www.paykpal.com Open in urlscan Pro
156.245.121.80 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paykpal.com/donald/letsgetit/app/login
Effective URL:
http://www.paykpal.com/donald/letsgetit/app/login
Submission: On November 04 via api (November 4th 2024, 2:44:40 am UTC) from US — Scanned from US

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 17 domains to perform 89 HTTP transactions. The main IP is 156.245.121.80, located in Hong Kong and belongs to HQTC-AS-AP qlhost, TW. The main domain is www.paykpal.com.

This is the only time www.paykpal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12 44	156.245.121.80 156.245.121.80	142062 (HQTC-AS-A...) (HQTC-AS-AP qlhost)
1	2607:f8b0:400... 2607:f8b0:400d:c09::5f	15169 (GOOGLE) (GOOGLE)
1	156.245.118.66 156.245.118.66	35916 (MULTA-ASN1) (MULTA-ASN1)
11	198.164.157.202 198.164.157.202	611 (NECN-1-611) (NECN-1-611)
5	2a03:2880:f00... 2a03:2880:f003:c0e:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:1408:c40... 2600:1408:c400:25::17da:d9b0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:400d:c04::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c07::64	15169 (GOOGLE) (GOOGLE)
2	14.215.182.140 14.215.182.140	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	112.34.113.148 112.34.113.148	9808 (CHINAMOBI...) (CHINAMOBILE-CN China Mobile Communications Group Co.)
1	2607:f8b0:400... 2607:f8b0:400d:c07::5e	15169 (GOOGLE) (GOOGLE)
1	194.147.98.206 194.147.98.206	201106 (SPARTANHOST) (SPARTANHOST)
4 6	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2607:f8b0:400... 2607:f8b0:400d:c07::63	15169 (GOOGLE) (GOOGLE)
4	3.228.158.18 3.228.158.18	14618 (AMAZON-AES) (AMAZON-AES)
5	23.212.248.154 23.212.248.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a03:2880:f10... 2a03:2880:f103:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	14.215.182.161 14.215.182.161	4134 (CHINANET-...) (CHINANET-BACKBONE No.31)
1	2607:f8b0:400... 2607:f8b0:400d:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400d:c04::64	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400d:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	173.223.163.214 173.223.163.214	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
89	24

44 156.245.121.80 (Hong Kong) 12 redirects

ASN142062 (HQTC-AS-AP qlhost, TW)

paykpal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.paykpal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c09::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 156.245.118.66 (Hong Kong)

ASN35916 (MULTA-ASN1, US)

156.245.118.66	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 198.164.157.202 (Moncton, Canada)

ASN611 (NECN-1-611, CA)

nbcc.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:25::17da:d9b0 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:400d:c04::61 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::64 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.215.182.140 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 112.34.113.148 (China)

ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN)

push.zhanzhang.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 194.147.98.206 (Seattle, United States)

ASN201106 (SPARTANHOST, GB)

6htv99.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c07::63 (Morganton, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.228.158.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-158-18.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.212.248.154 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-212-248-154.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 14.215.182.161 (Guangzhou, China)

ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN)

api.share.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c00::9b (Morganton, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400d:c04::64 (Morganton, United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0b::9a (Morganton, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.163.214 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a173-223-163-214.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	paykpal.com 12 redirects paykpal.com www.paykpal.com	317 KB
11	nbcc.ca nbcc.ca	855 KB
7	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 www.linkedin.com — Cisco Umbrella Rank: 646 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	4 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	137 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	85 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	412 B
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 2579	10 KB
4	google.com www.google.com — Cisco Umbrella Rank: 3 analytics.google.com — Cisco Umbrella Rank: 147	64 B
4	baidu.com hm.baidu.com — Cisco Umbrella Rank: 13307 push.zhanzhang.baidu.com — Cisco Umbrella Rank: 213841 api.share.baidu.com — Cisco Umbrella Rank: 192651	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	321 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	3 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	22 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 8268	839 B
1	6htv99.com 6htv99.com
1	gstatic.com fonts.gstatic.com	18 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	3 KB
89	17

	Domain	Requested by
43	www.paykpal.com	11 redirects www.paykpal.com
11	nbcc.ca	www.paykpal.com
5	analytics.tiktok.com	www.paykpal.com analytics.tiktok.com
5	px.ads.linkedin.com	3 redirects snap.licdn.com
5	connect.facebook.net	www.paykpal.com connect.facebook.net
4	www.facebook.com	www.paykpal.com
4	tags.srv.stackadapt.com	www.paykpal.com tags.srv.stackadapt.com
3	www.googletagmanager.com	www.paykpal.com www.googletagmanager.com
2	analytics.google.com	www.googletagmanager.com
2	www.google.com	www.googletagmanager.com www.paykpal.com
2	hm.baidu.com	156.245.118.66 www.paykpal.com
2	www.google-analytics.com	www.paykpal.com www.google-analytics.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	api.share.baidu.com	www.paykpal.com
1	px4.ads.linkedin.com	www.paykpal.com
1	www.linkedin.com	1 redirects
1	6htv99.com	156.245.118.66
1	fonts.gstatic.com	fonts.googleapis.com
1	push.zhanzhang.baidu.com	www.paykpal.com
1	snap.licdn.com	www.paykpal.com
1	fonts.googleapis.com	www.paykpal.com
1	paykpal.com	1 redirects
89	24

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-13` - `2024-11-11`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
*.google-analytics.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2024-07-08` - `2025-08-09`	a year	crt.sh
*.gstatic.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
6htv99.com ZeroSSL RSA Domain Secure Site CA	`2024-09-17` - `2024-12-16`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.srv.stackadapt.com Amazon RSA 2048 M03	`2024-08-09` - `2025-09-06`	a year	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2024-08-13` - `2025-09-13`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://www.paykpal.com/donald/letsgetit/app/login
Frame ID: 98BCE0D114F87E7774F48231AC498BF7
Requests: 88 HTTP requests in this frame

Frame: https://6htv99.com/
Frame ID: 7DE83A522EE5800100E365497C2BE71F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

王中王六合彩特码 (New Brunswick Community College)

Page URL History Show full URLs

http://paykpal.com/donald/letsgetit/app/login HTTP 307
https://paykpal.com/donald/letsgetit/app/login HTTP 307
http://paykpal.com/donald/letsgetit/app/login HTTP 301
http://www.paykpal.com/donald/letsgetit/app/login HTTP 307
https://www.paykpal.com/donald/letsgetit/app/login HTTP 307
http://www.paykpal.com/donald/letsgetit/app/login Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

89
Requests

42 %
HTTPS

52 %
IPv6

17
Domains

24
Subdomains

24
IPs

4
Countries

1796 kB
Transfer

4095 kB
Size

27
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paykpal.com/donald/letsgetit/app/login HTTP 307
https://paykpal.com/donald/letsgetit/app/login HTTP 307
http://paykpal.com/donald/letsgetit/app/login HTTP 301
http://www.paykpal.com/donald/letsgetit/app/login HTTP 307
https://www.paykpal.com/donald/letsgetit/app/login HTTP 307
http://www.paykpal.com/donald/letsgetit/app/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

http://www.paykpal.com/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1 HTTP 302
https://nbcc.ca/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1

Request Chain 22

http://www.paykpal.com/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8 HTTP 302
https://nbcc.ca/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8

Request Chain 23

http://www.paykpal.com/images/default-source/promo/counselling.png?sfvrsn=60a32354_2 HTTP 302
https://nbcc.ca/images/default-source/promo/counselling.png?sfvrsn=60a32354_2

Request Chain 24

http://www.paykpal.com/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0 HTTP 302
https://nbcc.ca/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0

Request Chain 25

http://www.paykpal.com/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3 HTTP 302
https://nbcc.ca/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3

Request Chain 26

http://www.paykpal.com/images/default-source/promo/what_to_expect.jpg HTTP 302
https://nbcc.ca/images/default-source/promo/what_to_expect.jpg

Request Chain 27

http://www.paykpal.com/images/default-source/promo/when-you-know_250x250.jpg HTTP 302
https://nbcc.ca/images/default-source/promo/when-you-know_250x250.jpg

Request Chain 28

http://www.paykpal.com/images/default-source/promo/counselling.png HTTP 302
https://nbcc.ca/images/default-source/promo/counselling.png

Request Chain 29

http://www.paykpal.com/images/default-source/featured/featured-scholarships-bursaries.jpg?McasCtx=1 HTTP 302
https://nbcc.ca/images/default-source/featured/featured-scholarships-bursaries.jpg?McasCtx=1

Request Chain 30

http://www.paykpal.com/images/default-source/default-album/nb-power-energy-champion.png?sfvrsn=bb4d1f54_0 HTTP 302
https://nbcc.ca/images/default-source/default-album/nb-power-energy-champion.png?sfvrsn=bb4d1f54_0

Request Chain 31

http://www.paykpal.com/Template/Images/Logos/nbcc-logo-footer.png HTTP 302
https://nbcc.ca/Template/Images/Logos/nbcc-logo-footer.png

Request Chain 47

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 54

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1709772%26time%3D1730688270809%26li_adsId%3D0214a985-83ad-4909-bed8-562d48c0587f%26url%3Dhttp%253A%252F%252Fwww.paykpal.com%252Fdonald%252Fletsgetit%252Fapp%252Flogin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQJPgEP-c1ewVgAAAZL1D0TRdzMdkHSsRElyAbXDjDq-8YwtSNiIJYXtTSMHKM79BnWO3971O_Ocz19zlYeO8WoJ1j6ztQ

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request login Show response
www.paykpal.com/donald/letsgetit/app/
Redirect Chain

http://paykpal.com/donald/letsgetit/app/login
https://paykpal.com/donald/letsgetit/app/login
http://paykpal.com/donald/letsgetit/app/login
http://www.paykpal.com/donald/letsgetit/app/login
https://www.paykpal.com/donald/letsgetit/app/login
http://www.paykpal.com/donald/letsgetit/app/login

52 KB
14 KB

468ms
250ms

Document
text/html

156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: ee6907bd8ce545b225c07f0844296f7ab9705c1cee562fdbb2e6175250a9f881

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=gbk
Date: Mon, 04 Nov 2024 02:44:29 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

Redirect headers

Location: http://www.paykpal.com/donald/letsgetit/app/login
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK main.min.css
www.paykpal.com/ResourcePackages/Bootstrap/assets/dist/css/ 139 KB
30 KB 426ms
278ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/ResourcePackages/Bootstrap/assets/dist/css/main.min.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: de8eb7ed9412295cccc39ca6831bb5908396833080a07c0933667f5e468c801e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK modernizr.min.js Show response
www.paykpal.com/Template/Theme/vendor/modernizr/ 10 KB
5 KB 1099ms
231ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/modernizr/modernizr.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 6a631aedc7a674aab96f347558ec9911178f4d8492f93e33366f7ec30d45d779

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H2 200 css
fonts.googleapis.com/ 37 KB
3 KB 162ms
66ms Stylesheet
text/css 2607:f8b0:400d:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%7CRoboto%7COpen+Sans:300,400,600,700,800%7CShadows+Into+Light%7COswald:400,300,700%7CCrushed

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c09::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9833cf6cb425bf0c0c1fef6dcaeab16ba52a6311c61ae4a98b923264e3056d3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 02:44:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 02:44:29 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Mon, 04 Nov 2024 02:44:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK font-awesome.min.css
www.paykpal.com/Template/Theme/vendor/font-awesome/css/ 30 KB
8 KB 441ms
235ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/font-awesome/css/font-awesome.min.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 51bb9d9fca4045f836dc356bab53fd377b06313c4c1786731851e5d0b408a590

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK animate.min.css
www.paykpal.com/Template/Theme/vendor/animate/ 52 KB
5 KB 458ms
251ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/animate/animate.min.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 53eaf15bae45605ea399de089e8f6e5f12eed51c718b333f01fa9b77555cc633

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK simple-line-icons.min.css
www.paykpal.com/Template/Theme/vendor/simple-line-icons/css/ 11 KB
3 KB 447ms
240ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/simple-line-icons/css/simple-line-icons.min.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 80d17ab8b10b76b80d04cadb2481a72d2f0609bb2c3dae6e431d161cdc1d6864

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK owl.carousel.min.css
www.paykpal.com/Template/Theme/vendor/owl.carousel/assets/ 3 KB
1 KB 443ms
230ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/owl.carousel/assets/owl.carousel.min.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 749b9f932c1e6fecc596d1552a64656c3bda380ac70cd3896e209973d554ada1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK owl.theme.default.min.css
www.paykpal.com/Template/Theme/vendor/owl.carousel/assets/ 1005 B
844 B 445ms
231ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/owl.carousel/assets/owl.theme.default.min.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 9dff755446d0d8e13e0dace98870edf02f4065f6d049ddf8f4d7e3fbbdbda4fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK magnific-popup.min.css
www.paykpal.com/Template/Theme/vendor/magnific-popup/ 5 KB
2 KB 672ms
230ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/magnific-popup/magnific-popup.min.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: bab264ce3dcbf5effb9f3e86fdfc1a76fe1901dbf00542918ecf1ca7c23f24f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK theme.css
www.paykpal.com/Template/Theme/css/ 106 KB
19 KB 713ms
268ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/css/theme.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: b341d71194e1ed8191cb6123c1d60accc58677f18eb207a7291a86f097570aa3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK theme-overrides.css
www.paykpal.com/Template/Styles/ 2 KB
1 KB 681ms
233ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Styles/theme-overrides.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 4cac0f8978ab94ceddcd37981f0f9dab2b3661f395fb8d60d75a5ac199deb3fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK theme-elements.css
www.paykpal.com/Template/Theme/css/ 148 KB
29 KB 719ms
269ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/css/theme-elements.css?vrsn=04222022
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 9f3d654739fb5e6f4105d639ba06681bd3da66130db9f603d61d64b677bcf863

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK nivo-slider.css
www.paykpal.com/Template/Theme/vendor/nivo-slider/ 2 KB
1 KB 691ms
234ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/nivo-slider/nivo-slider.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 8821a7426941daaec923722d4d02bef6aa6a4bd42b39c408c64a279c71c5dc13

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK default.css
www.paykpal.com/Template/Theme/vendor/nivo-slider/default/ 2 KB
1 KB 863ms
228ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/nivo-slider/default/default.css
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: e73edf6dd8e505ba70c3cda62b1651ed4a723107cbfb2a8f915dcfe80e035f2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK skin.css
www.paykpal.com/Template/Styles/ 134 KB
16 KB 931ms
258ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Styles/skin.css?vrsn=04222022
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 8550ff59d6fb1fadb9fb4df5adbd457a440cbb75b80f7e6caf98cb17f0a90944

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK custom.css
www.paykpal.com/Template/Styles/ 37 KB
9 KB 925ms
233ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Styles/custom.css?vrsn=04142022
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 3543afcfba55cd06ff37bfc79cc3a36edd90f6c410b667daeaa6aa034a2121ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd
www.paykpal.com/ 2 KB
929 B 921ms
228ms Stylesheet
text/css 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Telerik.Web.UI.WebResource.axd?d=PMrIT5dOWaVYIcpFWUE4nJ_hHpV6QajNGUvxd3GX0zGi4qTyDYxvBd4-Z6PHiMxq7aR7mrxAqGHnR9yMf6LsLH4wqUODuf0mPtqq0YY21KsA6GTv6kLh8qBrjJA3YHOV0&t=638610763964891277&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%2c+Version%3d14.4.8135.0%2c+Culture%3dneutral%2c+PublicKeyToken%3db28c218413bdf563%3aen%3aaed87611-718c-43af-bad7-20fefea09a79%3a7a90d6a
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 7baa86aee32051749f5646c30d042ee97e9590003307e2ff3f4b6bbcf0ee963d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/css;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK xingbake6he.js Show response
156.245.118.66/ 864 B
1 KB 668ms
209ms Script
application/javascript 156.245.118.66
MULTA-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://156.245.118.66/xingbake6he.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.118.66 , Hong Kong, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a15627d6468346274abf438f000b3c7e640387aeb83e21052406c6a8efd72cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

Cache-Control: max-age=43200
ETag: "6717a4d9-360"
Connection: keep-alive
Expires: Mon, 04 Nov 2024 14:44:29 GMT
Accept-Ranges: bytes
Content-Length: 864
Date: Mon, 04 Nov 2024 02:44:29 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Oct 2024 13:12:57 GMT
Server: nginx

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd Show response
www.paykpal.com/ 101 KB
30 KB 1188ms
263ms Script
text/html 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl05_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bSystem.Web.Extensions%2c+Version%3d4.0.0.0%2c+Culture%3dneutral%2c+PublicKeyToken%3d31bf3856ad364e35%3aen%3adbd37df5-a986-4b30-bc8e-23832b2677dd%3aea597d4b
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: a729ab98336c88095724778168fd92b79f2500c4406809f88b03ce040f7ee82a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/html; charset=gbk
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK ScriptResource.axd Show response
www.paykpal.com/ 88 KB
35 KB 1214ms
281ms Script
text/html 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/ScriptResource.axd?d=ktXPS54N4JY6vbaCTPlT9aFgmkSpHDGvmpRcBp8YuP690zIOFOsponYRy4vBLPk2AuVcxUxFBUYmwfEFzsNbgEkTty3ugPE4MpLopMaStW-gJp3zlaC-kWlGaH2dIq193bo5wxLi9dnlTOu0w2AHRvq0aw8yo-B6k01J6qkHoEWU1IpB98USxxYZAcsxiPod0&t=622c0734
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 25990dff5a272384d3526faf864042632da1ebe84a3c43fb2149d89509027835

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/html; charset=gbk
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK Telerik.Web.UI.WebResource.axd Show response
www.paykpal.com/ 17 KB
7 KB 1173ms
239ms Script
text/html 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Telerik.Web.UI.WebResource.axd?_TSM_HiddenField_=ctl05_TSM&compress=0&_TSM_CombinedScripts_=%3b%3bTelerik.Sitefinity.Resources%3aen%3aaed87611-718c-43af-bad7-20fefea09a79%3a9ced59e7
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 86d95647e48889bf8cae97778e7dfd05dcf761bda01e7d362950dfc72d4b0550

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/html; charset=gbk
Vary: Accept-Encoding
Server: nginx

GET
H2

200

logo-horizontal-color-195x35.png
nbcc.ca/Template/Images/Logos/
Redirect Chain

http://www.paykpal.com/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1
https://nbcc.ca/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1

4 KB
7 KB

47ms
35ms

Image
image/png

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

76f466a145e0001c5eb798ad3a98169fa95453dd871556504dd5de79243b767f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

etag: "0435d382afbd21:0"
x-content-type-options: nosniff
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: image/png
last-modified: Wed, 12 Jul 2017 16:16:30 GMT
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: max-age=2678400
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges: bytes
content-length: 3791
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/Template/Images/Logos/logo-horizontal-color-195x35.png?McasCtx=1
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

what_to_expect.jpg
nbcc.ca/images/default-source/promo/
Redirect Chain

http://www.paykpal.com/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8
https://nbcc.ca/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8

43 KB
46 KB

285ms
39ms

Image
image/jpeg

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

516c0380981fcb82030e14ac99af8f47e0d01f92af95aa8facc61151fe6b1483

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:30 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: image/jpeg
last-modified: Wed, 26 Jul 2023 12:48:07 GMT
content-disposition: inline; filename=what_to_expect.jpg
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 44263
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/promo/what_to_expect.jpg?sfvrsn=da6c3554_8
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

counselling.png
nbcc.ca/images/default-source/promo/
Redirect Chain

http://www.paykpal.com/images/default-source/promo/counselling.png?sfvrsn=60a32354_2
https://nbcc.ca/images/default-source/promo/counselling.png?sfvrsn=60a32354_2

44 KB
47 KB

396ms
151ms

Image
image/png

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/promo/counselling.png?sfvrsn=60a32354_2

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d0ecfb6b1359cefee34040343b3213aaae382994d18df4e4e897d85051d1fddd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:30 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 16:57:10 GMT
content-disposition: inline; filename=counselling.png
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 45121
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/promo/counselling.png?sfvrsn=60a32354_2
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

alumniawards2017-(1).jpg
nbcc.ca/images/default-source/alumni/recognition-awards/
Redirect Chain

http://www.paykpal.com/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0
https://nbcc.ca/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0

92 KB
95 KB

174ms
120ms

Image
image/jpeg

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

61d79580e61b1505a2fb8f77a5e3d6609e13a1b7a15f8f411aa2ead58dbfb688

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:30 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: image/jpeg
last-modified: Wed, 29 Nov 2017 18:38:17 GMT
content-disposition: inline; filename=alumniawards2017-(1).jpg
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 93758
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/alumni/recognition-awards/alumniawards2017-(1).jpg?sfvrsn=42d44b54_0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

when-you-know-campaign.jpg
nbcc.ca/images/default-source/header-images/
Redirect Chain

http://www.paykpal.com/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3
https://nbcc.ca/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3

444 KB
448 KB

170ms
169ms

Image
image/jpeg

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7b80d37dc355a570578ca92c7212ed71ea3dc68af865d4d8b986952715b82e2a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:30 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: image/jpeg
last-modified: Thu, 14 Sep 2023 13:16:23 GMT
content-disposition: inline; filename=when-you-know-campaign.jpg
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 454996
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/header-images/when-you-know-campaign.jpg?sfvrsn=800a1354_3
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

what_to_expect.jpg
nbcc.ca/images/default-source/promo/
Redirect Chain

http://www.paykpal.com/images/default-source/promo/what_to_expect.jpg
https://nbcc.ca/images/default-source/promo/what_to_expect.jpg

43 KB
46 KB

70ms
67ms

Image
image/jpeg

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/promo/what_to_expect.jpg

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

516c0380981fcb82030e14ac99af8f47e0d01f92af95aa8facc61151fe6b1483

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:31 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: image/jpeg
last-modified: Wed, 26 Jul 2023 12:48:07 GMT
content-disposition: inline; filename=what_to_expect.jpg
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 44263
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/promo/what_to_expect.jpg
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

when-you-know_250x250.jpg
nbcc.ca/images/default-source/promo/
Redirect Chain

http://www.paykpal.com/images/default-source/promo/when-you-know_250x250.jpg
https://nbcc.ca/images/default-source/promo/when-you-know_250x250.jpg

20 KB
23 KB

44ms
40ms

Image
image/jpeg

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/promo/when-you-know_250x250.jpg

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

3689e8cdba8099de6d9f18d0f3e80e9e8af24f97a3005f691c79b7f546472926

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:31 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: image/jpeg
last-modified: Thu, 14 Sep 2023 13:27:51 GMT
content-disposition: inline; filename=when-you-know_250x250.jpg
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 20741
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/promo/when-you-know_250x250.jpg
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

counselling.png
nbcc.ca/images/default-source/promo/
Redirect Chain

http://www.paykpal.com/images/default-source/promo/counselling.png
https://nbcc.ca/images/default-source/promo/counselling.png

44 KB
47 KB

41ms
39ms

Image
image/png

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/promo/counselling.png

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

d0ecfb6b1359cefee34040343b3213aaae382994d18df4e4e897d85051d1fddd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:31 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: image/png
last-modified: Wed, 21 Jul 2021 16:57:10 GMT
content-disposition: inline; filename=counselling.png
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 45121
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/promo/counselling.png
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

featured-scholarships-bursaries.jpg
nbcc.ca/images/default-source/featured/
Redirect Chain

http://www.paykpal.com/images/default-source/featured/featured-scholarships-bursaries.jpg?McasCtx=1
https://nbcc.ca/images/default-source/featured/featured-scholarships-bursaries.jpg?McasCtx=1

68 KB
71 KB

40ms
39ms

Image
image/jpeg

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/featured/featured-scholarships-bursaries.jpg?McasCtx=1

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

644fa8c4ad411b5bfdd3dde40ccc4109a742e057dcef7fb245b4569a7f60ee01

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:31 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: image/jpeg
last-modified: Wed, 29 Nov 2017 14:04:36 GMT
content-disposition: inline; filename=featured-scholarships-bursaries.jpg
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 69661
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/featured/featured-scholarships-bursaries.jpg?McasCtx=1
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

nb-power-energy-champion.png
nbcc.ca/images/default-source/default-album/
Redirect Chain

http://www.paykpal.com/images/default-source/default-album/nb-power-energy-champion.png?sfvrsn=bb4d1f54_0
https://nbcc.ca/images/default-source/default-album/nb-power-energy-champion.png?sfvrsn=bb4d1f54_0

16 KB
19 KB

40ms
40ms

Image
image/png

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/images/default-source/default-album/nb-power-energy-champion.png?sfvrsn=bb4d1f54_0

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

0d3f7cecac321a4b4bd9aa16102a621dd3abf279b2d2a81cb977d1f955ef7c06

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-content-type-options: nosniff
expires: Tue, 05 Nov 2024 02:44:31 GMT
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: image/png
last-modified: Mon, 27 May 2024 12:02:30 GMT
content-disposition: inline; filename=nb-power-energy-champion.png
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: public, max-age=86400
x-aspnet-version: 4.0.30319
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
content-length: 16460
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/images/default-source/default-album/nb-power-energy-champion.png?sfvrsn=bb4d1f54_0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H2

200

nbcc-logo-footer.png
nbcc.ca/Template/Images/Logos/
Redirect Chain

http://www.paykpal.com/Template/Images/Logos/nbcc-logo-footer.png
https://nbcc.ca/Template/Images/Logos/nbcc-logo-footer.png

3 KB
6 KB

39ms
39ms

Image
image/png

198.164.157.202
NECN-1-611

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcc.ca/Template/Images/Logos/nbcc-logo-footer.png

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

198.164.157.202 Moncton, Canada, ASN611 (NECN-1-611, CA),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7feaad110263b6420f82dbffeb67a1557d547125733fbdc8e9ed202508f76893

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; script-src 'self' .googleapis.com .gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com .twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js .google.com .facebook.net .twitter.com .googletagmanager.com .ads-twitter.com .google-analytics.com .ytimg.com web-chat.nativechat.com .googleadservices.com .g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js .theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' .googleapis.com .gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ .twimg.com .google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' .gstatic.com .googleapis.com platform.tumblr.com www.redditstatic.com .twimg.com data: blob: .facebook.com .facebook.net .linkedin.com .ytimg.com .twitter.com .googletagmanager.com .google-analytics.com web-chat.nativechat.com .googleadservices.com .google.com t.co .google.ca .ivy-cdn.com .nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' .nbcc.ca .youtube.com .google.com .facebook.com .googleadservices.com .g.doubleclick.net .salesforce.com .iatspayments.com .vimeo.com .campusebookstore.com open.spotify.com tours.smarterspaces.ca .theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com .gstatic.com .google.com .g.doubleclick.net .googletagmanager.com .googlesyndication.com .google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com .facebook.net *.facebook.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOW-FROM https://elearning.nbcc.ca
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

etag: "0d646bd1731d11:0"
x-content-type-options: nosniff
x-ua-compatible: IE=edge,chrome=1
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: image/png
last-modified: Mon, 07 Dec 2015 17:50:20 GMT
x-frame-options: ALLOW-FROM https://elearning.nbcc.ca
strict-transport-security: max-age=31536000
content-security-policy: default-src 'self'; script-src 'self' *.googleapis.com *.gstatic.com ajax.aspnetcdn.com https://www.youtube.com https://s.ytimg.com *.twimg.com platform.linkedin.com http://platform.stumbleupon.com/1/widgets.js *.google.com *.facebook.net *.twitter.com *.googletagmanager.com *.ads-twitter.com *.google-analytics.com *.ytimg.com web-chat.nativechat.com *.googleadservices.com *.g.doubleclick.net bot.ivy.ai widget.alongside.com https://snap.licdn.com/li.lms-analytics/insight.min.js https://tags.srv.stackadapt.com/events.js https://analytics.tiktok.com/i18n/pixel/events.js https://qvdt3feo.com/events.js https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js *.theaccessplatform.com crmwebs.nbcc.ca https://px.ads.linkedin.com https://td.doubleclick.net/ https://analytics.tiktok.com cdn.ampproject.org 'unsafe-inline' 'unsafe-eval'; style-src 'self' *.googleapis.com *.gstatic.com netdna.bootstrapcdn.com kendo.cdn.telerik.com www.google.com platform.twitter.com/css/ *.twimg.com *.google.com widget.alongside.com https://tags.srv.stackadapt.com/sa.css 'unsafe-inline'; img-src 'self' *.gstatic.com *.googleapis.com platform.tumblr.com www.redditstatic.com *.twimg.com data: blob: *.facebook.com *.facebook.net *.linkedin.com *.ytimg.com *.twitter.com *.googletagmanager.com *.google-analytics.com web-chat.nativechat.com *.googleadservices.com *.google.com t.co *.google.ca *.ivy-cdn.com *.nbcc.ca app.careerbeacon.com//assets/images/widget_powered_by_careerbeacon.png https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act; font-src 'self' fonts.gstatic.com kendo.cdn.telerik.com netdna.bootstrapcdn.com data: bot.ivy.ai; frame-src 'self' *.nbcc.ca *.youtube.com *.google.com *.facebook.com *.googleadservices.com *.g.doubleclick.net *.salesforce.com *.iatspayments.com *.vimeo.com *.campusebookstore.com open.spotify.com tours.smarterspaces.ca *.theaccessplatform.com forms.microsoft.com; connect-src 'self' data: accounts.google.com *.gstatic.com *.google.com *.g.doubleclick.net *.googletagmanager.com *.googlesyndication.com *.google-analytics.com https://px.ads.linkedin.com/wa/ https://tags.srv.stackadapt.com/sa.jpeg https://tags.srv.stackadapt.com/saq_pxl https://tags.srv.stackadapt.com/js_tracking https://analytics.tiktok.com/api/v2/pixel https://analytics.tiktok.com/api/v2/pixel/act https://crmwebs.nbcc.ca/web/newformeditor/CDWidget.js https://crmwebs.nbcc.ca/web/newformeditor/jquery.min.js crmwebs.nbcc.ca prod2-24.canadacentral.logic.azure.com; media-src 'self' data: blob:; child-src 'self' https://platform.twitter.com/ https://syndication.twitter.com/ https://www.youtube.com/ https://www.youtube-nocookie.com https://player.vimeo.com/ https://w.soundcloud.com/ apis.google.com accounts.google.com staticxx.facebook.com badge.stumbleupon.com *.facebook.net *.facebook.com
cache-control: max-age=2678400
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
referrer-policy: no-referrer-when-downgrade
cross-origin-embedder-policy: unsafe-none
permissions-policy: accelerometer=(self), ambient-light-sensor=(self), autoplay=(self), battery=(self), camera=(self), cross-origin-isolated=(self), display-capture=(self), document-domain=(self), encrypted-media=(self), execution-while-not-rendered=(self), execution-while-out-of-viewport=(self), fullscreen=(self), geolocation=(self), gyroscope=(self), keyboard-map=(self), magnetometer=(self), microphone=(self), midi=(self), navigation-override=(self), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(self), sync-xhr=(self), usb=(self), web-share=(self), xr-spatial-tracking=(self)
accept-ranges: bytes
content-length: 3187
x-xss-protection: 1; mode=block
x-powered-by: ASP.NET
server: Microsoft-IIS/10.0

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Location: https://nbcc.ca/Template/Images/Logos/nbcc-logo-footer.png
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: image/jpeg; charset=UTF-8
Server: nginx

GET
H/1.1 200
OK jquery.nivo.slider.min.js Show response
www.paykpal.com/Template/Theme/vendor/nivo-slider/ 12 KB
4 KB 237ms
236ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/nivo-slider/jquery.nivo.slider.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 9e47c20b6b467f03a31a140f2c1379590329209cddad96864ca67f3c501d7c93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK jquery.nivo.slider.js Show response
www.paykpal.com/Template/Theme/vendor/nivo-slider/ 29 KB
6 KB 243ms
238ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/nivo-slider/jquery.nivo.slider.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 194043cb7fd57d948e75848bcf5c4dab90f8d8e806952fd4036bd34e9214f6df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK view.home.js Show response
www.paykpal.com/Template/Theme/js/views/ 1 KB
1 KB 225ms
223ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/js/views/view.home.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: f0fb21c10874a60af78e92e77af90dfe7e80ee6bcc29fc9ff8bb06b069808b77

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK jquery.min.js Show response
www.paykpal.com/Template/Theme/vendor/jquery/ 85 KB
33 KB 275ms
275ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/jquery/jquery.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 12372edd157702e5ef510edd1a2d8e789bfab0709cb98cfd75f4be0c2456d98a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK jquery.appear.min.js Show response
www.paykpal.com/Template/Theme/vendor/jquery.appear/ 2 KB
1 KB 240ms
240ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/jquery.appear/jquery.appear.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 4f36c476b4ef0a4b760aedea686e24cc650d4e01f1ec77b78aa36681cd14b1e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK jquery.easing.min.js Show response
www.paykpal.com/Template/Theme/vendor/jquery.easing/ 5 KB
2 KB 229ms
228ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/jquery.easing/jquery.easing.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 33aa33e087779171bf2f7550a1f22319777d20c70dec49f6c8bbc1585205ce0a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK jquery-cookie.min.js Show response
www.paykpal.com/Template/Theme/vendor/jquery-cookie/ 1 KB
1 KB 235ms
234ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/jquery-cookie/jquery-cookie.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: a0069524ed5343aff5b15569a3cb40a0f36830fb7b4095e7697b6520b1acfecc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK bootstrap.min.js Show response
www.paykpal.com/Template/Theme/vendor/bootstrap/js/ 36 KB
11 KB 241ms
241ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/bootstrap/js/bootstrap.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: a12eaac378ced9140331dfafb72caee77622eb080eb7af2de8655201472bb7bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK common.min.js Show response
www.paykpal.com/Template/Theme/vendor/common/ 14 KB
7 KB 233ms
233ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/common/common.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 404c40c223c37eb2c47dd0ce327cc5e27838de4372a132618d5dacfbc221c507

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK owl.carousel.min.js Show response
www.paykpal.com/Template/Theme/vendor/owl.carousel/ 42 KB
13 KB 262ms
262ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/vendor/owl.carousel/owl.carousel.min.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: d2e316abcec4ed64ad9e754c79ad4fe0409275de1bf6f25ed9ff88a549377167

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK theme.js Show response
www.paykpal.com/Template/Theme/js/ 62 KB
13 KB 255ms
255ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/js/theme.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: efba06271930fe54a764b28ffac6d9455637e3920aa8249f3eb399dd3f941d78

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H/1.1 200
OK theme.init.js Show response
www.paykpal.com/Template/Theme/js/ 9 KB
1 KB 238ms
237ms Script
text/javascript 156.245.121.80
HQTC-AS-AP qlhost

General

Check archive.org

Show headers Download Go to

Full URL: http://www.paykpal.com/Template/Theme/js/theme.init.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 156.245.121.80 , Hong Kong, ASN142062 (HQTC-AS-AP qlhost, TW),
Reverse DNS
Software: nginx /
Resource Hash: 56f818eb2c0e2abe5b020fc4c7153bf2b48c1c578fce3f732f25ec2458816c9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/donald/letsgetit/app/login

Response headers

Transfer-Encoding: chunked
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Encoding: gzip
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
Server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 251ms
15ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-WdPjnIaF' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-WdPjnIaF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4605, tp=12, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 469gVH+jB69GWFlOjDJXKlTTChMOmOxM4sLDqK3Ds5YvLLI853Wdi6VGpqamIYi+U7kHVgsQyICll8oRRwEIbg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62086
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 295ms
17ms Script
application/javascript 2600:1408:c400:25::17da:d9b0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:25::17da:d9b0 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

cache-control: max-age=52136
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Mon, 04 Nov 2024 02:44:30 GMT
last-modified: Thu, 22 Aug 2024 11:06:54 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 313 KB
105 KB 313ms
35ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W5CW982

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

361f53d9120f9b0d2dd69de53f36baaedc4648974196ce5b4b1664e066068c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Mon, 04 Nov 2024 02:44:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 106629
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

52 KB
21 KB

164ms
44ms

Script
text/javascript

2607:f8b0:400d:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Server

2607:f8b0:400d:c07::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: gzip
age: 4977
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Mon, 04 Nov 2024 03:21:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 01:21:33 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1463ms
619ms Script
application/javascript 14.215.182.140
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?fbc802ff7f8c929d218f623015cbf6aa

Requested by

Host: 156.245.118.66
URL: http://156.245.118.66/xingbake6he.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

2d400737d0617e6267481a1d68b8c27c754e76bbf1a4d4d668564147ddcc2f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Etag: d3d14c2fb9a9febf95cc4bdabe05562a
Content-Length: 11287
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Date: Mon, 04 Nov 2024 02:44:31 GMT
Content-Type: application/javascript
Server: apache

GET
H/1.1 200
OK push.js Show response
push.zhanzhang.baidu.com/ 281 B
377 B 481ms
242ms Script
text/javascript 112.34.113.148
CHINAMOBILE-CN Ch...

General

Check archive.org

Show headers Download Go to

Full URL: http://push.zhanzhang.baidu.com/push.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 112.34.113.148 , China, ASN9808 (CHINAMOBILE-CN China Mobile Communications Group Co., Ltd., CN),
Reverse DNS
Software: bfe /
Resource Hash: 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

Content-Length: 232
Content-Encoding: gzip
Date: Mon, 04 Nov 2024 02:44:30 GMT
Content-Type: text/javascript
Server: bfe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 278ms
21ms Font
font/woff2 2607:f8b0:400d:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%7CRoboto%7COpen+Sans:300,400,600,700,800%7CShadows+Into+Light%7COswald:400,300,700%7CCrushed

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: http://www.paykpal.com
Referer: https://fonts.googleapis.com/

Response headers

age: 333436
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Fri, 31 Oct 2025 06:07:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 31 Oct 2024 06:07:14 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H/1.1 409
Conflict /
6htv99.com/ Frame 7DE8 0
0 967ms
96ms Document
text/html 194.147.98.206
SPARTANHOST

General

Check archive.org

Show headers Download Go to

Full URL

https://6htv99.com/

Requested by

Host: 156.245.118.66
URL: http://156.245.118.66/xingbake6he.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

194.147.98.206 Seattle, United States, ASN201106 (SPARTANHOST, GB),

Reverse DNS

Software

Max /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://www.paykpal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Connect: @XDPCLOUD
Connection: keep-alive
Content-Length: 47
Content-Type: text/html
Date: Mon, 04 Nov 2024 02:44:31 GMT
Server: Max
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H3 200 487644405183657 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 105ms
104ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/487644405183657?v=2.9.176&r=stable&domain=www.paykpal.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c95fae4052e1715e8b99dca5fb57dbe1b95ec85c865ae3bcafc5ee6f043c162b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-IMXc45RO' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-IMXc45RO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=71, mss=1232, tbw=70397, tp=68, tpl=0, uplat=61, ullat=0
pragma: public
x-fb-debug: 4vTnT9YdHn4uSYJuAjQguOBW+VpNYuNQcetMt2WNv52nsDwAd6iMXHGlI4a1anmBWQsZ+/z6KrCoIxxa3YiB+w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
762 B 165ms
82ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=1709772&time=1730688270809&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Referer: http://www.paykpal.com/

Response headers

x-li-pop: afd-prod-ltx1-x
content-encoding: gzip
x-fs-uuid: 0006260d439b021000a421920374dad1
x-msedge-ref: Ref A: B093DAAE647A486B863FE7E1C553FC02 Ref B: EWR30EDGE0115 Ref C: 2024-11-04T02:44:30Z
x-li-fabric: prod-ltx1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYmDUObAhAApCGSA3Ta0Q==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&cooki...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1709772%26time%3D1730688270809%26li_adsId%3D0214a985-83ad-4909-bed8-562d48c0587f%...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&cooki...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&cook...

0
487 B

134ms
73ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQJPgEP-c1ewVgAAAZL1D0TRdzMdkHSsRElyAbXDjDq-8YwtSNiIJYXtTSMHKM79BnWO3971O_Ocz19zlYeO8WoJ1j6ztQ
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 8733155C50F84350B46A48D590EB46E5 Ref B: EWR30EDGE0911 Ref C: 2024-11-04T02:44:31Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYmDUOm6iwQyfjN17czlg==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1709772&time=1730688270809&li_adsId=0214a985-83ad-4909-bed8-562d48c0587f&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&cookiesTest=true&liSync=true&e_ipv6=AQJPgEP-c1ewVgAAAZL1D0TRdzMdkHSsRElyAbXDjDq-8YwtSNiIJYXtTSMHKM79BnWO3971O_Ocz19zlYeO8WoJ1j6ztQ
x-msedge-ref: Ref A: 244BB9B52E884F938046CFF68167070E Ref B: EWR30EDGE0806 Ref C: 2024-11-04T02:44:31Z
x-li-fabric: prod-ltx1
x-li-uuid: AAYmDUOkuEtPvtA0OM++jw==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Mon, 04 Nov 2024 02:44:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 256 KB
91 KB 33ms
32ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11126049918&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5CW982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7d1e7143f7a042db0944e923424d34e8235fc2279fde57d8cb1a0b6c331701f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 04 Nov 2024 02:44:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Mon, 04 Nov 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 92565
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect
www.google.com/ccm/ 0
0 429ms
38ms Ping
text/plain 2607:f8b0:400d:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&scrsrc=www.googletagmanager.com&frm=0&rnd=1931313462.1730688271&auid=643730320.1730688271&npa=0&gtm=45He4au0v9102013225za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&tft=1730688270914&tfd=4467&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5CW982
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400d:c07::63 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 384 KB
126 KB 82ms
72ms Script
application/javascript 2607:f8b0:400d:c04::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DKXFWS1ZVH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W5CW982

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c04::61 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5aa7843d1e2a32a65f95e4c4fdc584dc2d55fb20615b3013075ca4afc7bf7a6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Mon, 04 Nov 2024 02:44:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 02:44:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 128489
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 events.js Show response
tags.srv.stackadapt.com/ 22 KB
7 KB 429ms
23ms Script
text/javascript 3.228.158.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.158.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-158-18.compute-1.amazonaws.com
Software: /
Resource Hash: 8bde3a11918c68fe6deee3695961251212d7ab8f385b84c653b196966144916e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

access-control-allow-origin: *
cache-control: max-age=5
content-encoding: gzip
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/javascript

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 427ms
71ms Script
application/javascript 23.212.248.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGMNG5BC77UDLADKG7N0&lib=ttq
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3eed0ea66f67d21dbb178a4fce4838dcd90557e473b4407761053b3ef7f7170

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: gzip
expires: Mon, 04 Nov 2024 02:44:31 GMT
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=1, origin; dur=27
x-cache: TCP_MISS from a23-220-104-132.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: dc2ec85
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7d531e9042e55d5e064a2f13121b20b1886bdeb1d97e34cfb1bf3cea8123b093b98c9a7c5b238b9af0cf2b65d32ef6844b3d0edb570624ac601290084ac4eb0a1f08fba1356580f6ce8c6648d3e77af476
x-origin-response-time: 27,23.220.104.132
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-241104024431ADB730733DE4D115B954-5BE5C04D5999F128-00
content-length: 1647
x-tt-logid: 20241104024431ADB730733DE4D115B954
server: nginx

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
421 B 34ms
24ms XHR
text/plain 2607:f8b0:400d:c07::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=271249192&t=pageview&_s=1&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&ul=en-us&de=GBK&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=939373280&gjid=1583965939&cid=1497856021.1730688271&tid=UA-15690697-1&_gid=1565984093.1730688271&_r=1&_slc=1&z=103775825

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c07::64 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://www.paykpal.com/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 02:44:30 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: http://www.paykpal.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 842955416132941 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 79ms
77ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/842955416132941?v=2.9.176&r=stable&domain=www.paykpal.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8bb887d0ff1d5f71b3832b0f84d5158b12e57de5f83ea026c46d1864234cc79f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-1ZwOL5ry' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-1ZwOL5ry' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=84, mss=1232, tbw=86493, tp=84, tpl=0, uplat=57, ullat=0
pragma: public
x-fb-debug: xBnLdMksH93y/g70Otlc8RPz53wNWQnNfW585AaXdfb4/u5pU94ire+urQVTbGRH7U1ZQU0DwGzcGCVMSJVePQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 25ms
21ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=487644405183657&ev=PageView&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&rl=&if=false&ts=1730688270987&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730688270983.644183247471731309&cs_est=true&ler=empty&cdl=API_unavailable&it=1730688270784&coo=false&rqm=GET

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=12, mss=1328, tbw=3299, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/plain
server: proxygen-bolt

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET
H/1.1 200
OK s.gif
api.share.baidu.com/ 0
116 B 740ms
260ms Image
text/plain 14.215.182.161
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://api.share.baidu.com/s.gif?l=http://www.paykpal.com/donald/letsgetit/app/login
Requested by: Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login
Protocol: HTTP/1.1
Server: 14.215.182.161 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

Date: Mon, 04 Nov 2024 02:44:32 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 0

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11126049918/ 5 KB
2 KB 101ms
39ms Script
text/javascript 2607:f8b0:400d:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11126049918/?random=1730688271252&cv=11&fst=1730688271252&bg=ffffff&guid=ON&async=1&gtm=45be4au0v9184028910z89102013225za200zb9102013225&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&hn=www.googleadservices.com&frm=0&tiba=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&npa=0&pscdl=noapi&auid=643730320.1730688271&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11126049918&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c00::9b Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

158136faca5f4b916fa3f636bb57cba46ff748da65ff927b42d112756e43cb1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2376
date: Mon, 04 Nov 2024 02:44:31 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H3 200 546596260875701 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 79ms
77ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/546596260875701?v=2.9.176&r=stable&domain=www.paykpal.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

290236a30805de0786723e23062d411d3fdbcfb3ef1c6ccd4a3c5433b6ceb61f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-kMnHr1O1' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-kMnHr1O1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=87, mss=1232, tbw=90333, tp=90, tpl=0, uplat=54, ullat=0
pragma: public
x-fb-debug: SpvWzZRqW2bFZNwyktztNg3e88RtH5Kc3TIoiu5R+KkoiFQ8S5eDIgMubTyLPlCJujk4i9GNKTJv2JkPZ/POJA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 55ms
18ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=842955416132941&ev=PageView&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&rl=&if=false&ts=1730688271312&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730688270983.644183247471731309&ler=empty&cdl=API_unavailable&it=1730688270784&coo=false&rqm=GET

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=10, mss=1328, tbw=2911, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/plain
server: proxygen-bolt

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

POST
H2 204 collect
analytics.google.com/g/ 0
0 105ms
28ms Fetch
text/plain 2607:f8b0:400d:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DKXFWS1ZVH&gtm=45je4au0v879519077za200zb9102013225&_p=1730688270474&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1497856021.1730688271&ul=en-us&sr=1600x1200&are=1&frm=0&pscdl=noapi&_s=1&sid=1730688271&sct=1&seg=0&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4947
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKXFWS1ZVH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: http://www.paykpal.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
554 B 128ms
35ms Ping
text/plain 2607:f8b0:400d:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DKXFWS1ZVH&cid=1497856021.1730688271&gtm=45je4au0v879519077za200zb9102013225&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101878899~101878944~101925629
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKXFWS1ZVH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c0b::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: http://www.paykpal.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 sa.css
tags.srv.stackadapt.com/ 65 B
203 B 23ms
16ms Stylesheet
text/css 3.228.158.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.158.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-158-18.compute-1.amazonaws.com
Software: /
Resource Hash: 705a822796baeb4f6199a6f4519ee7af1ff2ea0dadb29e61e73be8ebad9bdd37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 65
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/css

GET
H2 200 sa.jpeg Show response
tags.srv.stackadapt.com/ 0
2 KB 81ms
30ms Fetch
image/jpeg 3.228.158.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.158.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-158-18.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

access-control-allow-origin: *
cache-control: only-if-cached, no-transform, private, max-age=7776000
content-length: 651
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: image/jpeg

GET
H3 200 932813644808067 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 80ms
75ms Script
application/x-javascript 2a03:2880:f003:c0e:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/932813644808067?v=2.9.176&r=stable&domain=www.paykpal.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113%2C201%2C200%2C202%2C207%2C208%2C209%2C205%2C197%2C132%2C134%2C163%2C196%2C198%2C122%2C157%2C145%2C151%2C129%2C233%2C116%2C126%2C127%2C234%2C165%2C119%2C236%2C166%2C136%2C123%2C154%2C148%2C193%2C114%2C128

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e527ccb4ceda8f0db9863c083ac36c97f8241d90b99dadaa4076cea13cb3d542

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'nonce-NdFyYhI9' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'nonce-NdFyYhI9' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=90, mss=1232, tbw=94125, tp=95, tpl=0, uplat=53, ullat=0
pragma: public
x-fb-debug: o9iwPVLey2vim/00Qytv9CV7mjgSCyf8OmBj0UgRc3hJ1WLeKgMcxi16+s/jMYxGHdNIDATUcK7oWKVUsq5C6g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 34ms
29ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=546596260875701&ev=PageView&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&rl=&if=false&ts=1730688271429&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1730688270983.644183247471731309&ler=empty&cdl=API_unavailable&it=1730688270784&coo=false&tm=1&rqm=GET

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4446, tp=9, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET
H2 200 main.MTJhNGMzN2YwMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
94 KB 91ms
69ms Script
application/javascript 23.212.248.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGMNG5BC77UDLADKG7N0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 8838b00c4d65fb353a4fc115fb3d5ec4ac665dddd47131dbcb41799e5ce6b25a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-cache: TCP_MEM_HIT from a23-220-104-132.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
x-tt-trace-id: 00-241024123506116AF57C82595F8A471D-3860775150A5C7E8-00
content-length: 95218
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 20241024123506116AF57C82595F8A471D
server: nginx
x-akamai-request-id: dc2ee22
x-tt-trace-host: 012c6197a535db4a6b7286ebc678650cdbdc23bbc26c425695134116ce0dc4b6f82cb58a22327fe53987edcc5b35b1a214682670bf25109c813982b1be91679d3ad8983025d80d73895a7d21ea03576be1cc70e74850bbf07453a198973f4a7a7c

GET
H2 200 saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
287 B 43ms
22ms XHR
text/plain 3.228.158.18
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=pnMLiaJKkRh2g66bEQ23wQ&is_js=true&landing_url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&t=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&tip=2EX0WISfBzfuDEMwnMrfXi317qlwepC23GJdbGMOJ-c&host=http%3A%2F%2Fwww.paykpal.com&sa_conv_data_css_value=%270-3f20a0c0-5805-53d7-6110-c7cd7202a7f4%27&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd93f20a0c0580553d76110c7cd7202a7f405b5ea85&l_src=&l_src_d=&u_src=&u_src_d=&shop=false&sa-user-id-v3=s%253AAQAKIACP0kVyoBj_SP9w6vvQv4Rnavk9L1eb4JeL0JNhZ5eTENYBGAQgj-qguQYwAToEQiu0oEIEhqQtsg.i5Jpg7dD94sVmPQD056bJfUJNwZpYCj%252BmSXyp8wRkig&sa-user-id-v2=s%253APyCgwFgFU9dhEMfNcgKn9AW16oU.2kL4ZQvQRykHWVcqul3edKqNx8QRL0xduEtsgUVC42o&sa-user-id=s%253A0-3f20a0c0-5805-53d7-6110-c7cd7202a7f4.QJIsRT8Uv0IKTeA8Nilzi60GEuR03OxQcD1cCGkC3no
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.158.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-158-18.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

access-control-allow-methods: GET
access-control-allow-origin: http://www.paykpal.com
content-length: 94
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/plain; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: *

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 38ms
29ms Image
text/plain 2a03:2880:f103:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=932813644808067&ev=PageView&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&rl=&if=false&ts=1730688271529&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1730688270983.644183247471731309&ler=empty&cdl=API_unavailable&it=1730688270784&coo=false&tm=1&rqm=GET

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=27, mss=1232, tbw=8926, tp=19, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 0
0

GET
H3 200 /
www.google.com/pagead/1p-user-list/11126049918/ 42 B
64 B 48ms
38ms Image
image/gif 2607:f8b0:400d:c07::63
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11126049918/?random=1730688271252&cv=11&fst=1730685600000&bg=ffffff&guid=ON&async=1&gtm=45be4au0v9184028910z89102013225za200zb9102013225&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101878899~101878944~101925629&u_w=1600&u_h=1200&url=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&hn=www.googleadservices.com&frm=0&tiba=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&npa=0&pscdl=noapi&auid=643730320.1730688271&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dcGvJSQO81pW1ND3UDzQQv21Do4M6Sw&random=932423400&rmt_tld=0&ipr=y

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c07::63 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Mon, 04 Nov 2024 02:44:31 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 24ms
23ms Script
application/javascript 23.212.248.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

x-cache: TCP_MEM_HIT from a23-220-104-132.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
x-tt-trace-id: 00-2408300225313C49191DE03D83868122-1B7A078E655BE1AD-00
content-length: 39456
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202408300225313C49191DE03D83868122
server: nginx
x-akamai-request-id: dc2ef8f
x-tt-trace-host: 014de5d167f06aed9987df94efdd40055e0cfefe36646fc12fd8c238248907a24e9df1a1b8600baca619a5e66bc8bf7fe61a324096ececd98ba3d55caed2681f6fcfaa68ffea786df4132e037620453897254996ab02a2e99e649aeff0b78424fb

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
839 B 151ms
25ms Ping
text/plain 173.223.163.214
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.163.214 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a173-223-163-214.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: http://www.paykpal.com/

Response headers

access-control-max-age: 86400
x-bytefaas-request-id: 20241104024431A0A1474C38EB2E140051
access-control-allow-methods: *
expires: Mon, 04 Nov 2024 02:44:31 GMT
server-timing: inner; dur=7, cdn-cache; desc=MISS, edge; dur=0, origin; dur=11
x-cache: TCP_MISS from a23-202-158-13.deploy.akamaitechnologies.com (AkamaiGHost/11.7.0.1-02978ab5588da6405be9084889a03f78) (-)
date: Mon, 04 Nov 2024 02:44:31 GMT
content-type: text/plain; charset=utf-8
x-akamai-request-id: 2f4b64f9
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7df8e5247ef4f6d6600038e2e0b602fc2f521df207a3c51663698f44ffb3722f32a3d6d4d9d9d8f44860adacfcb4ce8ae0958b228274deb671f8bab55b76b1e000b0a89633f871417b8d4a5d40ac54bb30
access-control-allow-headers: *
x-bytefaas-execution-duration: 5.54
x-origin-response-time: 11,23.202.158.13
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-credentials: true
access-control-allow-origin: *
x-tt-trace-id: 00-241104024431A0A1474C38EB2E140051-47D34FB0350069C1-00
content-length: 0
x-tt-logid: 20241104024431A0A1474C38EB2E140051
server: nginx

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
871 B 69ms
67ms Ping
text/plain 23.212.248.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: http://www.paykpal.com/

Response headers

x-cache-remote: TCP_MISS from a23-55-100-8.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Mon, 04 Nov 2024 02:44:31 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=12, origin; dur=40, inner; dur=36
x-cache: TCP_MISS from a23-220-104-132.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Mon, 04 Nov 2024 02:44:31 GMT
x-akamai-request-id: 80eaa7cf.dc2efae
access-control-allow-headers: Authorization,*
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7ded01965faa33e2a3aa2a4e0b7d4f68c94b1d7fe4ea72ae55c9bfe16b8ba7f750244eb608b1f8bf31e78069b9976b42522025060360ac28ff6eb8d2e6b303de3920b7915770be54093b3a0d9b4f4fc88c11898248e436bb2a69000537de78cacc
x-origin-response-time: 40,23.55.100.8
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241104024431480146C5652AEC1317C1-4D26DABA5DBF8AE8-00
content-length: 0
x-parent-response-time: 43,23.220.104.132
x-tt-logid: 20241104024431480146C5652AEC1317C1
server: nginx

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
197 B 80ms
73ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://www.paykpal.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 553E8BC8DB99484FB0736D937CC27C0B Ref B: EWR30EDGE0806 Ref C: 2024-11-04T02:44:31Z
x-li-fabric: prod-ltx1
access-control-allow-credentials: true
x-li-uuid: AAYmDUOoOx4vP3PVOds3kw==
x-li-proto: http/2
access-control-allow-origin: http://www.paykpal.com
x-cache: CONFIG_NOCACHE
date: Mon, 04 Nov 2024 02:44:30 GMT
vary: Origin

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
873 B 55ms
54ms Ping
text/plain 23.212.248.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTJhNGMzN2YwMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.212.248.154 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-212-248-154.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: http://www.paykpal.com/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-71.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Mon, 04 Nov 2024 02:44:31 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=9, origin; dur=22, inner; dur=18
x-cache: TCP_MISS from a23-220-104-132.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
date: Mon, 04 Nov 2024 02:44:31 GMT
x-akamai-request-id: d34b8808.dc2f172
access-control-allow-headers: Authorization,*
x-tt-trace-host: 017509cafe48c2123e645e73a3735aba7ded01965faa33e2a3aa2a4e0b7d4f68c9a40157434c93558b5dc6b16b4dc5667b30d4d031d686058d91e40422a799ed83900a29b44f00c7f9462c843b8ab8b3b88815d5e79a4750b0b3ed0cba7f483b52bc2b353ed33810cc55793014574d38da
x-origin-response-time: 22,23.48.100.71
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241104024431C4D598E70923441B3553-1B80848D8E0BE24B-00
content-length: 0
x-parent-response-time: 24,23.220.104.132
x-tt-logid: 20241104024431C4D598E70923441B3553
server: nginx

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 308ms
306ms Image
image/gif 14.215.182.140
CHINANET-BACKBONE...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?hca=0F6A33DC32FB06B9&cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=940204829&si=fbc802ff7f8c929d218f623015cbf6aa&v=1.3.2&lv=1&sn=39992&r=0&ww=1600&u=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&tt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)

Requested by

Host: www.paykpal.com
URL: http://www.paykpal.com/donald/letsgetit/app/login

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

14.215.182.140 Guangzhou, China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

Strict-Transport-Security: max-age=172800
Cache-Control: private, max-age=0, no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
Content-Length: 43
Date: Mon, 04 Nov 2024 02:44:32 GMT
Content-Type: image/gif
Server: apache

POST
H2 204 collect
analytics.google.com/g/ 0
0 24ms
24ms Fetch
text/plain 2607:f8b0:400d:c04::64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-DKXFWS1ZVH&gtm=45je4au0v879519077za200zb9102013225&_p=1730688270474&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1497856021.1730688271&ul=en-us&sr=1600x1200&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1730688271&sct=1&seg=0&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&dt=%E7%8E%8B%E4%B8%AD%E7%8E%8B%E5%85%AD%E5%90%88%E5%BD%A9%E7%89%B9%E7%A0%81%20(New%20Brunswick%20Community%20College)&en=scroll&epn.percent_scrolled=90&_et=10&tfd=9961
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKXFWS1ZVH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400d:c04::64 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://www.paykpal.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: http://www.paykpal.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 04 Nov 2024 02:44:36 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=487644405183657&ev=PageView&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&rl=&if=false&ts=1730688270987&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730688270983.644183247471731309&cs_est=true&ler=empty&cdl=API_unavailable&it=1730688270784&coo=false&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=842955416132941&ev=PageView&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&rl=&if=false&ts=1730688271312&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1730688270983.644183247471731309&ler=empty&cdl=API_unavailable&it=1730688270784&coo=false&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=546596260875701&ev=PageView&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&rl=&if=false&ts=1730688271429&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1730688270983.644183247471731309&ler=empty&cdl=API_unavailable&it=1730688270784&coo=false&tm=1&rqm=FGET

Domain: www.facebook.com
URL: https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=932813644808067&ev=PageView&dl=http%3A%2F%2Fwww.paykpal.com%2Fdonald%2Fletsgetit%2Fapp%2Flogin&rl=&if=false&ts=1730688271529&sw=1600&sh=1200&v=2.9.176&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1730688270983.644183247471731309&ler=empty&cdl=API_unavailable&it=1730688270784&coo=false&tm=1&rqm=FGET

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.paykpal.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: rc4147ta1scb5r67nnoamlgv82
.paykpal.com/	1970-01-21 02:54:24	Name: _gcl_au Value: 1.1.643730320.1730688271
.paykpal.com/	1970-01-21 00:46:14	Name: _gid Value: GA1.2.1565984093.1730688271
.paykpal.com/	1970-01-21 00:44:48	Name: _gat Value: 1
.paykpal.com/	1970-01-21 02:54:24	Name: _fbp Value: fb.1.1730688270983.644183247471731309
.linkedin.com/	1970-01-21 02:54:24	Name: li_sugr Value: 8190c485-dc0e-4682-8461-9705095d6bfb
.linkedin.com/	1970-01-21 09:30:24	Name: bcookie Value: "v=2&ab9a3251-ed2f-4b19-85b0-c35e91c82acd"
.linkedin.com/	1970-01-21 00:46:14	Name: lidc Value: "b=TGST05:s=T:r=T:a=T:p=T:g=3151:u=1:x=1:i=1730688271:t=1730774671:v=2:sig=AQGxUKxaLN_FsHCg4tamIY80FLnPsou6"
tags.srv.stackadapt.com/	1970-01-21 09:30:24	Name: sa-user-id Value: s%3A0-3f20a0c0-5805-53d7-6110-c7cd7202a7f4.QJIsRT8Uv0IKTeA8Nilzi60GEuR03OxQcD1cCGkC3no
.srv.stackadapt.com/	1970-01-21 09:30:24	Name: sa-user-id Value: s%3A0-3f20a0c0-5805-53d7-6110-c7cd7202a7f4.QJIsRT8Uv0IKTeA8Nilzi60GEuR03OxQcD1cCGkC3no
tags.srv.stackadapt.com/	1970-01-21 09:30:24	Name: sa-user-id-v2 Value: s%3APyCgwFgFU9dhEMfNcgKn9AW16oU.2kL4ZQvQRykHWVcqul3edKqNx8QRL0xduEtsgUVC42o
.srv.stackadapt.com/	1970-01-21 09:30:24	Name: sa-user-id-v2 Value: s%3APyCgwFgFU9dhEMfNcgKn9AW16oU.2kL4ZQvQRykHWVcqul3edKqNx8QRL0xduEtsgUVC42o
tags.srv.stackadapt.com/	1970-01-21 09:30:24	Name: sa-user-id-v3 Value: s%3AAQAKIACP0kVyoBj_SP9w6vvQv4Rnavk9L1eb4JeL0JNhZ5eTENYBGAQgj-qguQYwAToEQiu0oEIEhqQtsg.i5Jpg7dD94sVmPQD056bJfUJNwZpYCj%2BmSXyp8wRkig
.srv.stackadapt.com/	1970-01-21 09:30:24	Name: sa-user-id-v3 Value: s%3AAQAKIACP0kVyoBj_SP9w6vvQv4Rnavk9L1eb4JeL0JNhZ5eTENYBGAQgj-qguQYwAToEQiu0oEIEhqQtsg.i5Jpg7dD94sVmPQD056bJfUJNwZpYCj%2BmSXyp8wRkig
.linkedin.com/	1970-01-21 01:28:00	Name: UserMatchHistory Value: AQJbq45IoXrdSwAAAZL1D0Pk2eaFwgdvMCSd65hdsyynE3FzFYzc09U_9FGII5PxDPyUjweggn82yQ
.linkedin.com/	1970-01-21 01:28:00	Name: AnalyticsSyncHistory Value: AQIU-6ArqlxuVgAAAZL1D0Pkjx0bStdOBAMhy-nLCfF0MO45HaAU2Iy1pCZr2V74WqgpW13J7L-S_hu_wn_gLQ
.paykpal.com/	1970-01-21 10:20:48	Name: _ga Value: GA1.1.1497856021.1730688271
.paykpal.com/	1970-01-21 10:20:48	Name: _ga_DKXFWS1ZVH Value: GS1.1.1730688271.1.0.1730688271.60.0.0
.tiktok.com/	1970-01-21 10:06:24	Name: _ttp Value: 2oMnNU4vGaJCixhe4H6M7HmFyB9
.www.linkedin.com/	1970-01-21 09:30:24	Name: bscookie Value: "v=1&2024110402443143cb1bdb-baa2-4f85-8c27-6a947ab1a68bAQGr0mbIoi92QgN8J9Wkf4I-ffkqWaaR"
.doubleclick.net/	1970-01-21 00:44:49	Name: test_cookie Value: CheckForPermission
.paykpal.com/	1970-01-21 10:06:24	Name: _tt_enable_cookie Value: 1
.paykpal.com/	1970-01-21 10:06:24	Name: _ttp Value: 3i41xisa7JJPH2HqDF5BbFEmY25
.hm.baidu.com/	1970-01-21 10:20:48	Name: HMACCOUNT_BFESS Value: 0F6A33DC32FB06B9
.www.paykpal.com/	1970-01-21 09:30:24	Name: Hm_lvt_fbc802ff7f8c929d218f623015cbf6aa Value: 1730688272
.www.paykpal.com/	1969-12-31 23:59:59	Name: Hm_lpvt_fbc802ff7f8c929d218f623015cbf6aa Value: 1730688272
.www.paykpal.com/	1969-12-31 23:59:59	Name: HMACCOUNT Value: 0F6A33DC32FB06B9

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6htv99.com
analytics.google.com
analytics.pangle-ads.com
analytics.tiktok.com
api.share.baidu.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hm.baidu.com
nbcc.ca
paykpal.com
push.zhanzhang.baidu.com
px.ads.linkedin.com
px4.ads.linkedin.com
snap.licdn.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.linkedin.com
www.paykpal.com
www.facebook.com
112.34.113.148
13.107.42.14
14.215.182.140
14.215.182.161
156.245.118.66
156.245.121.80
173.223.163.214
194.147.98.206
198.164.157.202
23.212.248.154
2600:1408:c400:25::17da:d9b0
2607:f8b0:400d:c00::9b
2607:f8b0:400d:c04::61
2607:f8b0:400d:c04::64
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c07::63
2607:f8b0:400d:c07::64
2607:f8b0:400d:c09::5f
2607:f8b0:400d:c0b::9a
2620:1ec:21::14
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
3.228.158.18
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0d3f7cecac321a4b4bd9aa16102a621dd3abf279b2d2a81cb977d1f955ef7c06
12372edd157702e5ef510edd1a2d8e789bfab0709cb98cfd75f4be0c2456d98a
158136faca5f4b916fa3f636bb57cba46ff748da65ff927b42d112756e43cb1c
194043cb7fd57d948e75848bcf5c4dab90f8d8e806952fd4036bd34e9214f6df
1a15627d6468346274abf438f000b3c7e640387aeb83e21052406c6a8efd72cb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
25990dff5a272384d3526faf864042632da1ebe84a3c43fb2149d89509027835
290236a30805de0786723e23062d411d3fdbcfb3ef1c6ccd4a3c5433b6ceb61f
2d400737d0617e6267481a1d68b8c27c754e76bbf1a4d4d668564147ddcc2f28
33aa33e087779171bf2f7550a1f22319777d20c70dec49f6c8bbc1585205ce0a
3543afcfba55cd06ff37bfc79cc3a36edd90f6c410b667daeaa6aa034a2121ef
361f53d9120f9b0d2dd69de53f36baaedc4648974196ce5b4b1664e066068c6c
3689e8cdba8099de6d9f18d0f3e80e9e8af24f97a3005f691c79b7f546472926
404c40c223c37eb2c47dd0ce327cc5e27838de4372a132618d5dacfbc221c507
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4cac0f8978ab94ceddcd37981f0f9dab2b3661f395fb8d60d75a5ac199deb3fc
4e8276aea0a3c7fe3600e6718c7f484d49c347c8d5763d89be95900d526a14da
4f36c476b4ef0a4b760aedea686e24cc650d4e01f1ec77b78aa36681cd14b1e0
516c0380981fcb82030e14ac99af8f47e0d01f92af95aa8facc61151fe6b1483
51bb9d9fca4045f836dc356bab53fd377b06313c4c1786731851e5d0b408a590
53eaf15bae45605ea399de089e8f6e5f12eed51c718b333f01fa9b77555cc633
56f818eb2c0e2abe5b020fc4c7153bf2b48c1c578fce3f732f25ec2458816c9f
5aa7843d1e2a32a65f95e4c4fdc584dc2d55fb20615b3013075ca4afc7bf7a6e
61d79580e61b1505a2fb8f77a5e3d6609e13a1b7a15f8f411aa2ead58dbfb688
644fa8c4ad411b5bfdd3dde40ccc4109a742e057dcef7fb245b4569a7f60ee01
674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2
6a631aedc7a674aab96f347558ec9911178f4d8492f93e33366f7ec30d45d779
705a822796baeb4f6199a6f4519ee7af1ff2ea0dadb29e61e73be8ebad9bdd37
749b9f932c1e6fecc596d1552a64656c3bda380ac70cd3896e209973d554ada1
76f466a145e0001c5eb798ad3a98169fa95453dd871556504dd5de79243b767f
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7b80d37dc355a570578ca92c7212ed71ea3dc68af865d4d8b986952715b82e2a
7baa86aee32051749f5646c30d042ee97e9590003307e2ff3f4b6bbcf0ee963d
7feaad110263b6420f82dbffeb67a1557d547125733fbdc8e9ed202508f76893
80d17ab8b10b76b80d04cadb2481a72d2f0609bb2c3dae6e431d161cdc1d6864
8550ff59d6fb1fadb9fb4df5adbd457a440cbb75b80f7e6caf98cb17f0a90944
86d95647e48889bf8cae97778e7dfd05dcf761bda01e7d362950dfc72d4b0550
8821a7426941daaec923722d4d02bef6aa6a4bd42b39c408c64a279c71c5dc13
8838b00c4d65fb353a4fc115fb3d5ec4ac665dddd47131dbcb41799e5ce6b25a
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8bb887d0ff1d5f71b3832b0f84d5158b12e57de5f83ea026c46d1864234cc79f
8bde3a11918c68fe6deee3695961251212d7ab8f385b84c653b196966144916e
924f0b32e86fe959e4290f3690d241cc6a24c08a0a4be56b4d3ce9c2286291bc
9833cf6cb425bf0c0c1fef6dcaeab16ba52a6311c61ae4a98b923264e3056d3d
9dff755446d0d8e13e0dace98870edf02f4065f6d049ddf8f4d7e3fbbdbda4fb
9e47c20b6b467f03a31a140f2c1379590329209cddad96864ca67f3c501d7c93
9f3d654739fb5e6f4105d639ba06681bd3da66130db9f603d61d64b677bcf863
a0069524ed5343aff5b15569a3cb40a0f36830fb7b4095e7697b6520b1acfecc
a12eaac378ced9140331dfafb72caee77622eb080eb7af2de8655201472bb7bf
a729ab98336c88095724778168fd92b79f2500c4406809f88b03ce040f7ee82a
b341d71194e1ed8191cb6123c1d60accc58677f18eb207a7291a86f097570aa3
bab264ce3dcbf5effb9f3e86fdfc1a76fe1901dbf00542918ecf1ca7c23f24f6
c7d1e7143f7a042db0944e923424d34e8235fc2279fde57d8cb1a0b6c331701f
c95fae4052e1715e8b99dca5fb57dbe1b95ec85c865ae3bcafc5ee6f043c162b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0ecfb6b1359cefee34040343b3213aaae382994d18df4e4e897d85051d1fddd
d2e316abcec4ed64ad9e754c79ad4fe0409275de1bf6f25ed9ff88a549377167
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8eb7ed9412295cccc39ca6831bb5908396833080a07c0933667f5e468c801e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3eed0ea66f67d21dbb178a4fce4838dcd90557e473b4407761053b3ef7f7170
e527ccb4ceda8f0db9863c083ac36c97f8241d90b99dadaa4076cea13cb3d542
e73edf6dd8e505ba70c3cda62b1651ed4a723107cbfb2a8f915dcfe80e035f2b
ee6907bd8ce545b225c07f0844296f7ab9705c1cee562fdbb2e6175250a9f881
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efba06271930fe54a764b28ffac6d9455637e3920aa8249f3eb399dd3f941d78
f0fb21c10874a60af78e92e77af90dfe7e80ee6bcc29fc9ff8bb06b069808b77

www.paykpal.com Open in urlscan Pro 156.245.121.80 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

42 %HTTPS

52 %IPv6

17 Domains

24 Subdomains

24 IPs

4 Countries

1796 kBTransfer

4095 kBSize

27 Cookies

0 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

www.paykpal.com Open in urlscan Pro
156.245.121.80 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

42 %
HTTPS

52 %
IPv6

17
Domains

24
Subdomains

24
IPs

4
Countries

1796 kB
Transfer

4095 kB
Size

27
Cookies

89 HTTP transactions
0 data transactions