 07 Aug 2023 08:57:08 UTC
server: cloudflare
etag: W/"c80164a2fdf0ea90248ff107d11fb350"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-7475r
cf-ray: 7fb895290fe14bd5-BUF
x-amz-cf-id: foEhs4uJM3YY1nptVdiXbiC2mgfd8ForBN89oAYW8faWJbXJVc9VTA==
x-hs-target-asset: adsscriptloaderstatic/static-1.396/bundles/pixels-release.js

GET
H2 200 180.8d0c209f.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 7 KB
3 KB 58ms
58ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/180.8d0c209f.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ca7136a9716a3e2d2e12c5c9b5aa44adfca5bc9d169fb006b5d0917b1154ff3

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"1c28-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1q%2FdM9KtXI57DRGDxhnp%2BEntKWNZ6C%2B4QhxuoGKVhXU70NMJ8bL4X6vHEe2inVnh2AKUT%2FzELRWNvp85DhmWuwedsR%2BX4RTce5xrGqzZ8wHoxAC%2F%2BwO1WIEL8wgBs%2F5geniiGzjMh9G9xN8NfHQRiTc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529091a4bc6-BUF
access-control-allow-headers: *

GET
H2 200 528.c1c49790.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 816 KB
57 KB 64ms
63ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/528.c1c49790.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77a3de06d567c9f8c9812513357b89933389167325cc167b07270bd6712b7811

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=835952
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"cc170-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPFcafS34%2FtVPPlr0jilHrKNEqiZ8YtJx9ui5w1CyS0cO412eB7alb7OzCkJECrLB0fSGFVfUeYzvCfuIq6ittvCR4fcFqdAuQl7zTtlyA3ee23y1SeiyUK1iCz%2Bb%2BkCIfsgd1c%2FkX4x%2Bo9VGid9CeI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529091b4bc6-BUF
access-control-allow-headers: *

GET
H2 200 976.9eebeaf7.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 35 KB
13 KB 58ms
57ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/976.9eebeaf7.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e93615d603e6a17c1cf3c9ac03b1b9c42cf76194ef57ad79edceda1130f20a1b

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"8bb7-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBCtPtvhkQuZ2wCk%2F9ooAxTKOW0tkDKVNy8DACRe1FxnlqOmMhGR2N55K9qIp1ShocdCqlDFR47FMbSNv9PQNUOfHj32XLoBexxDEbN6k%2Bow%2FEXFwm47TeMPpZGIBwkCIb%2B14Oxlhm0UaJJxEtg%2BGE8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529091c4bc6-BUF
access-control-allow-headers: *

GET
H2 200 919.010fd696.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 11 KB
4 KB 80ms
79ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/919.010fd696.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aab2bcdd09c5d88facad28f2d02e2af3bac56e9f374d6ca6de197b067271ddfd

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11743
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"2ddf-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vy2hpQzzr77Z7TZFSRpnW98EILY%2FnHdDNvAoO9Ftiv0D4V%2FErMmL9jNexgxrqFOBaDtlTkkKfM5quz2zh5G0XcqXSeUgy5JdBVTbYbQsJfhvA5niZjhSQyTwLP%2FRuUW9n7V1YSqFURvK349n47LssDE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529091d4bc6-BUF
access-control-allow-headers: *

GET
H2 200 275.5be01240.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 801 KB
233 KB 101ms
101ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/275.5be01240.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d88b7f23701564aa13b060c75c0ee86d0f5c78e807797bd5dd4fdf40a4482178

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"c83c8-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y58m%2FzfoO3LQycgTD8Gzf11j9JqCfdRRHem%2F%2FYxkbAHF6juLNtYsIvPnylwuHsRYKkzQPpzANCsgp3hVgNjm9Uft027wrpc1Bc0gnp9XYO2RkyKxspARmwwOgPxXeJ%2F7Oy0KYqsEViawXtDU8TSiVnc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529091e4bc6-BUF
access-control-allow-headers: *

GET
H2 200 144.bb4609e6.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 7 KB
3 KB 61ms
61ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/144.bb4609e6.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c62da79cd6248b361a5ec0f35be37355b9a393a4a403d62164f19cede30cc695

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7508
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"1d54-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOOqSE%2FAfFqtQILefNRLqSyOvJWDwaBROC0GIjTuv9Tp%2FL0z9qqoftekcYUYJQj1cmUbb5mzrI4eDdtVSX1ykGzuF43y0%2BalrIJittgOrHZZg%2Fj%2Fo6H1mU6189RPLu8U6yiRMGH0XlR51rBy0qeDRC4%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529091f4bc6-BUF
access-control-allow-headers: *

GET
H2 200 56.8707bd8c.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 29 KB
7 KB 61ms
61ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/56.8707bd8c.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

254819f10e72fefb2a084544f14297ce9707aac792c27abe58da51ccccb3a790

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=29909
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"74d5-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bij9pD9Jf7fbVp0qC%2BWWrUPH1MxyvYzWIUr5T2rCMryhAnyrGihHMj07UPMe763ug%2BH3PtEqyPffjcci7ZvKXDkH%2BsGx3lWTyDTOWyCbehiYrRYgGdJ5WhSXrD4N15VZ3M75yRfPoC5qJpNd%2BszS4po%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb8952969204bc6-BUF
access-control-allow-headers: *

GET
H2 200 251.a341c789.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 16 KB
6 KB 57ms
57ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/251.a341c789.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

624cb49bab371f5cbc32ec5422e2f1ab9b3c2ce7ca5cc6a3c0c159d62dab8376

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=16902
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"4206-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oUAZtm1K7T0dI%2BsjVmFQc%2BgFpGrB3t9vDAO0xfW5eU8%2F5sJXsh8li8EKpK7qUNWAeYpkzEskcgcsMlmkesU7Fpswn5p6EJXQ1Z1eQQSK41Z002eei8rJOsHxRajv3XAA3NBXRtC3YKivud2Ib%2FmYqQ8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb8952969214bc6-BUF
access-control-allow-headers: *

GET
H2 200 687.acaf2c6f.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 288 KB
75 KB 92ms
91ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/687.acaf2c6f.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b3a27e2320dda9b9e7d390d707d037860ea7cc2962f00dcc5b64cef98b88740

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=294962
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"48032-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V6kz0k2PQmNSvZ64AYbqQH6oU0SQQynuRAtYA7ZvgCU54MUREXlidng6noKvUfY0Hdn9Mt5s9Cl8xfKskgKQxYw5FTr2uCdc80CtocetvY8L87Ymx00p1%2FMXyhzJv2q9HsMa%2BiipesROzoYsetPK3dE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb8952979274bc6-BUF
access-control-allow-headers: *

GET
H2 200 129.6d7c127f.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 15 KB
5 KB 60ms
59ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/129.6d7c127f.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5cba1069ec5a0e941c10a297aa5629bd4d9127c2ab811d75be1bb9aa0094952

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=15069
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"3add-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KakxM36h2FIMZUuw6TkCdpiD5VmTbRcw8jrgp%2Bv5c2kiOlaleC99U4h8H71u7cKBY%2BnCXr2VSIHk6%2BpJQgDZRsZc9twDKaY2kjlnasjsgeOlwZsIFPOoNCaFAPhMqpHYWytWHEZ9nOOTqDKnbEajvA8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb8952979284bc6-BUF
access-control-allow-headers: *

GET
H2 200 567.f5078f14.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 150 KB
37 KB 91ms
91ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/567.f5078f14.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d45770679ca6b1dbc6a06e10851b6e617b5f496c88a888606ac93f860593aecb

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=154047
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"259bf-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcsh3c3BMsMKOt8pqtR9OTXY8vi1UQLhKWAfsujYlMz9MPn7p6R5%2BMsjm%2FxgpSKSptEvqCJDlx8MgqZkom9Agyj3iAcW%2BP9mnWFN0K99kuaeJ1z6QmsDPlQ7Zx%2FpvRlV4DrsR9xaET4LVuXSXCrJJOU%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb8952989294bc6-BUF
access-control-allow-headers: *

GET
H2 200 813.ccc1d472.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 109 KB
17 KB 63ms
61ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/813.ccc1d472.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acae625046aa0fe15261f617550f17d264fe0973a66cd3e288164593c93a1598

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=111348
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"1b2f4-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mI2RgO%2BuF9HKG%2BDRBo9yoJBt8IOvCfjGOLg%2BTAbJ1mYtWoX%2B52A%2BVNQboIGZKDOw9LHluyuQjvLdJema4AryElW%2FSIc9xOVgKMVccYn7b3GJFtKDBSYzAoYlni3UmpjOtNpFjsUwViDjBiaz2mYTFxI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529c92c4bc6-BUF
access-control-allow-headers: *

GET
H2 200 498.74085039.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 30 KB
7 KB 59ms
59ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/498.74085039.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b70e41fab42b581a102986ad6f77628e1ce6da3f4fbeb834cd3787bb781921de

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=30326
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"7676-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AscTpmvDhbFobfGgrnsQUxH8t2XywQL0UdrvleumQ19x%2BR04Z92N4mNk7hWdBINCSq5yX6HEsQeT%2BnD3EItsAfoUlAn%2F7YZU3EYnfpOv5oYyjYg%2BSrJir67KiYUGXjP1VsbnEdHMvbMxbUFgt2vBX0g%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529c92d4bc6-BUF
access-control-allow-headers: *

GET
H2 200 264.903f8388.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame 2E14 2 KB
1 KB 59ms
58ms Script
application/javascript 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/264.903f8388.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bee029e127fcd94cb1e04e7794e06a260d3c04f0e9849999a89dff7312a5306

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2587
cf-bgj: minify
last-modified: Wed, 23 Aug 2023 09:22:14 GMT
server: cloudflare
etag: W/"a1b-60393a59efd80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Y2Z0Hi53jsq8hlZ5mvGrpyHKmUzV5PYgsothgdMnTB3Rhesy3JJpt8xEuswKjSMajB0oqvdT5SXUqee0fpw9S3iceCHRG0gOLUHYHRrxa8jDlwatlhAKrlR3AmxknNMR5%2FmB7T6XkAAPTL4y1Ef5C8%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 7fb89529c92f4bc6-BUF
access-control-allow-headers: *

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 2E14 3 B
45 B 122ms
65ms XHR
application/json 2607:f8b0:4006:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
BLOB 200
OK ba6c9b16-282d-4403-ac23-372c80b0d8ff
https://portal.ertcexpress.com/ Frame 2E14 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.ertcexpress.com/ba6c9b16-282d-4403-ac23-372c80b0d8ff
Requested by: Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

GET
H2 200 ViewSDKInterface.js Show response
acrobatservices.adobe.com/view-sdk/3.2.4_3.2.0-bab76ff9/ Frame 2E14 1008 KB
150 KB 34ms
33ms Script
application/javascript 2600:1400:d::1721:ee1b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://acrobatservices.adobe.com/view-sdk/3.2.4_3.2.0-bab76ff9/ViewSDKInterface.js

Requested by

Host: acrobatservices.adobe.com
URL: https://acrobatservices.adobe.com/view-sdk/viewer.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1400:d::1721:ee1b New York, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

649c886ce7d67334461a141255cb6d90de9fbce612b61ce71e32cf9ed2f2860c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-server-side-encryption: AES256
content-length: 153198
last-modified: Thu, 13 Jul 2023 09:51:38 GMT
etag: "7834edf4125e37c1cf2b12638fa6acee"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: max-age=2592000, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 gusid Show response
route.ertc.com/v1/lst/ Frame 2E14 0
539 B 72ms
71ms XHR
text/plain 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/gusid?ref_url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F
Requested by: Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Product-ID: 186379
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
session-id: HB-ET_cad52ca67f08fc005467329fa226c169f836a8d0976a74f79fc2eb462767ba23
server: cloudflare
etag: HB-ET_cad52ca67f08fc005467329fa226c169f836a8d0976a74f79fc2eb462767ba23
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHQmh5%2FHY1tYeCKO%2BFJ8dZd1osfK9I2MZ4noQEqvVhOIhyHwHjUlxK6nfEPFkKrm8uUbqq3OJYb3aTEU1LzpulgOEd4Wo0tFqoFWL3J%2FIQl0Up5vxs97mxtdaLkngpdQK%2FOy5XuUpEKIQWrFgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: Session-ID
front-end-https: off
access-control-allow-credentials: true
cf-ray: 7fb8952b5cce4bcc-BUF

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ Frame 2E14 190 B
1 KB 217ms
90ms XHR
application/json 2606:4700::6811:cccc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21903561

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cccc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9f7593e87bc2aa85cb954a12099d50b3d76dc67fda1db0caf4b79148babe547

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: e6a8bc0b-61fc-4d81-a2fc-e21bb04d5ebf
content-encoding: br
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: e6a8bc0b-61fc-4d81-a2fc-e21bb04d5ebf
server: cloudflare
x-trace: 2B27952069448548D40C600C9BBC490AC8CC3ACBD8000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://portal.ertcexpress.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-8w2j6
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d7FRhg%2FMiO%2BqAX%2BpWguZFSYqR4v9TZx4TjlFrMhTB4CbMn8T9linaD9d4COX421yrBFLSeMOFsKVCLd%2Fdt1srEWSaKx2gzBxVN1GGJcAexI%2FdDwNBecOeGRu3%2Fn4YwRF9KJJ5XX%2BNWCvZMuW"}],"group":"cf-nel","max_age":604800}
cf-ray: 7fb8952a9ee34bc9-BUF
access-control-allow-headers: *

OPTIONS
H3 200 gusid
route.ertc.com/v1/lst/ Frame 0
0 260ms
130ms Preflight 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/gusid?ref_url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://portal.ertcexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fb8952a9f2f4bcd-BUF
content-length: 0
date: Thu, 24 Aug 2023 03:41:58 GMT
front-end-https: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gCbhbFhS1Wjg1ebyrOpx4u6BSEOHD2EfPTzL%2FsrqturFGxMHH%2BawY0OkA16szu29GGkeFEJkAyFyF7zFQlC5NhF08mYYaPTIa04J%2Bx3deEDlkAt7Nqsu8j8PcJ0FsefiIvd5UVhlo7bipVcnVw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E14 15 KB
15 KB 27ms
26ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 16:08:08 GMT
x-content-type-options: nosniff
age: 41630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 16:08:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 2E14 196 KB
71 KB 343ms
49ms Script
application/javascript 2607:f8b0:4006:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11028985773

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

942eeca6fe5962c95a4d7f485eb96e0feaea12754cbc08f93095023ff721f53f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72315
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Aug 2023 03:41:59 GMT

GET
H2 200 verify Show response
portal.ertcexpress.com/api/referrers/ Frame 2E14 326 B
699 B 875ms
874ms XHR
application/json 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/api/referrers/verify?source=https%3A%2F%2Fcovidpayout.com%2F&uri=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f566245be142a89fa1e009309af7e245eb58dcf62ac13faab9efe3ce10703b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:59 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"146-erOTK2p+yoSKGz2ZxujnxeaVZlo"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: ALLOWALL
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xRvkyUiRyc8HxY7nGsPq82A%2FbKWQCCLqgVqIkvjkXM%2FbvOVxdIKAlGPZziLsyHEEoWrgOfoOh8DyCsbKvdssqG6m86vjb5WpgMcaQZ%2BlzLgyrSha43jTfaBxSpfYTQ77trK3bNGeuBKFKSfebFcEdK%2Bvnk0%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 7fb8952b295c4bc6-BUF

POST
H3 200 cte Show response
route.ertc.com/v1/lst/ Frame 2E14 159 B
646 B 88ms
88ms XHR
application/json 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/cte
Requested by: Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94004fac68d16a60d66c399f154edbb1a2d1fa2146fb73cd42d697704a85a0ae

Request headers

Session-ID: HB-ET_cad52ca67f08fc005467329fa226c169f836a8d0976a74f79fc2eb462767ba23
Product-ID: 186379
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Referer
Access-Control-Allow-Headers: *

Response headers

date: Thu, 24 Aug 2023 03:41:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
front-end-https: off
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZHnWJ%2F%2BN9p92y5YXlzTKHPvUwjVeuLvRq%2BjoGQndpXsQxUQVB8RqQIQM1fXxvVupXMPnfOkQFW79YgIg7sWe9SshsEOf3dRBui0fpWTNlLcWQoS1gRyrWC9qXv4w9WkJT%2FRAYW8gBUkCFgJoA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
cf-ray: 7fb8952c6f464bcd-BUF
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 cte
route.ertc.com/v1/lst/ Frame 0
0 52ms
52ms Preflight 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/cte
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: POST
Origin: https://portal.ertcexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fb8952c0f414bcd-BUF
content-length: 0
date: Thu, 24 Aug 2023 03:41:59 GMT
front-end-https: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7W2OIhZOpdCBpPAQxYV32lLiHNCS21hdOc8DLADYWgpqlPhGp1%2FJHQFud7CtFITloYSKZGubD7O%2FQpcXfSzu13BEZEIj3wQ4PsukNOTcRfUmwBsak5D1CwhPFwn5UNXPBnxBurOCmgE5KP2UoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 pc Show response
route.ertc.com/v1/lst/ Frame 2E14 117 B
665 B 96ms
95ms XHR
application/json 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/pc?prev_url=https%3A%2F%2Fcovidpayout.com%2F&ref_url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.110+Safari%2F537.36
Requested by: Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6afc42bb55a6c139ad90d6647b4598205ba183bcafb23ceddbf9576872851c94

Request headers

Session-ID: HB-ET_cad52ca67f08fc005467329fa226c169f836a8d0976a74f79fc2eb462767ba23
Product-ID: 186379
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referer
Access-Control-Allow-Headers: *

Response headers

date: Thu, 24 Aug 2023 03:41:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
front-end-https: off
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2bFezTNHaDFXqEZLu3mwlxVxzABmetHtaKGjuztbjg9jemRk1RkOWWTPyf2xdRpnry6StfcvgbLmBsUYgKUuUYhCpH461PpEZtY8gZeLpiXtIK5vclcUMGX6BjSuy5DkRvmGP8eEa65Tl1mNA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
cf-ray: 7fb8952dc8054bd5-BUF
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 pc
route.ertc.com/v1/lst/ Frame 0
0 61ms
58ms Preflight 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/pc?prev_url=https%3A%2F%2Fcovidpayout.com%2F&ref_url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F116.0.5845.110+Safari%2F537.36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://portal.ertcexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fb8952d6f5d4bcd-BUF
content-length: 0
date: Thu, 24 Aug 2023 03:41:59 GMT
front-end-https: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P6UliP4xyJpf96u0QVCfXnrxZ98mS9x0Bk%2BdffggkHTF6at1Wfk%2FFiu8FacxLmNoyHtYQIAhDOFpUBUJFdEEVLMIUdFmKnxTtRvtBAceB3uBxEtPZUUA43RtW8tKg0Eo87G8OluoAiEC%2BgZi8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11028985773/ Frame 2E14 2 KB
2 KB 117ms
48ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11028985773/?random=1692848519319&cv=11&fst=1692848519319&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F&ref=https%3A%2F%2Fcovidpayout.com%2F&hn=www.googleadservices.com&frm=2&tiba=ERTC%20Express&did=dZTQ1Zm&gdid=dZTQ1Zm&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11028985773

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe46db1c1d61c88faecb670802a6e41a724046a76cfb92509daa8e31745658be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:41:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1339
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11028985773/ Frame 2E14 42 B
455 B 216ms
48ms Image
image/gif 2607:f8b0:4006:823::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11028985773/?random=1692848519319&cv=11&fst=1692846000000&bg=ffffff&guid=ON&async=1&gtm=45be38l0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F&ref=https%3A%2F%2Fcovidpayout.com%2F&frm=2&tiba=ERTC%20Express&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2994038870&rmt_tld=0&ipr=y

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covidpayout.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 03:41:59 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 2E14 173 KB
47 KB 95ms
30ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Aug 2023 03:41:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: tWkRyArMesyQXmpxnbmOeKD9tvAN2GoPdL48NXIT+jFMDJaD942qaT/mo7bTGLM88SR0BD4/q33XIxJ5+Eawzg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame 2E14 45 B
1 KB 155ms
87ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3060377523&v=1.1&a=21903561&r=https%3A%2F%2Fcovidpayout.com%2F&pu=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F&t=ERTC+Express&cts=1692848519713&vi=bb5827a759e2e830c16e40258c40ad11&nc=true&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:41:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 5d54081c-07f2-41f0-a9d0-b433d1563de0
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 12
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 5d54081c-07f2-41f0-a9d0-b433d1563de0
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHLkqMey6jGwPqAFcFSMI7TBgSXBNuzjI0cRLl2N45wKJIf%2B9i567DnjlPE81fSjUK6g1UzN4Jl3Y7f78%2F8iR1Sq05W1BqAeavVjsKwbPY0kcI9NzXIZ9zp9ThhS2bL3AweXf8o0itpJWX08GC%2BW"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-5qjc8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7fb89530b8144bd5-BUF
x-robots-tag: none

POST
H2 204 rum Show response
portal.ertcexpress.com/cdn-cgi/ Frame 2E14 0
156 B 31ms
30ms XHR
text/plain 2606:4700:20::681a:6a8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/cdn-cgi/rum?

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.797fde5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6a8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Thu, 24 Aug 2023 03:41:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://portal.ertcexpress.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fb8953059a74bc6-BUF

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E14 15 KB
16 KB 29ms
29ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 21:05:43 GMT
x-content-type-options: nosniff
age: 369377
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 21:05:43 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E14 16 KB
16 KB 32ms
31ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 16:08:50 GMT
x-content-type-options: nosniff
age: 41590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 16:08:50 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E14 17 KB
17 KB 42ms
42ms Font
font/woff2 2607:f8b0:4006:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 02:29:02 GMT
x-content-type-options: nosniff
age: 90778
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Aug 2024 02:29:02 GMT

GET
H2 200 128303466905142 Show response
connect.facebook.net/signals/config/ Frame 2E14 97 KB
25 KB 72ms
71ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/128303466905142?v=2.9.124&r=stable&domain=covidpayout.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

065e44471be9490ac34587b6e621417c3e4f8dc8b81fe033ac490eb13bfcc759

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 24 Aug 2023 03:42:00 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: dtywB4ZOjt2vtojlKxkXa5zv4oas9hsVPy9xkHqluQ3/hdnSAmHqniEZBO8TrjuBXzSCfj99lGzvpRDK9myyqQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 2E14 0
185 B 90ms
30ms Image
text/plain 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=128303466905142&ev=PageView&dl=https%3A%2F%2Fportal.ertcexpress.com&rl=https%3A%2F%2Fcovidpayout.com&if=true&ts=1692848520410&sw=1600&sh=1200&ud[external_id]=bb5827a759e2e830c16e40258c40ad11&v=2.9.124&r=stable&a=tmhubspot&ec=0&o=28&pm=1&hrl=3907d8&it=1692848520307&coo=false&cs_cc=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://portal.ertcexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 24 Aug 2023 03:42:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame 2E14 45 B
467 B 101ms
100ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?id=DisableFormTracking&value=0&k=3&n=DisableFormTracking&m=&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3060377523&v=1.1&a=21903561&r=https%3A%2F%2Fcovidpayout.com%2F&pu=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovidpayout.com%2F&t=ERTC+Express&cts=1692848523552&vi=bb5827a759e2e830c16e40258c40ad11&nc=true&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 03:42:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f10acbe0-d6f0-4fcc-a345-b059676078f1
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 9
alt-svc: h3=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f10acbe0-d6f0-4fcc-a345-b059676078f1
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yViGhNUe8dB3aegUT%2FqEDy%2F%2F4QlIIypiQX5Vnr0cDR1ucRy%2F%2FisBtfA9SkPnvJivvoZ2BVJlWBFme4b5rkb5hHZ3k2FC8vtD3HncHmrzgXuhWH%2F0D4hwPsMFfoNCqiQA9%2FYAsRALSvRTiCqSnM0f"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-78r47
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7fb89548587e4bd5-BUF
x-robots-tag: none

GET common.js
maps.googleapis.com/maps-api-v3/api/js/54/2/ Frame 2E14 0
0

GET util.js
maps.googleapis.com/maps-api-v3/api/js/54/2/ Frame 2E14 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/54/2/common.js

Domain: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/54/2/util.js

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
route.ertc.com/v1/lst	1970-01-20 23:50:08	Name: __mh_tt_s Value: HB-ET_cad52ca67f08fc005467329fa226c169f836a8d0976a74f79fc2eb462767ba23
covidpayout.com/	1969-12-31 23:59:59	Name: htmega_has_count-2 Value: htmega_already_count
.doubleclick.net/	1970-01-20 14:14:09	Name: test_cookie Value: CheckForPermission
.hubspot.com/	1970-01-20 14:14:10	Name: __cf_bm Value: wNia5x_G4pHFyQibNlVCbGwt8mo4jl_LfATDqX.VXyM-1692848519-0-ATiO86ea2p6WvtdFmZuelXHrGsohj2WX1uPChu0wQ26za7kSQbIsu8qG0gwBXN1MYUeuFnEDlvdQ3X0Y/Wm6+3w=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.covidpayback.org/mdetect.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acrobatservices.adobe.com
api.hubapi.com
cdn.ertcexpress.com
connect.facebook.net
covidpayout.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
maps.googleapis.com
portal.ertcexpress.com
route.ertc.com
static.cloudflareinsights.com
track.hubspot.com
www.covidpayback.org
www.covidpayout.com
www.facebook.com
www.google.com
www.googletagmanager.com
maps.googleapis.com
192.200.102.246
2600:1400:d::1721:ee1b
2606:4700:20::681a:6a8
2606:4700:3036::ac43:9b33
2606:4700:4400::ac40:991b
2606:4700::6810:3865
2606:4700::6810:cd27
2606:4700::6811:cccc
2606:4700::6811:e76
2606:4700::6812:7841
2606:4700::6813:9b53
2607:f8b0:4006:809::2008
2607:f8b0:4006:81e::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::2003
2607:f8b0:4006:823::2004
2607:f8b0:4006:823::200a
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
91.191.214.162
065e44471be9490ac34587b6e621417c3e4f8dc8b81fe033ac490eb13bfcc759
09ea064d0d74a5f579d8bd9f89993b77c512bceb089db62455bc9769c32097ba
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
254819f10e72fefb2a084544f14297ce9707aac792c27abe58da51ccccb3a790
25df70f719f668b818aa4680adc102282b837323966b4187f748e09ca83c2dd7
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e
2ca7136a9716a3e2d2e12c5c9b5aa44adfca5bc9d169fb006b5d0917b1154ff3
2feda11fe1d4d6dc59a32761af395530aa758ba4e27ccff22b90b3eac656fa60
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
36a58b231f4bd34d323b5a7da9caf1a2706ecc87ca22a822763b96659043017e
36adcc25fadffefb56ff3a2f3b28e080cf9e7933659094eb5ea6326d238661ef
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
3d95841bd5ae6655a3c5ebe534fae99d5cb088aaf0b0916bbe62c7bbf1bb0388
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46b04afecdaf08e04385a7cabaec357f6edfc6a8b2b156d8c624c2621894f3de
48883de2cc804fe2686080ae4a7f8e986feb7df7ce43a0a41dd2be60435264ff
49cc70f01a24fa93d97dbb6568321be1296f84e6bc4552645f47c461c94c127f
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4f566245be142a89fa1e009309af7e245eb58dcf62ac13faab9efe3ce10703b4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51187f64d3c89b9bba020ac511217aed3ea94cfc82aa3c5450b6132cfab4c039
526b56c764b3767dfd10ed8229a1e9f633d48a3b043a47b6ef5ec9701e962b08
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
624cb49bab371f5cbc32ec5422e2f1ab9b3c2ce7ca5cc6a3c0c159d62dab8376
649c886ce7d67334461a141255cb6d90de9fbce612b61ce71e32cf9ed2f2860c
64aa7a01c38e5f51aa6b7cd48decf2bd9ef228857df6ff47b0f58b38c1bdfc30
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6afc42bb55a6c139ad90d6647b4598205ba183bcafb23ceddbf9576872851c94
6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c
735d23452911fee84d6dc55c7bdc4966663003894ac722deca63b064b2404a1d
76efc435fc139294153b2304af750ccd6857bf3349577af166308db9eb0a2fdc
771730781accfc4376e3659f8785f1a4c3bc9b2423b846968c340febf63ba5f9
7753856c653ac2d7d10129661a029ba9b076ee4f726267655fef5112886fc81c
77a3de06d567c9f8c9812513357b89933389167325cc167b07270bd6712b7811
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7d0fdf6d0d2c567562ad20fc031aba1db8ee56b76d0004e9f980fa367b09eb4c
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8b3a27e2320dda9b9e7d390d707d037860ea7cc2962f00dcc5b64cef98b88740
8bee029e127fcd94cb1e04e7794e06a260d3c04f0e9849999a89dff7312a5306
8eeda878e805f2ee1a1d2fc5186bb92e16da5b307a12bb8c854d165d985e9e09
911e6db474228f6bc3da73e9860f2df192a633470980617bc4bc84c8fe42ab57
9280e1d8ea332bac5f497f7b7ea66c52a839e761201dfbd1882d673eeefb96f7
92ebce4ec69d541063f847087b2d1427041dd58a56ae3eade2a4e6e5012652d6
94004fac68d16a60d66c399f154edbb1a2d1fa2146fb73cd42d697704a85a0ae
942eeca6fe5962c95a4d7f485eb96e0feaea12754cbc08f93095023ff721f53f
9489dcf799e6c85a94f8418fbc3aa4c9a7501e76d6bf1e834af71c12eaf84276
9603078d83691c1cc2badd9655952460d4fcd62d78966655a00ad9eecb3eb016
96dc57a589aa2a2646991d33dada196111b64af2b4301fdd509f59c11d4f33e4
9cc11853c6674ae0910357574195bffafef639ad8d628af7d88b40f649edd1af
a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030
a3e7c89de8ec9f11eee1605a0367e23585548b1deab4cca3a4a17d5a23a90f79
aab2bcdd09c5d88facad28f2d02e2af3bac56e9f374d6ca6de197b067271ddfd
ab59f550860dcea6de47b9999d6d9aa586f2cd631097691d013e90c61270b4ba
acae625046aa0fe15261f617550f17d264fe0973a66cd3e288164593c93a1598
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0829bf9fc129fec8d82f42f250ea8c69d93e3268409517fafa4ec562d2751bc
b70e41fab42b581a102986ad6f77628e1ce6da3f4fbeb834cd3787bb781921de
bf0d2fbc27d54a1df417599f2d14039a7fcd0df06803036e7bedcc7aa48f83b5
bfa7207f906f16335cb1847200dcf1d0b0e219787a20951f8237e553f049b3e1
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2ed4b80cc0bfd8b35c13b9becb418d96d58f9f44048b24d6e45dba4938cac69
c62da79cd6248b361a5ec0f35be37355b9a393a4a403d62164f19cede30cc695
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
c9f7593e87bc2aa85cb954a12099d50b3d76dc67fda1db0caf4b79148babe547
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cef03b539865449318bfe7bed94f457585231469aa7e3d2e92b979d65f85882b
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d45770679ca6b1dbc6a06e10851b6e617b5f496c88a888606ac93f860593aecb
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d88b7f23701564aa13b060c75c0ee86d0f5c78e807797bd5dd4fdf40a4482178
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dfbb5535db5ca9507c9e65a9e7afae6b1fc9e8765d65b5e891ce7665864c6d91
dfd6f1753f09e857fa6f209c78c5e27db570e8402484bbb2d416964f4d5ec3c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47350aede388ee98af5e3ed254afa05a942809b1c635e47b111301a495014a0
e6105ad2f6c3e71e41e51ec5f4e1f7e70d27847c16d531d41973774089268fec
e93615d603e6a17c1cf3c9ac03b1b9c42cf76194ef57ad79edceda1130f20a1b
eb5b89e2d0ed9a46e314258413f94639a16b2b5617103c3e4cb532aae014fc05
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ed508990efc3630ba5d70d90a54d3fa408ba901a756e7a79aa7cb2aa93e7ab6b
ef1817d84e065a21a5a13431f364c00c0cb17eb246a501beeeb1e9ca50913aee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2f7f242fee995f68f1b40eacb9f27ce53d583abf960ed7069b60289a87dcb38
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5cba1069ec5a0e941c10a297aa5629bd4d9127c2ab811d75be1bb9aa0094952
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fe46db1c1d61c88faecb670802a6e41a724046a76cfb92509daa8e31745658be

covidpayout.com Open in urlscan Pro 91.191.214.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

96 %HTTPS

90 %IPv6

19 Domains

22 Subdomains

21 IPs

1 Countries

2338 kBTransfer

7166 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

covidpayout.com Open in urlscan Pro
91.191.214.162 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

96 %
HTTPS

90 %
IPv6

19
Domains

22
Subdomains

21
IPs

1
Countries

2338 kB
Transfer

7166 kB
Size

4
Cookies

109 HTTP transactions
0 data transactions