lowermypayments.info Open in urlscan Pro
2606:4700:3037::6815:3a31 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lowermypayments.info/
Submission: On October 19 via api (October 19th 2024, 11:25:27 am UTC) from US — Scanned from DE

Summary HTTP 44 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 4 domains to perform 44 HTTP transactions. The main IP is 2606:4700:3037::6815:3a31, located in United States and belongs to CLOUDFLARENET, US. The main domain is lowermypayments.info.
TLS certificate: Issued by WE1 on September 5th 2024. Valid for: 3 months.

This is the only time lowermypayments.info was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3037::6815:3a31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	172.67.200.122 172.67.200.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
8	104.126.37.154 104.126.37.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	142.250.185.227 142.250.185.227	15169 (GOOGLE) (GOOGLE)
44	6

1 2606:4700:3037::6815:3a31 (United States)

ASN13335 (CLOUDFLARENET, US)

lowermypayments.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 172.67.200.122 (United States)

ASN13335 (CLOUDFLARENET, US)

lowermypayments.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.126.37.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-154.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	lowermypayments.info lowermypayments.info	400 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	141 KB
7	gstatic.com fonts.gstatic.com	173 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	4 KB
44	4

	Domain	Requested by
25	lowermypayments.info	lowermypayments.info
8	analytics.tiktok.com	lowermypayments.info analytics.tiktok.com
7	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	lowermypayments.info
44	4

This site contains links to these domains. Also see Links.

Domain
betteraffiliates.com
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
lowermypayments.info WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lowermypayments.info/
Frame ID: 370D310095BE071144A30369B3E53053
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Lower My Payments

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

44
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

2
Countries

717 kB
Transfer

1899 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://betteraffiliates.com/publishers/lowermypayments
Title: Affiliate Program

Search URL Search Domain Scan URL

URL: https://www.facebook.com/profile.php?id=61563877172543

Search URL Search Domain Scan URL

URL: https://www.instagram.com/lowermypayments.info/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

44 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
lowermypayments.info/ 312 KB
38 KB 820ms
709ms Document
text/html 2606:4700:3037::6815:3a31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17c7673d48529a1d1240377d0518fc214066fb13838ea9241aa29185e47fe307

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d5068299b881c05-FRA
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Sat, 19 Oct 2024 11:25:20 GMT
link: <https://lowermypayments.info/wp-json/>; rel="https://api.w.org/", <https://lowermypayments.info/wp-json/wp/v2/pages/16>; rel="alternate"; title="JSON"; type="application/json", <https://lowermypayments.info/>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8lq%2B6eecjDs0jt8bsNHvZReWzGqN3PBqv3mO2E9qbNoBNgMoAYVsamzqtjA3yc%2F4up55ELDs3j9Ks1md4Ry5aqGpg5kY2RaXfk1vjB%2FaqG0b1swjn4GcuHpQ5p%2BmBg%2B457zOlKAYbAQX7jfeTwep8RB3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=39070&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3949&recv_bytes=2292&delivery_rate=99684&cwnd=253&unsent_bytes=0&cid=d7cd4d0998db3292&ts=723&x=0"
vary: Accept-Encoding

GET
H3 200 landingpage-front.css
lowermypayments.info/wp-content/themes/thrive-theme/inc/assets/dist/ 723 B
1006 B 193ms
193ms Stylesheet
text/css 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/themes/thrive-theme/inc/assets/dist/landingpage-front.css?ver=10.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c8f12bbe479e3ff41b1b4cdb2ab43eb599de68f737c3a30685ab0a1c84639f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "2d3-62385770e0f6b-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Lm%2FKBDbejiEAIhc0J7FnTo2T26tFzqVkP5rxmBBf6ckuWZYu7fxMabXsrLhYxbz2ZMsq5OMJsoSVUP49X0KtSQknDugTytCd1uGLAnDySmSZb8PwQFxceCsXX0cP7Gz62eQhMO6eA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=14&recv=17&lost=0&retrans=0&sent_bytes=4233&recv_bytes=6790&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=868&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 21:53:15 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682e5e3861b7-ORD
accept-ranges: bytes
content-length: 307
server: cloudflare

GET
H3 200 style.css
lowermypayments.info/wp-content/themes/thrive-theme/ 18 KB
5 KB 195ms
194ms Stylesheet
text/css 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/themes/thrive-theme/style.css?ver=10.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 755b664b1a991945bf263d0284fb02d9fe6637ec06e8529f3d4e75e53c632cdb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "4850-62385770d4446-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R%2BvEJAYjALI6CybrtLk9xGoP3%2F8ouxItb%2FjXU9yfNSFeSgU8iFKrnzQiWy2vfY9j%2FKhyoIg6d0KJO%2BXJ2vdmdnZgAM%2B5vhJKNePspCQi63UrFUF1eMLWk4XMuSWQklSWkCfvi6g2sg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=15&recv=17&lost=0&retrans=0&sent_bytes=5262&recv_bytes=6790&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=871&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/css
last-modified: Wed, 02 Oct 2024 21:53:15 GMT
vary: Accept-Encoding
priority: u=0,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682e6e3961b7-ORD
accept-ranges: bytes
content-length: 4223
server: cloudflare

GET
H3 200 jquery.min.js Show response
lowermypayments.info/wp-includes/js/jquery/ 86 KB
30 KB 342ms
340ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "15601-61bdf1d919100-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BhpdL8%2B4JKwuripwNmciztcjUKRpU9f%2Bqc1kHWD6wkFNxggQuitjILHiUuPUtBQNfKJKs2ZaqzlFRa1AEGg2IhqKcnWBIaqPtVuahyO0PcW9Jzh44D0JeIkQ7Gjox5a2cRmHPtq%2FAA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=27&recv=17&lost=0&retrans=0&sent_bytes=16233&recv_bytes=6790&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=899&x=1", cfExtPri, cfHdrFlush;dur=105
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 13:29:08 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682e6e3b61b7-ORD
accept-ranges: bytes
content-length: 30368
server: cloudflare

GET
H3 200 jquery-migrate.min.js Show response
lowermypayments.info/wp-includes/js/jquery/ 13 KB
5 KB 196ms
195ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "3509-61bdf1d919100-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d6K%2BNusZ2%2Fyt9D6Gn1Wy4CmnRhhminsNVqkHMn49Z2nt11gS89Fh44uLoTccgJlOHk2%2BtO2LS8z5Oxr9Y2AmL9nkMGvh5xlVq1f6Li3zIiWWB3fZuyMABXIVN5OpRbcJngAj2%2BrFzw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=25&recv=17&lost=0&retrans=0&sent_bytes=14273&recv_bytes=6790&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=873&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 13:29:08 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682e6e3c61b7-ORD
accept-ranges: bytes
content-length: 4872
server: cloudflare

GET
H3 200 imagesloaded.min.js Show response
lowermypayments.info/wp-includes/js/ 5 KB
2 KB 196ms
195ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-includes/js/imagesloaded.min.js?ver=5.0.0
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1590-61bdf1d919100-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UzkMTkqL9QrpA3Aeh8sM1eOw8NBfOoz3tXzn56NpHIBE4X6407UkLojzxvlgxPc0xY5V3FLlqM9Ix%2FT8QnkOi7TqYBVfbfqSgOHoB2Aj7nbAuEWg12R7B55RjE5fxd9IqiBtTAvNng%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=20&recv=17&lost=0&retrans=0&sent_bytes=10276&recv_bytes=6790&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=872&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 13:29:08 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682e6e3d61b7-ORD
accept-ranges: bytes
content-length: 1803
server: cloudflare

GET
H3 200 masonry.min.js Show response
lowermypayments.info/wp-includes/js/ 24 KB
8 KB 472ms
471ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "5e4a-61bdf1d919100-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yY04rln6yfKDiUGIJln%2FhfOrDtllusD5dzDFGA6x5GYXY8SYopF99Z%2FyTcP2RchZ6h5v6TxILrkRYk5DG3Jn2MloL%2FRFNWMDzJp95bZ2IPamPATWuPmE3lpbqPwfZ%2BGINGl0p6V7g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=166177&sent=51&recv=26&lost=0&retrans=0&sent_bytes=38351&recv_bytes=8119&delivery_rate=57935&cwnd=22800&unsent_bytes=0&cid=59beea118fad9273&ts=1009&x=1", cfExtPri, cfHdrFlush;dur=22
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 13:29:08 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682f3ef961b7-ORD
accept-ranges: bytes
content-length: 7382
server: cloudflare

GET
H3 200 jquery.masonry.min.js Show response
lowermypayments.info/wp-includes/js/jquery/ 2 KB
1 KB 196ms
195ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "71b-61bdf1d919100-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y%2BRQgfGeUqomsCTfYScAgUzRiIMGMRnKDg2nz201D3WdPdwpINzsAJP8xRzJKATEKDL%2FySMiYFp8lIJWIeRotzUQmaM7rnuSuPdDmvb7zIc%2BUPO15XASxw0Wr7k1VmGM%2BgAmzHaVyA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=23&recv=17&lost=0&retrans=0&sent_bytes=12828&recv_bytes=6790&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=872&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Thu, 27 Jun 2024 13:29:08 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682e6e3e61b7-ORD
accept-ranges: bytes
content-length: 716
server: cloudflare

GET
H3 200 general.min.js Show response
lowermypayments.info/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 70 KB
24 KB 341ms
340ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/general.min.js?ver=10.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a03ed98cc5856510358f89e86b60c6a257b097d22be51fba7f74cfad03fef9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "116a7-62385754e04bd-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4eN8MmstOi39H5LCEu09crV6HDnwuvPngGFxlxybE%2B8%2Fu4TaVzuVzWNTGi3B0SMnidNTrMcXTda6E632yzC4UOxR8GZgPbU3Lx6xyT%2FiKPwiJze0OzdPDyBUzNtv8U5RbYS6Vqr7Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=27&recv=17&lost=0&retrans=0&sent_bytes=16233&recv_bytes=6790&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=901&x=1", cfExtPri, cfHdrFlush;dur=103
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Wed, 02 Oct 2024 21:52:45 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682e6e3f61b7-ORD
accept-ranges: bytes
content-length: 24002
server: cloudflare

GET
H3 200 frontend.min.js Show response
lowermypayments.info/wp-content/themes/thrive-theme/inc/assets/dist/ 29 KB
9 KB 489ms
488ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/themes/thrive-theme/inc/assets/dist/frontend.min.js?ver=10.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5413e060628a380610101bcbb4372b77fd4b6dfe7ebc91dc09e0c17c75382ebd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "733d-62385770e0f6b-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2k799eWOYyHSogFhw87YOdzWbMdqCtm9qh8vfgcF3kjpffXqdaCjfBDNElSslIimAifnQhWV06TYYKMabHNunmzjAKThxfb6R8cjp3%2BRykXwfPl2Ov%2F%2FBHPFz8DYTl0K5g6CAtYnVw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=27&recv=17&lost=0&retrans=0&sent_bytes=16233&recv_bytes=6790&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=874&x=1", cfExtPri, cfHdrFlush;dur=130
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Wed, 02 Oct 2024 21:53:15 GMT
vary: Accept-Encoding
priority: u=1,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682e6e4161b7-ORD
accept-ranges: bytes
content-length: 8489
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 41 KB
2 KB 147ms
53ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Literata:400,400i,600,600i,700,700i|Muli:400,400i,800,800i,700,700i,500,500i|Muli:400,600,300,800,700,200,900|Adamina:400|Muli:400,700,600,500,300,800,200,900,400i,500i,800i,700i,600i,300i,900i|Muli:700,400,600,500,300,800,200,900,300i,700i,400i,600i,500i,900i,800i,200i|Lato:300,700,900,400|Gentium+Basic:400,700&subset=latin&latin&display=swap&display=swap

Requested by

Host: lowermypayments.info
URL: https://lowermypayments.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9bba89f971060b753f37013c0724f1579b0cd98ba38b5d6a1de61bd7332c8878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 11:25:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 11:25:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 382 B
347 B 52ms
51ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Adamina:400&subset=latin

Requested by

Host: lowermypayments.info
URL: https://lowermypayments.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8a7c14c4003c18170697b1926844902863b09b7f8920f43995d149d2e3a073a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 11:25:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 11:25:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 18 KB
806 B 52ms
52ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700,600,500,300,800,200,900,400i,500i,800i,700i,600i,300i,900i&subset=latin&display=swap

Requested by

Host: lowermypayments.info
URL: https://lowermypayments.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

379186d917d21bacde8f66c96e23845df07da43ad74690a768ead00e782c4e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 11:25:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 11:25:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 Lower-my.png
lowermypayments.info/wp-content/uploads/2024/08/ 11 KB
12 KB 499ms
499ms Image
image/png 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowermypayments.info/wp-content/uploads/2024/08/Lower-my.png
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a626e31cbccff2b22dc27103eba7755ec193c842bd8d317696dfd68c87e294

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

cf-cache-status: MISS
etag: "2d2e-61fd24dd703c3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FgedCp5y7PN%2BdRXXMe3JMYZD4gPV68xRwQcODPg3PPZsqnVp8Zb8pXOkw82DFfE6GLtQ9pXj8W2TRrzjdw4Gx4vI8j%2FpHweb%2FCzCPtLTuBuQLBkGxy5eLcxoDDJShNPGe0F4m0VYg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=29&recv=19&lost=0&retrans=0&sent_bytes=16285&recv_bytes=7479&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=974&x=1", cfExtPri, cfHdrFlush;dur=30
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: image/png
last-modified: Fri, 16 Aug 2024 19:52:49 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682f0ec561b7-ORD
accept-ranges: bytes
content-length: 11566
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 19 KB
823 B 54ms
54ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:700,400,600,500,300,800,200,900,300i,700i,400i,600i,500i,900i,800i,200i&subset=latin&display=swap

Requested by

Host: lowermypayments.info
URL: https://lowermypayments.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c356ec1be6eb99f855c0355bdc2c3cd3a10e7ed55c0f0c342c5c371961aaa436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sat, 19 Oct 2024 11:25:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sat, 19 Oct 2024 11:25:21 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 lowermypayments-logo-2.png
lowermypayments.info/wp-content/uploads/2024/07/ 35 KB
36 KB 438ms
437ms Image
image/png 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowermypayments.info/wp-content/uploads/2024/07/lowermypayments-logo-2.png
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a53e7cec2d1b27db51382f98dbe681024962bb7357c23df90e05a2f0d2b79db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

cf-cache-status: MISS
etag: "8c50-61d8d6a7392de"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYNpf4YlMXrHST8FjHc3aBfjvVYdFrmatIso05HYfYmgDAnFMoiNC%2BNCFG2sdXQr8ZET9JB8qSmilxQtO3k%2FymMmdm3fAFyWGBs7UKFH5f1dvS3u1MCpzEU2BdVUsTA0vu0XONaQLA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=169910&sent=53&recv=27&lost=0&retrans=0&sent_bytes=40311&recv_bytes=8163&delivery_rate=61853&cwnd=24000&unsent_bytes=0&cid=59beea118fad9273&ts=1052&x=1", cfExtPri, cfHdrFlush;dur=96
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: image/png
last-modified: Thu, 18 Jul 2024 22:51:13 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682f6f2661b7-ORD
accept-ranges: bytes
content-length: 35920
server: cloudflare

GET
H3 200 video.min.js Show response
lowermypayments.info/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 20 KB
7 KB 189ms
188ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/video.min.js?v=10.2.2&ver=10.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c72893a9b3d17c504d254448eb281f6948ac97cf25a5240b5bbda2889a26920

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "4fa1-62385754e145e-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2F%2B0FVzC4hO1zk41RyHN%2BQRV609SJEHoH8AdG0ix9G16TvQMXx92%2FrUd0ykk6zKLh9S10EP6vluT3ymz4lt1Dn2p%2FN71KS6ODK%2B3Gs3QWLBSRcKpTgvxkCr9p92DjPmapI026vUZqw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=134449&sent=155&recv=78&lost=0&retrans=0&sent_bytes=147853&recv_bytes=12906&delivery_rate=507614&cwnd=81600&unsent_bytes=0&cid=59beea118fad9273&ts=1474&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Wed, 02 Oct 2024 21:52:45 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d506832296761b7-ORD
accept-ranges: bytes
content-length: 6407
server: cloudflare

GET
H3 200 tracking-visits.js Show response
lowermypayments.info/wp-content/plugins/cross-domain-tracker-for-affiliatewp/assets/js/ 2 KB
1 KB 191ms
190ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/plugins/cross-domain-tracker-for-affiliatewp/assets/js/tracking-visits.js?ver=1.0.4
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be7c8d74625ebfb7e94bbeedfbb65ba6bfe37e019cc1e5a95c05afc3bf3b34b7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "820-620d5606864bf-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zug%2BZX%2BGJWYzVw9IYiavkPN0iXA3czq48BNW1DTQ3duph0ypAQC1tgtmabFfyqdEPuOBBFFCW8Wx%2BsMIkZuRhu2W4qa36S85BR5Nr9U%2BJuiNS2QLGwKGbVdc8ST8I7yVFPAzMJt3Og%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=134449&sent=162&recv=78&lost=0&retrans=0&sent_bytes=155117&recv_bytes=12906&delivery_rate=507614&cwnd=81600&unsent_bytes=0&cid=59beea118fad9273&ts=1477&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Thu, 29 Aug 2024 16:57:57 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d506832396861b7-ORD
accept-ranges: bytes
content-length: 751
server: cloudflare

GET
H3 200 frontend.min.js Show response
lowermypayments.info/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/ 2 KB
2 KB 192ms
191ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/themes/thrive-theme/thrive-dashboard/js/dist/frontend.min.js?ver=10.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8109773f354963ab77668f0b5d65d2b0c82f27917a994d1cc50a4ea43c00749e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "825-623857712a369-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BleVBQdkq8RhxVk1Yhh3Fx3%2BzVDqK89oliqZe6BINjCxm%2B01oZykw%2F31YVTGmW51C4DJZs%2B5AusHhisgf2g5RmrCph%2B996%2Bd80ScNx4ZK0WWfEHoNN%2BoX0gvt%2F297epR36mAVwg63w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=134449&sent=164&recv=78&lost=0&retrans=0&sent_bytes=156604&recv_bytes=12906&delivery_rate=507614&cwnd=81600&unsent_bytes=0&cid=59beea118fad9273&ts=1477&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Wed, 02 Oct 2024 21:53:15 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d506832396961b7-ORD
accept-ranges: bytes
content-length: 994
server: cloudflare

GET
H3 200 menu.min.js Show response
lowermypayments.info/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 15 KB
5 KB 193ms
192ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/menu.min.js?v=10.2.2&ver=10.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a6484d2753269a4a3b2ce8017d03d2ae957e4305e3b176f46f5632d2e8116

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "3c58-62385754e04bd-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kx4k5xOXZ4q9UYfFnxB5OlH5s%2BaDJ13fdZVGGtpIvG4%2BVSHOTNllrLf%2BJobizXAv2SDIuI8%2B94n1BccYSCZTMroEqZboRbNEas6pSkrdwruEM1fyt20diRhxqL1W10fXSwqhDJHs7g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=134449&sent=166&recv=78&lost=0&retrans=0&sent_bytes=158336&recv_bytes=12906&delivery_rate=507614&cwnd=81600&unsent_bytes=0&cid=59beea118fad9273&ts=1477&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Wed, 02 Oct 2024 21:52:45 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d506832396a61b7-ORD
accept-ranges: bytes
content-length: 4878
server: cloudflare

GET
H3 200 social-share.min.js Show response
lowermypayments.info/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/ 6 KB
3 KB 168ms
167ms Script
text/javascript 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/plugins/thrive-visual-editor/editor/js/dist/modules/social-share.min.js?v=10.2.2&ver=10.2.2
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acfc1f89313411d254af6bb6b1721718fa6fab02a266784ad743fe37abb370a8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: "1836-62385754e145e-gzip"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WPPIyhvlFgTeqEIJu7FZEDItbJnKYclcDF%2FR7JOxJuEUUXVrWIC8nFwR45wnsv8QDB5KuTjgpPfwlsk5inSf%2Blx2UWLqJARcg5GH9dwqJ3NRB5CtKCZ9fRoGTR9JgYRA0OvsvSMbYg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=134449&sent=151&recv=77&lost=0&retrans=0&sent_bytes=144768&recv_bytes=12584&delivery_rate=507614&cwnd=81600&unsent_bytes=0&cid=59beea118fad9273&ts=1453&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: text/javascript
last-modified: Wed, 02 Oct 2024 21:52:45 GMT
vary: Accept-Encoding
priority: u=2,i=?0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d506832396b61b7-ORD
accept-ranges: bytes
content-length: 2302
server: cloudflare

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 261ms
160ms Script
application/javascript 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CQ27A6RC77UF05LNB13G&lib=ttq
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 48506ba426566b49dad67bef6fb2316a5695016cda4be4009c73896af50892cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
expires: Sat, 19 Oct 2024 11:25:21 GMT
server-timing: inner; dur=17, cdn-cache; desc=MISS, edge; dur=2, origin; dur=109
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 311a3b33
x-tt-trace-host: 01a0ea059f23f39c7a5ebb4a19940e52db73e426f72f36921d92e85706838db188be5a36fbc65b8a28d67c41d2f0aecd3f9cd7e9ccd6083c02a56591093a7c833e25a99cee3e92f44be131a4bb28f50369153e4f7c3f5247805aa607ebd0839a8b
x-origin-response-time: 110,104.126.37.141
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241019112521B0A14F0D16ABF4A0D3E7-2BE09BEB4B72D197-00
content-length: 1911
x-tt-logid: 20241019112521B0A14F0D16ABF4A0D3E7
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 257ms
157ms Script
application/javascript 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CS01I7JC77U61CV1MPGG&lib=ttq
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9e5f265f520cdc06ae790202cd802c78ec42aa5f7ae7deadafea44d5baa42993

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

content-encoding: gzip
expires: Sat, 19 Oct 2024 11:25:21 GMT
server-timing: inner; dur=14, cdn-cache; desc=MISS, edge; dur=1, origin; dur=107
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 311a3b34
x-tt-trace-host: 01a0ea059f23f39c7a5ebb4a19940e52db73e426f72f36921d92e85706838db188ac2f821fbc18cc9298e9d5574a570bfc8bc147b20e12be8408ca6a0c54166a79e2d3cb14e26126a93ca5d452b454ce07906a6e986b75daf4b25e887c4e9612d1
x-origin-response-time: 108,104.126.37.141
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2410191125216038B70CEAB5C8285212-1DE5C63C836EA016-00
x-tt-logid: 202410191125216038B70CEAB5C8285212
server: nginx

GET
H3 200 outofdebt.jpg
lowermypayments.info/wp-content/uploads/2024/07/ 100 KB
101 KB 237ms
237ms Image
image/jpeg 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowermypayments.info/wp-content/uploads/2024/07/outofdebt.jpg
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a27db50d60e3ca8614ad4f4cabcf6ca32519598cb010ded54540130e9789657

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

cf-cache-status: MISS
etag: "19047-61d79a041194f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FnqAJoXkDedwCPxhrJ7jCP3EWjt3z4l2vfWlO9TswR%2F77U8nLJuuehHGE8hhyvK0%2BxxD4HvU983l%2ByOvsVEwQXhGnmdmhpFnESMvnUSRkrpxipdO6Kf%2FzrH9T8WJW4F64xszS7hxyw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=134449&sent=181&recv=78&lost=0&retrans=0&sent_bytes=176021&recv_bytes=12906&delivery_rate=507614&cwnd=81600&unsent_bytes=0&cid=59beea118fad9273&ts=1535&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: image/jpeg
last-modified: Wed, 17 Jul 2024 23:14:37 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d506832497861b7-ORD
accept-ranges: bytes
content-length: 102471
server: cloudflare

GET
H3 200 YouTube-Channel-Banner-Facebook-Cover.jpg
lowermypayments.info/wp-content/uploads/2024/07/ 107 KB
108 KB 235ms
235ms Image
image/jpeg 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowermypayments.info/wp-content/uploads/2024/07/YouTube-Channel-Banner-Facebook-Cover.jpg
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c667d866f52f7e1be3c81a6c38e4f15fce3cda71d0dda0d992e43679b1e8e0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

cf-cache-status: MISS
etag: "1aca3-61d9c42491c8d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=udxz9ugYOx%2BKExo77t%2FE0tTDwFUsDeUsuCJvXlhwD%2Bl7WCzw1L7bjjJ7j931SKnGNE1KLbdU5UD3sTHFEERqaMa2lXtYok86V2xzK6%2BmfDVBl9fgq6egl0K%2BpZ6dv1QiU7L3URtvoA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=134449&sent=171&recv=78&lost=0&retrans=0&sent_bytes=164021&recv_bytes=12906&delivery_rate=507614&cwnd=81600&unsent_bytes=0&cid=59beea118fad9273&ts=1535&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: image/jpeg
last-modified: Fri, 19 Jul 2024 16:33:44 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d506832497a61b7-ORD
accept-ranges: bytes
content-length: 109731
server: cloudflare

GET
H3 200 j8_r6-DH1bjoc-dwi-3UEA.woff2
fonts.gstatic.com/s/adamina/v21/ 28 KB
28 KB 101ms
51ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/adamina/v21/j8_r6-DH1bjoc-dwi-3UEA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Literata:400,400i,600,600i,700,700i|Muli:400,400i,800,800i,700,700i,500,500i|Muli:400,600,300,800,700,200,900|Adamina:400|Muli:400,700,600,500,300,800,200,900,400i,500i,800i,700i,600i,300i,900i|Muli:700,400,600,500,300,800,200,900,300i,700i,400i,600i,500i,900i,800i,200i|Lato:300,700,900,400|Gentium+Basic:400,700&subset=latin&latin&display=swap&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

001e01743c8decedc83106cf24adfa3a97369faaa9377c42f67edf0acac860e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://lowermypayments.info
Referer: https://fonts.googleapis.com/

Response headers

age: 390681
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 14 Oct 2025 22:54:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 22:54:00 GMT
last-modified: Tue, 19 Apr 2022 19:13:59 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29112
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 143ms
93ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://lowermypayments.info
Referer: https://fonts.googleapis.com/

Response headers

age: 286911
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:43:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:43:30 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 128ms
79ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://lowermypayments.info
Referer: https://fonts.googleapis.com/

Response headers

age: 400803
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 14 Oct 2025 20:05:18 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 14 Oct 2024 20:05:18 GMT
last-modified: Tue, 02 May 2023 15:08:26 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23236
x-xss-protection: 0
server: sffe

GET
H3 200 Wnz9HAw9aB_JD2VGQVR80We3LA2JiA.woff2
fonts.gstatic.com/s/gentiumbasic/v18/ 22 KB
22 KB 114ms
65ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gentiumbasic/v18/Wnz9HAw9aB_JD2VGQVR80We3LA2JiA.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

d797eb315470e8d46f5253a69a148138ba87353a08d2e566c1b35fb58ae152d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://lowermypayments.info
Referer: https://fonts.googleapis.com/

Response headers

age: 380102
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 01:50:19 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 01:50:19 GMT
last-modified: Mon, 18 Jul 2022 19:39:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22300
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 22 KB
22 KB 93ms
45ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://lowermypayments.info
Referer: https://fonts.googleapis.com/

Response headers

age: 286516
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:50:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:50:05 GMT
last-modified: Tue, 02 May 2023 15:12:45 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22504
x-xss-protection: 0
server: sffe

GET
H3 200 WnzgHAw9aB_JD2VGQVR80We3JLasnT0ebQ.woff2
fonts.gstatic.com/s/gentiumbasic/v18/ 23 KB
23 KB 176ms
128ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gentiumbasic/v18/WnzgHAw9aB_JD2VGQVR80We3JLasnT0ebQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

93fee62a91f4982e7e8b93a0f1e19d1d2d99bbdd7c8cf5f4bfee53368fe26032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://lowermypayments.info
Referer: https://fonts.googleapis.com/

Response headers

age: 287347
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:36:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:36:14 GMT
last-modified: Mon, 18 Jul 2022 19:21:41 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23092
x-xss-protection: 0
server: sffe

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v29/ 32 KB
32 KB 157ms
109ms Font
font/woff2 142.250.185.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f3.1e100.net

Software

sffe /

Resource Hash

f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://lowermypayments.info
Referer: https://fonts.googleapis.com/

Response headers

age: 287045
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:41:16 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:41:16 GMT
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 32796
x-xss-protection: 0
server: sffe

GET
H3 206 lower-my-payments-vsl1.mp4
lowermypayments.info/wp-content/uploads/2024/07/ 56 KB
0 298ms
283ms Media
video/mp4 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/uploads/2024/07/lower-my-payments-vsl1.mp4
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://lowermypayments.info/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cf-cache-status: MISS
etag: "7f3e27-61d798e55241e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLub8G%2FQCE5bWc9hPtHad3J0hOJep7%2BivFrW8tT2f%2BqUw4U1HP0Xq3xrofrU3f7DbTEnRRCup%2Fc4mVcQ4SksRQiDgH6Qig72OcnxBSDgXK4FMd55cNuCXD1HKfcLuTwnz%2BQfV%2FzkqA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=134449&sent=224&recv=78&lost=0&retrans=0&sent_bytes=226393&recv_bytes=12906&delivery_rate=507614&cwnd=81600&unsent_bytes=0&cid=59beea118fad9273&ts=1542&x=1", cfExtPri, cfHdrFlush;dur=68
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: video/mp4
last-modified: Wed, 17 Jul 2024 23:09:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-8338982/8338983
cf-ray: 8d50683279ae61b7-ORD
Content-Length: 8338983
server: cloudflare

GET
DATA 200
OK truncated
/ 831 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1a8e20702359766cdfc422378da0c7661ac827394dabac87883131f39352e18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://lowermypayments.info
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 Lower-my.png
lowermypayments.info/wp-content/uploads/2024/08/ 11 KB
0 5ms
5ms Image
image/png 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowermypayments.info/wp-content/uploads/2024/08/Lower-my.png
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17a626e31cbccff2b22dc27103eba7755ec193c842bd8d317696dfd68c87e294

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

cf-cache-status: MISS
etag: "2d2e-61fd24dd703c3"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W%2FgedCp5y7PN%2BdRXXMe3JMYZD4gPV68xRwQcODPg3PPZsqnVp8Zb8pXOkw82DFfE6GLtQ9pXj8W2TRrzjdw4Gx4vI8j%2FpHweb%2FCzCPtLTuBuQLBkGxy5eLcxoDDJShNPGe0F4m0VYg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=131351&sent=29&recv=19&lost=0&retrans=0&sent_bytes=16285&recv_bytes=7479&delivery_rate=178&cwnd=12000&unsent_bytes=0&cid=59beea118fad9273&ts=974&x=1", cfExtPri, cfHdrFlush;dur=30
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: image/png
last-modified: Fri, 16 Aug 2024 19:52:49 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682f0ec561b7-ORD
accept-ranges: bytes
content-length: 11566
server: cloudflare

GET
H3 200 lowermypayments-logo-2.png
lowermypayments.info/wp-content/uploads/2024/07/ 35 KB
0 6ms
6ms Image
image/png 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lowermypayments.info/wp-content/uploads/2024/07/lowermypayments-logo-2.png
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a53e7cec2d1b27db51382f98dbe681024962bb7357c23df90e05a2f0d2b79db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

cf-cache-status: MISS
etag: "8c50-61d8d6a7392de"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TYNpf4YlMXrHST8FjHc3aBfjvVYdFrmatIso05HYfYmgDAnFMoiNC%2BNCFG2sdXQr8ZET9JB8qSmilxQtO3k%2FymMmdm3fAFyWGBs7UKFH5f1dvS3u1MCpzEU2BdVUsTA0vu0XONaQLA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=169910&sent=53&recv=27&lost=0&retrans=0&sent_bytes=40311&recv_bytes=8163&delivery_rate=61853&cwnd=24000&unsent_bytes=0&cid=59beea118fad9273&ts=1052&x=1", cfExtPri, cfHdrFlush;dur=96
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: image/png
last-modified: Thu, 18 Jul 2024 22:51:13 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d50682f6f2661b7-ORD
accept-ranges: bytes
content-length: 35920
server: cloudflare

GET
H2 200 main.MWMyZjYwMzkyMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
94 KB 52ms
51ms Script
application/javascript 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CS01I7JC77U61CV1MPGG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 024cecf02ce9859e23c765efbdfc968e52b3116b98763099c411d9ca204f4792

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-2410171143345A701332956A3A3037A2-1A7D5CD830BEC42D-00
content-length: 95411
date: Sat, 19 Oct 2024 11:25:21 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202410171143345A701332956A3A3037A2
server: nginx
x-akamai-request-id: 311a3d76
x-tt-trace-host: 01abf8a3e254c20892dbdba9cab5d1e942b7b3464e9d70ab50ca344d2aad3ac778f594b66f8e81fb6f2131213fef4e883fbb8f4c2e400387410889105033aea2466b4ef64a7676b05d52f440312537b02126c229d11988621d7ca86ab61120bd49

GET
H3 206 lower-my-payments-vsl1.mp4
lowermypayments.info/wp-content/uploads/2024/07/ 96 KB
0 290ms
142ms Media
video/mp4 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/uploads/2024/07/lower-my-payments-vsl1.mp4
Requested by: Host: lowermypayments.info
URL: https://lowermypayments.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://lowermypayments.info/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=196608-

Response headers

cf-cache-status: HIT
etag: "7f3e27-61d798e55241e"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CJ8TfwS9oJz5ZKtYZVpgwO0cRp1o%2Fd4XGgECurrOTXbfJrDFj9xcKPLAmdGtcMqZnFMbxVqcJ4zH6Jiu3E1fTC41FbOHPGogQaS93jiF2GZa4ioAjqhBKb9FyyNCS9cDeJJUixCTg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=136961&sent=1050&recv=127&lost=0&retrans=0&sent_bytes=1200939&recv_bytes=15785&delivery_rate=1907778&cwnd=554400&unsent_bytes=0&cid=59beea118fad9273&ts=1956&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:22 GMT
content-type: video/mp4
last-modified: Wed, 17 Jul 2024 23:09:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 196608-8338982/8338983
cf-ray: 8d5068357c0f61b7-ORD
Content-Length: 8142375
server: cloudflare

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 106ms
106ms Script
application/javascript 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

x-cache: TCP_MEM_HIT from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-240830022527CBF5A6BDAC95BF85457C-5FCCE23284D5383A-00
content-length: 39498
date: Sat, 19 Oct 2024 11:25:22 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20240830022527CBF5A6BDAC95BF85457C
server: nginx
x-akamai-request-id: 311a3fd0
x-tt-trace-host: 019cd81d430e382d22765268805daf2a1ed00bbf855ae9ed467d1da7885edad72cb00cb70985005c1de089a0a7fbb52c36fd8d02a4d9f7ae6ff597e3efb941b9bf875b60c3d790a2a84eec0c13cb20e8bea64ceb5ee2071c300573373bbc3698de

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
715 B 233ms
232ms Ping
text/plain 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://lowermypayments.info/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sat, 19 Oct 2024 11:25:22 GMT
server-timing: inner; dur=30, cdn-cache; desc=MISS, edge; dur=9, origin; dur=132
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sat, 19 Oct 2024 11:25:22 GMT
x-akamai-request-id: 311a3fd1
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01a0ea059f23f39c7a5ebb4a19940e52db73e426f72f36921d92e85706838db188aa1e74a996c993d42730191749f5fbfbebc9ed9b223892a8fb3900428f3a5c042a899d15688f8ba5a350d0cfacda2e8314212a3e252ebc81c9540f0eaa485f2c
x-origin-response-time: 133,104.126.37.141
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410191125225121A9A3677C91275B3D-7D211E4766362193-00
content-length: 0
x-tt-logid: 202410191125225121A9A3677C91275B3D
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
718 B 245ms
243ms Ping
text/plain 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://lowermypayments.info/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sat, 19 Oct 2024 11:25:22 GMT
server-timing: inner; dur=29, cdn-cache; desc=MISS, edge; dur=10, origin; dur=136
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sat, 19 Oct 2024 11:25:22 GMT
x-akamai-request-id: 311a3fd2
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01a0ea059f23f39c7a5ebb4a19940e52db73e426f72f36921d92e85706838db188ac2f821fbc18cc9298e9d5574a570bfc8bc147b20e12be8408ca6a0c54166a7977f54c6c0761dae1064c39b505337f21c32c45f243ef14c88ca89f790f81afac
x-origin-response-time: 137,104.126.37.141
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410191125226038B70CEAB5C8285232-1DE5C63C836EA0AD-00
content-length: 0
x-tt-logid: 202410191125226038B70CEAB5C8285232
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
718 B 380ms
379ms Ping
text/plain 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://lowermypayments.info/

Response headers

access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sat, 19 Oct 2024 11:25:22 GMT
server-timing: inner; dur=190, cdn-cache; desc=MISS, edge; dur=9, origin; dur=278
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sat, 19 Oct 2024 11:25:22 GMT
x-akamai-request-id: 311a3fd4
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01a0ea059f23f39c7a5ebb4a19940e52db73e426f72f36921d92e85706838db188a10791e62c5a58f94a1e88aeff10369d72e18dd2f3030a985a27b97e7784bc18f052c4f5c0848eda17636ce4f25b0926bcd48534eed08cb0aeb29a4bc9bb03bd
x-origin-response-time: 278,104.126.37.141
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241019112522197B9F459BCDE0C1C9AB-76029539882480EA-00
content-length: 0
x-tt-logid: 20241019112522197B9F459BCDE0C1C9AB
server: nginx

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
873 B 227ms
225ms Ping
text/plain 104.126.37.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWMyZjYwMzkyMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.126.37.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-126-37-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://lowermypayments.info/

Response headers

x-cache-remote: TCP_MISS from a184-28-17-75.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Sat, 19 Oct 2024 11:25:22 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=60, inner; dur=57
x-cache: TCP_MISS from a104-126-37-141.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Sat, 19 Oct 2024 11:25:22 GMT
x-akamai-request-id: 38f4e95b.311a420e
access-control-allow-headers: Authorization,*
x-tt-trace-host: 01a0ea059f23f39c7a5ebb4a19940e52db44f25c0b8792d8c2810e0d6d2ffbf7533a5c623d069958e2209f8adbc27698761b1256434cd822420b66ad7a87b812f1475b2487a66dc2f3246f9b99ee6095391053f2f7e473a0bfeb19b6cf900373ad0aa0fc3b5ad826a2cd69eb87524c0efb
x-origin-response-time: 60,184.28.17.75
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-24101911252239AEF71038328B2D2DAE-3B51CA3B46A20B32-00
content-length: 0
x-parent-response-time: 148,104.126.37.141
x-tt-logid: 2024101911252239AEF71038328B2D2DAE
server: nginx

GET
H3 206 lower-my-payments-vsl1.mp4
lowermypayments.info/wp-content/uploads/2024/07/ 98 KB
0 1ms
1ms Media
video/mp4 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/wp-content/uploads/2024/07/lower-my-payments-vsl1.mp4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://lowermypayments.info/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=294912-

Response headers

cf-cache-status: HIT
etag: "7f3e27-61d798e55241e"
age: 1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2CJ8TfwS9oJz5ZKtYZVpgwO0cRp1o%2Fd4XGgECurrOTXbfJrDFj9xcKPLAmdGtcMqZnFMbxVqcJ4zH6Jiu3E1fTC41FbOHPGogQaS93jiF2GZa4ioAjqhBKb9FyyNCS9cDeJJUixCTg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=136961&sent=1050&recv=127&lost=0&retrans=0&sent_bytes=1200939&recv_bytes=15785&delivery_rate=1907778&cwnd=554400&unsent_bytes=0&cid=59beea118fad9273&ts=1956&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sat, 19 Oct 2024 11:25:22 GMT
content-type: video/mp4
last-modified: Wed, 17 Jul 2024 23:09:36 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 294912-8338982/8338983
cf-ray: 8d5068357c0f61b7-ORD
Content-Length: 8044071
server: cloudflare

GET
H3 200 favicon.ico
lowermypayments.info/ 0
744 B 329ms
323ms Other
text/html 172.67.200.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lowermypayments.info/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.200.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://lowermypayments.info/

Response headers

server: cloudflare
link: <https://lowermypayments.info/wp-json/>; rel="https://api.w.org/"
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3efAh02i4XIZT393%2FPKL9%2BitRD%2FyESf8tLPx%2FC2qeNexcyaplFunRnywLLJ%2B4HHFexIYvfG0oXMAYjFrhxmGbM8h2rj9WrpBNlkJpm3QMU%2B6L4aXceNbizaSIdinnWQutXiDeRpC%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d5068372d2b61b7-ORD
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=158604&sent=2976&recv=320&lost=215&retrans=199&sent_bytes=3493898&recv_bytes=26479&delivery_rate=3339738&cwnd=553308&unsent_bytes=0&cid=59beea118fad9273&ts=2390&x=1", cfExtPri, cfHdrFlush;dur=8
date: Sat, 19 Oct 2024 11:25:22 GMT
content-type: text/html; charset=UTF-8
last-modified: Sat, 19 Oct 2024 11:25:22 GMT
vary: Accept-Encoding
priority: u=1,i

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tiktok.com/	1970-01-21 09:43:53	Name: _ttp Value: 2neck622kDiwv0zYmz5E30G1oNH
.lowermypayments.info/	1970-01-21 09:43:53	Name: _tt_enable_cookie Value: 1
.lowermypayments.info/	1970-01-21 09:43:53	Name: _ttp Value: gS2GhurU2qsgEhlSz8RlPIyGIPv

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
fonts.googleapis.com
fonts.gstatic.com
lowermypayments.info
104.126.37.154
142.250.185.227
172.67.200.122
2606:4700:3037::6815:3a31
2a00:1450:4001:808::200a
001e01743c8decedc83106cf24adfa3a97369faaa9377c42f67edf0acac860e4
024cecf02ce9859e23c765efbdfc968e52b3116b98763099c411d9ca204f4792
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
0c72893a9b3d17c504d254448eb281f6948ac97cf25a5240b5bbda2889a26920
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
14a03ed98cc5856510358f89e86b60c6a257b097d22be51fba7f74cfad03fef9
17a626e31cbccff2b22dc27103eba7755ec193c842bd8d317696dfd68c87e294
17c7673d48529a1d1240377d0518fc214066fb13838ea9241aa29185e47fe307
1a27db50d60e3ca8614ad4f4cabcf6ca32519598cb010ded54540130e9789657
1c8f12bbe479e3ff41b1b4cdb2ab43eb599de68f737c3a30685ab0a1c84639f4
379186d917d21bacde8f66c96e23845df07da43ad74690a768ead00e782c4e5d
3a53e7cec2d1b27db51382f98dbe681024962bb7357c23df90e05a2f0d2b79db
48506ba426566b49dad67bef6fb2316a5695016cda4be4009c73896af50892cd
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5413e060628a380610101bcbb4372b77fd4b6dfe7ebc91dc09e0c17c75382ebd
755b664b1a991945bf263d0284fb02d9fe6637ec06e8529f3d4e75e53c632cdb
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
8109773f354963ab77668f0b5d65d2b0c82f27917a994d1cc50a4ea43c00749e
8a7c14c4003c18170697b1926844902863b09b7f8920f43995d149d2e3a073a8
8c667d866f52f7e1be3c81a6c38e4f15fce3cda71d0dda0d992e43679b1e8e0a
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93fee62a91f4982e7e8b93a0f1e19d1d2d99bbdd7c8cf5f4bfee53368fe26032
9bba89f971060b753f37013c0724f1579b0cd98ba38b5d6a1de61bd7332c8878
9e5f265f520cdc06ae790202cd802c78ec42aa5f7ae7deadafea44d5baa42993
acfc1f89313411d254af6bb6b1721718fa6fab02a266784ad743fe37abb370a8
b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1
ba4a6484d2753269a4a3b2ce8017d03d2ae957e4305e3b176f46f5632d2e8116
be7c8d74625ebfb7e94bbeedfbb65ba6bfe37e019cc1e5a95c05afc3bf3b34b7
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c356ec1be6eb99f855c0355bdc2c3cd3a10e7ed55c0f0c342c5c371961aaa436
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d797eb315470e8d46f5253a69a148138ba87353a08d2e566c1b35fb58ae152d9
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e1a8e20702359766cdfc422378da0c7661ac827394dabac87883131f39352e18
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

lowermypayments.info Open in urlscan Pro 2606:4700:3037::6815:3a31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

44 Requests

100 %HTTPS

40 %IPv6

4 Domains

4 Subdomains

6 IPs

2 Countries

717 kBTransfer

1899 kBSize

3 Cookies

3 Outgoing links

Redirected requests

44 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lowermypayments.info Open in urlscan Pro
2606:4700:3037::6815:3a31 Public Scan

Screenshot
Live screenshot

Full Image

44
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

2
Countries

717 kB
Transfer

1899 kB
Size

3
Cookies

44 HTTP transactions
1 data transactions