urlscan.io logo urlscan.io
SecurityTrails logo

paidperletter.com Open in urlscan Pro
199.116.250.35  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paidperletter.com/
Effective URL: https://paidperletter.com/info.php?user=paidperletter
Submission: On February 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 40 HTTP transactions. The main IP is 199.116.250.35, located in United States and belongs to GVO, US. The main domain is paidperletter.com.
TLS certificate: Issued by R3 on January 2nd 2024. Valid for: 3 months.
This is the only time paidperletter.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 30 199.116.250.35 46549 (GVO)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 108.138.233.60 16509 (AMAZON-02)
3 54.186.23.98 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
1 44.236.139.182 16509 (AMAZON-02)
40 8
30    199.116.250.35 (United States)

ASN46549 (GVO, US)
PTR: gvo25035.gvodatacenter.com
paidperletter.com
2    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
3    108.138.233.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-233-60.lhr61.r.cloudfront.net
js.stripe.com
3    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
2    2600:9000:2057:5800:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
1    44.236.139.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-139-182.us-west-2.compute.amazonaws.com
m.stripe.com
Apex Domain
Subdomains		 Transfer
30 paidperletter.com
paidperletter.com
1 MB
7 stripe.com
js.stripe.com — Cisco Umbrella Rank: 1172
q.stripe.com — Cisco Umbrella Rank: 7036
m.stripe.com — Cisco Umbrella Rank: 1150
151 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 1245
16 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 366
153 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 314
24 KB
40 5
Domain Requested by
30 paidperletter.com 2 redirects paidperletter.com
3 q.stripe.com paidperletter.com
3 js.stripe.com paidperletter.com
js.stripe.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 ajax.googleapis.com paidperletter.com
1 m.stripe.com m.stripe.network
1 cdn.jsdelivr.net paidperletter.com
40 7

This site contains no links.

Subject Issuer Validity Valid
powerlinehub.com
R3		 2024-01-02 -
2024-04-01		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-02-07 -
2024-05-09		 3 months crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-12-20 -
2024-03-21		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-22 -
2024-03-21		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://paidperletter.com/info.php?user=paidperletter
Frame ID: B1D823F19F434140E857A71F387DC2B5
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 8953BF3349F592ABE384744BBB9A7A20
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: E884C1000126ECEDACBE2A5ED80D0094
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paid Per Letter

Page URL History Show full URLs

  1. http://paidperletter.com/ HTTP 301
    https://paidperletter.com/ HTTP 301
    https://paidperletter.com/info.php?user=paidperletter Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

40
Requests

100 %
HTTPS

43 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

1562 kB
Transfer

11101 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paidperletter.com/ HTTP 301
    https://paidperletter.com/ HTTP 301
    https://paidperletter.com/info.php?user=paidperletter Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request info.php
paidperletter.com/
Redirect Chain
  • http://paidperletter.com/
  • https://paidperletter.com/
  • https://paidperletter.com/info.php?user=paidperletter
225 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache / PHP/8.1.19
Resource Hash
26f66b6935a077885b826ac7b0319ddb88ce480f5f272f0abf322ba769fdc202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
36099
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Feb 2024 18:49:54 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Referrer-Header
strict-origin-when-cross-origin
Server
Apache
Strict-Transport-Security
max-age=31536000
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Powered-By
PHP/8.1.19
X-XSS-Protection
1

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Mon, 12 Feb 2024 18:49:53 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://paidperletter.com/info.php?user=paidperletter
Pragma
no-cache
Referrer-Header
strict-origin-when-cross-origin
Server
Apache
X-Content-Type-Options
nosniff
X-Powered-By
PHP/8.1.19
X-XSS-Protection
1
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.7.0/ 		85 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.7.0/jquery.min.js
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 15:24:35 GMT
x-content-type-options
nosniff
age
271520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87462
x-xss-protection
0
last-modified
Wed, 17 May 2023 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Feb 2025 15:24:35 GMT
style.css
paidperletter.com/uploads/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/uploads/css/style.css
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
43e6f42d70f9e6047c8be4e4562c53819e46b26f62d42715fe6e838628ce3ac9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Header
strict-origin-when-cross-origin
Connection
Keep-Alive
Content-Length
10552
X-XSS-Protection
1
Last-Modified
Mon, 24 Jul 2023 16:58:49 GMT
Server
Apache
ETag
"6013e874c4880-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Expires
Tue, 13 Feb 2024 18:49:54 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/bootstrap.min.css
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paidperletter.com/
Origin
https://paidperletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:49:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
914461
x-jsd-version
5.0.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230087-FRA, cache-lga21949-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"25fef-PDndyutgvrSms9Gt5O+JOaWK1Zo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0E13Jsn3q6cHcF670yXDC74oQRW4CpA6U6QixTAFMqr4OL%2Fny56z%2FxwfRiEy55rLMCpfn8alZMjTDBq8F94uz5FWcRCHyW%2BmHPEfpgxPqHaIG4BL2APvNo1SpWcii4uOJYPv9mrDtgZI7JsHG7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
854703a95fc83666-FRA
infoall.min.css
paidperletter.com/ 		486 KB
82 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/infoall.min.css
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
00b5f1d27c763b7539bf739003368fe114e358737e49e4091936bd3a48bd8cb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:54 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Header
strict-origin-when-cross-origin
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1
Last-Modified
Sat, 23 Dec 2023 13:40:02 GMT
Server
Apache
ETag
"60d2d7844fe73-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=86400
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Expires
Tue, 13 Feb 2024 18:49:54 GMT
infopolyfill.min.js
paidperletter.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/infopolyfill.min.js?features=Intl.Locale%2CIntl.getCanonicalLocales%2CmatchMedia%2CIntl.DisplayNames%2CResizeObserver
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache / PHP/8.1.19
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Feb 2024 18:49:54 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Powered-By
PHP/8.1.19
Referrer-Header
strict-origin-when-cross-origin
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
984
X-XSS-Protection
1
Expires
Thu, 19 Nov 1981 08:52:00 GMT
wmt.js
paidperletter.com/admin/js/ 		48 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/admin/js/wmt.js
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache / PHP/8.1.19
Resource Hash
57a4a09aeca588d9b8fc7a976de065d521de63c921ae85afbe83ac984d94d889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:54 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/8.1.19
Referrer-Header
strict-origin-when-cross-origin
Connection
Keep-Alive
Content-Length
10803
X-XSS-Protection
1
Pragma
no-cache
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Keep-Alive
timeout=5, max=97
Expires
Thu, 19 Nov 1981 08:52:00 GMT
join.js
paidperletter.com/admin/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/admin/js/join.js
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache / PHP/8.1.19
Resource Hash
1af16185df9d980fd75f5f0def03415bbe52a54a1d26227449740bf95551c7ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:54 GMT
Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Powered-By
PHP/8.1.19
Referrer-Header
strict-origin-when-cross-origin
Connection
Keep-Alive
Content-Length
1446
X-XSS-Protection
1
Pragma
no-cache
Server
Apache
X-Frame-Options
SAMEORIGIN
Vary
Accept-Encoding
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Keep-Alive
timeout=5, max=100
Expires
Thu, 19 Nov 1981 08:52:00 GMT
info-login-btn.png
paidperletter.com/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/info-login-btn.png
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
8b70585a0e545aaea2f777b13d81a8caf132eed5a0321503dd223d7c42f09ad8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Jan 2024 18:50:23 GMT
Server
Apache
ETag
"60f28b832e383"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
20887
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:54 GMT
94.jpg
paidperletter.com/uploads/images/confirmimages/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/uploads/images/confirmimages/94.jpg
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
d8144ae857e2061e5ec56d6b377e0d27d2a05b5a2c8db4a6607a6fa20650fb6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:54 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Jul 2023 17:00:44 GMT
Server
Apache
ETag
"6013e8e2365ab"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1206
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:54 GMT
inforuntime.e4c46bae9a3f51dcf072.js
paidperletter.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/inforuntime.e4c46bae9a3f51dcf072.js
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
bc472a8abcfa9346b8bb9c9f4f0e479bb50fcda84ea9c5ea65ed5615f209e3af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Header
strict-origin-when-cross-origin
Connection
Keep-Alive
Content-Length
978
X-XSS-Protection
1
Last-Modified
Sat, 23 Dec 2023 13:30:53 GMT
Server
Apache
ETag
"60d2d5782c768-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Tue, 13 Feb 2024 18:49:55 GMT
infopage.0e5ed45a3bb90a710609.js
paidperletter.com/ 		888 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/infopage.0e5ed45a3bb90a710609.js
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
790d608e5c1a7d8352010cca782a1f9c636705d43907f6371589f918486866c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Header
strict-origin-when-cross-origin
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1
Last-Modified
Sat, 23 Dec 2023 13:30:57 GMT
Server
Apache
ETag
"60d2d57beb728-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Expires
Tue, 13 Feb 2024 18:49:55 GMT
infovendors~page.bc3fe0436b1a93e2e6db.js
paidperletter.com/ 		874 KB
258 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/infovendors~page.bc3fe0436b1a93e2e6db.js
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
4a66343d674f652351c79808bb3498bc1b9f8a6ff03e071bc7153559305dfb94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Referrer-Header
strict-origin-when-cross-origin
Transfer-Encoding
chunked
Connection
Keep-Alive
X-XSS-Protection
1
Last-Modified
Sat, 23 Dec 2023 13:30:52 GMT
Server
Apache
ETag
"60d2d577221b0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Expires
Tue, 13 Feb 2024 18:49:55 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/ 		248 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Fri, 09 Feb 2024 17:16:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67948
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 08 Feb 2025 17:16:16 GMT
Landing-redo.mp4
paidperletter.com/ 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/Landing-redo.mp4
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Jan 2024 19:03:41 GMT
Server
Apache
ETag
"60f28e7b8b4a8"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
video/mp4
Content-Range
bytes 0-154473066/154473067
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
154473067
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:55 GMT
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
info657a992973ded_Webcapture_13-12-2023_215619_www.skool.com.jpeg
paidperletter.com/ 		203 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/info657a992973ded_Webcapture_13-12-2023_215619_www.skool.com.jpeg
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
d20f4e363d1c182eba67fafe28e182826e589973cf99df62a265ce5171ee25aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 29 Dec 2023 16:58:38 GMT
Server
Apache
ETag
"60da8f194e747"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
208111
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:55 GMT
info657b33c5dc127_community-involvement.jpg
paidperletter.com/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/info657b33c5dc127_community-involvement.jpg
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
1090a9d605155f8e0c29ecb266a01d8462f0ec7d73bb28eb00a2e2108e84816a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:31:07 GMT
Server
Apache
ETag
"60d2d585778a0"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
21314
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:55 GMT
info657a9f7e82b3c_th5.jpg
paidperletter.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/info657a9f7e82b3c_th5.jpg
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
7e2b359cbc3dfb83b04e7f4b8f0e35ce201dd1d28016c70c85ddfd5dca499413
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:31:06 GMT
Server
Apache
ETag
"60d2d584b3fb8"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12059
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:55 GMT
poppinsregular.woff2
paidperletter.com/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/poppinsregular.woff2
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
fdd50b4ae273766b7628ee7cc29f1004af2affd62028b21f7f769b65417d1818
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Origin
https://paidperletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:31:02 GMT
Server
Apache
ETag
"60d2d580b0650"
Referrer-Header
strict-origin-when-cross-origin
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
47436
X-XSS-Protection
1
Expires
Mon, 12 Feb 2024 18:59:55 GMT
poppins700.woff2
paidperletter.com/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/poppins700.woff2
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
a0ef2eaa83e203d62edb05c3ca1c8e2aaf2664239e109ff8451a1f366cee88ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Origin
https://paidperletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:31:04 GMT
Server
Apache
ETag
"60d2d582a4268"
Referrer-Header
strict-origin-when-cross-origin
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
46932
X-XSS-Protection
1
Expires
Mon, 12 Feb 2024 18:59:55 GMT
poppins300.woff2
paidperletter.com/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/poppins300.woff2
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
104fd31828b45be08cee5e75fb9a92fe0538b3d9d7d177afbf74ae7467244da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Origin
https://paidperletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:31:04 GMT
Server
Apache
ETag
"60d2d582d5390"
Referrer-Header
strict-origin-when-cross-origin
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
47312
X-XSS-Protection
1
Expires
Mon, 12 Feb 2024 18:59:55 GMT
poppins700italic.woff2
paidperletter.com/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/poppins700italic.woff2
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
48e95347f645a7b77140859dfefc9ad818997dd5d3b55f377f2408286e6af178
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Origin
https://paidperletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:30:59 GMT
Server
Apache
ETag
"60d2d57e80948"
Referrer-Header
strict-origin-when-cross-origin
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
53948
X-XSS-Protection
1
Expires
Mon, 12 Feb 2024 18:59:55 GMT
poppins600.woff2
paidperletter.com/ 		46 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/poppins600.woff2
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
5962a2452a729867d14eb1b9ddd029fdfa42b8f6e0413e25aa1f2f832746ec26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Origin
https://paidperletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:31:05 GMT
Server
Apache
ETag
"60d2d583f60a8"
Referrer-Header
strict-origin-when-cross-origin
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
47592
X-XSS-Protection
1
Expires
Mon, 12 Feb 2024 18:59:55 GMT
fa-solid-900.woff2
paidperletter.com/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/fa-solid-900.woff2
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/infoall.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
e73b9a9936866f0ca067082f0a9d70a290b5cfca053b3f985d9d01841d37065c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/infoall.min.css
Origin
https://paidperletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 24 Jul 2023 16:58:17 GMT
Server
Apache
ETag
"6013e85620c7f"
Referrer-Header
strict-origin-when-cross-origin
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
80300
X-XSS-Protection
1
Expires
Mon, 12 Feb 2024 18:59:55 GMT
italic.woff2
paidperletter.com/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/italic.woff2
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache / PHP/8.1.19
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Origin
https://paidperletter.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Server
Apache
X-Powered-By
PHP/8.1.19
Referrer-Header
strict-origin-when-cross-origin
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=95
Content-Length
984
X-XSS-Protection
1
Expires
Thu, 19 Nov 1981 08:52:00 GMT
info657a92382c311_PastelPinkBoldRetroHandwrittenMakeupArtistLogo10.png
paidperletter.com/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/info657a92382c311_PastelPinkBoldRetroHandwrittenMakeupArtistLogo10.png
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
842c570e76eb078c3f7c1dfa9b32df9d516ad1efff234908046f51c32c2f9ae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:30:58 GMT
Server
Apache
ETag
"60d2d57d6d6f0"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
17932
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:55 GMT
info657aa2dac1c09_PastelPinkBoldRetroHandwrittenMakeupArtistLogo15.png
paidperletter.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/info657aa2dac1c09_PastelPinkBoldRetroHandwrittenMakeupArtistLogo15.png
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
f100541ebf05ac33745b65336d90c5e4766992b60338cad6fb021d87bb44fd52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:30:58 GMT
Server
Apache
ETag
"60d2d57d4b7f8"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
14992
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:55 GMT
info657aa0bcc4436_PastelPinkBoldRetroHandwrittenMakeupArtistLogo13.png
paidperletter.com/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/info657aa0bcc4436_PastelPinkBoldRetroHandwrittenMakeupArtistLogo13.png
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
698cb856053aca5823983aac17b1d84f5a5e637ca670e00288f34f8c92cf51cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:30:57 GMT
Server
Apache
ETag
"60d2d57cacce8"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
17227
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:55 GMT
info657aa1173584d_PastelPinkBoldRetroHandwrittenMakeupArtistLogo14.png
paidperletter.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paidperletter.com/info657aa1173584d_PastelPinkBoldRetroHandwrittenMakeupArtistLogo14.png
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
44058d839f83d8731a891712bb20c4538b30b6e85896840351d656ed61bd86e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/info.php?user=paidperletter
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Mon, 12 Feb 2024 18:49:55 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 23 Dec 2023 13:30:57 GMT
Server
Apache
ETag
"60d2d57c8aa08"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
20466
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:55 GMT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
v3
js.stripe.com/ 		592 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/infovendors~page.bc3fe0436b1a93e2e6db.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-60.lhr61.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6c93df9a115ee393c2c21092ca22f0282c7b28e1b02086ab72d6efde86245ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://paidperletter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:49:38 GMT
content-encoding
br
via
1.1 bba99a59a85c763f7dd5d6e519a3dfbc.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
20
x-amz-cf-pop
LHR61-P4
x-cache
Hit from cloudfront
last-modified
Fri, 09 Feb 2024 21:38:09 GMT
server
Cloudfront
etag
W/"5b7820a46133cf63de46954bbcb7c5cb"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
UekQ4oX7KfNxm--B2wsanUa3UctbbCpNVNzCi6xiXSqgPDHf3fL5bQ==
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8953 		200 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-60.lhr61.r.cloudfront.net
Software
Cloudfront /
Resource Hash
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paidperletter.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3596
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 17:50:02 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Wed, 07 Feb 2024 22:22:48 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 bba99a59a85c763f7dd5d6e519a3dfbc.cloudfront.net (CloudFront)
x-amz-cf-id
AHoCxgWpkbPnwAg5F_muP_R2gdA3RLcI1uzBlOcisLjahcLg17FvAQ==
x-amz-cf-pop
LHR61-P4
x-cache
Hit from cloudfront
x-content-type-options
nosniff
Landing-redo.mp4
paidperletter.com/ 		640 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/Landing-redo.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Range
bytes=360448-

Response headers

Date
Mon, 12 Feb 2024 18:49:56 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Jan 2024 19:03:41 GMT
Server
Apache
ETag
"60f28e7b8b4a8"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
video/mp4
Content-Range
bytes 360448-154473066/154473067
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
154112619
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:56 GMT
m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
js.stripe.com/v3/fingerprinted/js/ Frame 8953 		526 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.233.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-233-60.lhr61.r.cloudfront.net
Software
Cloudfront /
Resource Hash
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:47:11 GMT
via
1.1 bba99a59a85c763f7dd5d6e519a3dfbc.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
age
167
x-amz-cf-pop
LHR61-P4
x-cache
Hit from cloudfront
content-length
526
last-modified
Wed, 07 Feb 2024 22:22:47 GMT
server
Cloudfront
etag
"d96c709017743c0759cf3853d1806ba5"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DnJsCzLqWuhSHrYyGM6teJEVaweghFhqgPGfVyac17yhUil4imaLsw==
csp-report
q.stripe.com/ Frame 8953 		0
717 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 12 Feb 2024 18:49:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707763798103113
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707763798102793
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 8953 		0
716 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 12 Feb 2024 18:49:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707763798103608
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms
1
access-control-allow-origin
https://js.stripe.com
x-stripe-client-envoy-start-time-us
1707763798102980
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers
Server, Range, Content-Type
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
inner.html
m.stripe.network/ Frame E884 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
147
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Mon, 12 Feb 2024 18:47:31 GMT
etag
"06bfcd88af438673a8bf9b845a11aa6e"
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding, Origin
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
x-amz-cf-id
N2pKldmeVrGYu6-uE4_bHFV4riBqpiPqlp5WnibLzGHWsLcG8L5MIQ==
x-amz-cf-pop
FRA6-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
csp-report
q.stripe.com/ Frame E884 		0
490 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: paidperletter.com
URL: https://paidperletter.com/info.php?user=paidperletter
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 12 Feb 2024 18:49:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707763798103149
x-envoy-upstream-service-time
2
content-length
0
x-stripe-bg-intended-route-color
blue
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
x-stripe-server-envoy-upstream-service-time-ms
1
x-stripe-client-envoy-start-time-us
1707763798102882
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
expires
0
out-4.5.43.js
m.stripe.network/ Frame E884 		87 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.43.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:5800:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Cloudfront /
Resource Hash
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 18:46:53 GMT
content-encoding
br
via
1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
last-modified
Fri, 30 Jun 2023 14:32:28 GMT
server
Cloudfront
age
184
x-content-type-options
nosniff
etag
W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop
FRA6-C1
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
max-age=300, public
x-amz-cf-id
Vhw40uh_PfZA_QlStTl63tCpqJ-et2spOg2ztFdW6OSrxoOu8_NsJA==
6
m.stripe.com/ Frame E884 		156 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.236.139.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-236-139-182.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
744765746898700339b06eb4451e203087c922a64854f3a44b7ff8181692e450
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color
green
date
Mon, 12 Feb 2024 18:49:58 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
x-stripe-server-envoy-start-time-us
1707763798357150
server
nginx
content-type
application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms
3
access-control-allow-origin
https://m.stripe.network
x-stripe-client-envoy-start-time-us
1707763798356605
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
Landing-redo.mp4
paidperletter.com/ 		512 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://paidperletter.com/Landing-redo.mp4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
199.116.250.35 , United States, ASN46549 (GVO, US),
Reverse DNS
gvo25035.gvodatacenter.com
Software
Apache /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Referer
https://paidperletter.com/info.php?user=paidperletter
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Range
bytes=1015808-

Response headers

Date
Mon, 12 Feb 2024 18:49:57 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 17 Jan 2024 19:03:41 GMT
Server
Apache
ETag
"60f28e7b8b4a8"
Referrer-Header
strict-origin-when-cross-origin
Content-Type
video/mp4
Content-Range
bytes 1015808-154473066/154473067
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
153457259
X-XSS-Protection
1
Expires
Wed, 13 Mar 2024 18:49:57 GMT

Verdicts & Comments Add Verdict or Comment

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| loadSpeed function| WMTGetMWidth function| WMTGetMHeight function| setCookie object| initialI18nStore string| initialLanguage object| webpackChunkeditor function| submitForm2 undefined| passEvent string| divHTML number| oldScrollTop number| wmtMouseX number| wmtMouseY number| oldWMTMX number| oldWMTMY string| wmtPopSubject string| wmtPopMessage number| wmtCurrentGrid number| wmtAddPrepend function| wmtPanelSmall function| wmtPanelDelete function| wmtDragUpdate function| wmtMoveUp function| wmtMoveDown function| getWMTOffset function| addContactField function| loadDocument function| fixPopUpHeight function| wmtToggleButton function| wmtLoadResults function| wmtFormCheckRequired function| wmtSaveResult function| wmtAddPopUp function| getButtonHTML function| wmtAdd function| wmtSaveAlert function| wmtSaveAddGrid function| wmtSavePopUp function| wmtLoadPostResults function| wmtClosePopUp function| wmtPopUp function| wmtHDTilde function| wmtEDTilde function| calenderDelete function| changeState function| wmtValidator function| wmtValidateSuccess function| wmtValidateEmail function| wmtValidateError function| setState function| showUSA function| wmtLoadAJAX function| showWMTTRMenu function| hideWMTTRMenu function| toggleWMTTRMenu function| addWMTTREvent function| remWMTTREvent function| sWMTMenu function| hideWMTTRAll function| wmtAlert function| wmtSaveAPC function| wmtSavePostResult function| wmtShowNavDiv function| confirmDelete function| confirmDelete2 function| confirmDelete3 function| confirmDelete4 function| wmtDeleteContact function| wmtDeleteMember function| wmtVideoWidthType function| showVideoAdvanced function| videoScrollChange function| wmtVideoAspecRatio function| wmtVideoSizeType function| wmtVideoSelect function| youtubeValidation function| addAdminPageContent function| addEditableAdminPageContent function| rowAdminPageGrid function| showAdminPageGrid function| wmtGridMobile function| rowAdminPageGridCustom function| wmtGridDisplay function| wmtGrid function| resetPageSettings function| toggleEditMode function| wmtActivateSearch function| wmtSidebarToggle function| wmtBottomLeftNotify function| wmtSearchTimeRange function| wmtSearchFixDate function| wmtActivateJS number| wmtPhoneID function| changePhoneCountry function| wmtBindPhone function| cancelPhoneCountry function| togglePhoneCountry function| bodyPhoneCountry function| searchPhoneCountry function| wmtFormatPhoneNumber function| addRequired function| submitForm function| ajaxCheckDirectory function| ajaxCheckEmail function| passwrdChange object| scCGSHMRCache object| regeneratorRuntime function| setImmediate function| clearImmediate object| webpackChunkStripeJSouter function| noop function| Stripe

8 Cookies

Domain/Path Name / Value
paidperletter.com/ Name: PHPSESSID
Value: jd9d6tuh4ru340ce6e0rajjb1u
.paidperletter.com/ Name: vid
Value: 1004282
.paidperletter.com/ Name: vk
Value: 97c5
paidperletter.com/ Name: mw
Value: 1600
paidperletter.com/ Name: mh
Value: 1200
m.stripe.com/ Name: m
Value: a03de67a-28dd-4e69-8f30-ec38fde0e7fefd6083
.paidperletter.com/ Name: __stripe_mid
Value: 22e74df6-1c3b-4d06-9173-5ab19f24358bd9ab62
.paidperletter.com/ Name: __stripe_sid
Value: 362176f9-4423-49da-81c6-6e102f49848855fdca

5 Console Messages

Source Level URL
Text
network error URL: https://paidperletter.com/infopolyfill.min.js?features=Intl.Locale%2CIntl.getCanonicalLocales%2CmatchMedia%2CIntl.DisplayNames%2CResizeObserver
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error URL: https://paidperletter.com/info.php?user=paidperletter
Message:
Refused to execute script from 'https://paidperletter.com/infopolyfill.min.js?features=Intl.Locale%2CIntl.getCanonicalLocales%2CmatchMedia%2CIntl.DisplayNames%2CResizeObserver' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.
network error URL: https://paidperletter.com/italic.woff2
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
security error (Line 6)
Message:
[Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other warning URL: https://paidperletter.com/info.php?user=paidperletter
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
js.stripe.com
m.stripe.com
m.stripe.network
paidperletter.com
q.stripe.com
108.138.233.60
199.116.250.35
2600:9000:2057:5800:19:7d10:bd80:93a1
2606:4700::6810:5514
2a00:1450:4001:829::200a
44.236.139.182
54.186.23.98
00b5f1d27c763b7539bf739003368fe114e358737e49e4091936bd3a48bd8cb2
104fd31828b45be08cee5e75fb9a92fe0538b3d9d7d177afbf74ae7467244da9
1090a9d605155f8e0c29ecb266a01d8462f0ec7d73bb28eb00a2e2108e84816a
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
1af16185df9d980fd75f5f0def03415bbe52a54a1d26227449740bf95551c7ef
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
26f66b6935a077885b826ac7b0319ddb88ce480f5f272f0abf322ba769fdc202
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
43e6f42d70f9e6047c8be4e4562c53819e46b26f62d42715fe6e838628ce3ac9
44058d839f83d8731a891712bb20c4538b30b6e85896840351d656ed61bd86e1
48e95347f645a7b77140859dfefc9ad818997dd5d3b55f377f2408286e6af178
4a66343d674f652351c79808bb3498bc1b9f8a6ff03e071bc7153559305dfb94
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
57a4a09aeca588d9b8fc7a976de065d521de63c921ae85afbe83ac984d94d889
5962a2452a729867d14eb1b9ddd029fdfa42b8f6e0413e25aa1f2f832746ec26
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
698cb856053aca5823983aac17b1d84f5a5e637ca670e00288f34f8c92cf51cd
6c93df9a115ee393c2c21092ca22f0282c7b28e1b02086ab72d6efde86245ce6
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
744765746898700339b06eb4451e203087c922a64854f3a44b7ff8181692e450
790d608e5c1a7d8352010cca782a1f9c636705d43907f6371589f918486866c0
7e2b359cbc3dfb83b04e7f4b8f0e35ce201dd1d28016c70c85ddfd5dca499413
842c570e76eb078c3f7c1dfa9b32df9d516ad1efff234908046f51c32c2f9ae6
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
8b70585a0e545aaea2f777b13d81a8caf132eed5a0321503dd223d7c42f09ad8
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a0ef2eaa83e203d62edb05c3ca1c8e2aaf2664239e109ff8451a1f366cee88ee
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
bc472a8abcfa9346b8bb9c9f4f0e479bb50fcda84ea9c5ea65ed5615f209e3af
d20f4e363d1c182eba67fafe28e182826e589973cf99df62a265ce5171ee25aa
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d8144ae857e2061e5ec56d6b377e0d27d2a05b5a2c8db4a6607a6fa20650fb6b
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73b9a9936866f0ca067082f0a9d70a290b5cfca053b3f985d9d01841d37065c
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f100541ebf05ac33745b65336d90c5e4766992b60338cad6fb021d87bb44fd52
fdd50b4ae273766b7628ee7cc29f1004af2affd62028b21f7f769b65417d1818