Submitted URL: http://getpaid.gcash.com/
Effective URL: https://getpaid.gcash.com/
Submission: On July 02 via manual from PH — Scanned from DE

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 38 HTTP transactions. The main IP is 192.53.117.211, located in Singapore, Singapore and belongs to LINODE-AP Linode, LLC, US. The main domain is getpaid.gcash.com.
TLS certificate: Issued by R3 on May 23rd 2022. Valid for: 3 months.
This is the only time getpaid.gcash.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 39 192.53.117.211 63949 (LINODE-AP...)
38 1
Apex Domain
Subdomains
Transfer
39 gcash.com
getpaid.gcash.com
1 MB
38 1
Domain Requested by
39 getpaid.gcash.com 1 redirects getpaid.gcash.com
38 1

This site contains links to these domains. Also see Links.

Domain
www.paynamics.com
Subject Issuer Validity Valid
getpaid.gcash.com
R3
2022-05-23 -
2022-08-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://getpaid.gcash.com/
Frame ID: C2DB2688D503C62E9759E76E6B4E7DE3
Requests: 38 HTTP requests in this frame

Screenshot

Page Title

GCash | Account Login

Page URL History Show full URLs

  1. http://getpaid.gcash.com/ HTTP 301
    https://getpaid.gcash.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • dataTables.*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js

Page Statistics

38
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

1096 kB
Transfer

4039 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://getpaid.gcash.com/ HTTP 301
    https://getpaid.gcash.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
getpaid.gcash.com/
Redirect Chain
  • http://getpaid.gcash.com/
  • https://getpaid.gcash.com/
32 KB
7 KB
Document
General
Full URL
https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
4cf8cca75fc197f11c805665cdf7815bbbd0e765d5ba7d56a5c3b4d0611d08a6
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
6330
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
content-type
text/html; charset=UTF-8
date
Sat, 02 Jul 2022 06:59:53 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Security-Policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Content-Type
text/html
Date
Sat, 02 Jul 2022 06:59:53 GMT
Location
https://getpaid.gcash.com/
Referrer-Policy
no-referrer-when-downgrade
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
bootstrap.min.css
getpaid.gcash.com/assets/vendor/bootstrap/
150 KB
23 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/vendor/bootstrap/bootstrap.min.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Nov 2021 09:19:18 GMT
server
nginx
etag
"2565e-5d0bc2fd74884-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
22973
x-content-type-options
nosniff
offcanvas.css
getpaid.gcash.com/assets/vendor/bootstrap/
1 KB
735 B
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/vendor/bootstrap/offcanvas.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
e81e771829f8af6ad4df8a834a6420a9c2d821806e1e4725d80604a6dd195ffd
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Nov 2021 09:19:18 GMT
server
nginx
etag
"40b-5d0bc2fd75824-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
331
x-content-type-options
nosniff
vendors.bundle.css
getpaid.gcash.com/assets/css/
358 KB
55 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/vendors.bundle.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
9667c54541db9fdbf819dd3571c35546c9a445723cb3121244a63588d4b9e12a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"59787-5b9c7a3867e01-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
56307
x-content-type-options
nosniff
app.bundle.css
getpaid.gcash.com/assets/css/
238 KB
44 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/app.bundle.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
4f003f3a0d7fc67d66c3281429d8f1850656e750ba3e9f14442b1771430a8084
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"3b8f6-5b9c7a3860100-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
44704
x-content-type-options
nosniff
skin-master.css
getpaid.gcash.com/assets/css/skins/
58 KB
8 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/skins/skin-master.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
4c4a53b213aab7f7ace3a3c5aecf5d10bffc7b420064add9c6da1cc308a24354
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"e8a7-5b9c7a3864f21-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
7489
x-content-type-options
nosniff
fa-brands.css
getpaid.gcash.com/assets/css/
732 B
719 B
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/fa-brands.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
6cb17dd2b923eed22d8681f09a63011eea893fcfd9a27b01af6424a777803eb3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"2dc-5b9c7a38610a0-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
316
x-content-type-options
nosniff
datatables.bundle.css
getpaid.gcash.com/assets/css/datagrid/datatables/
40 KB
8 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/datagrid/datatables/datatables.bundle.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
f7c6cdf2f71d0e10c1684c5eea8fe782db9ac6aa0a8550838c88e4d53b4b6601
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"a116-5b9c7a3860100-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
7694
x-content-type-options
nosniff
bootstrap-datepicker.css
getpaid.gcash.com/assets/css/formplugins/bootstrap-datepicker/
35 KB
7 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/formplugins/bootstrap-datepicker/bootstrap-datepicker.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
3a43485dc6f6da8958baad3800802de101d3283c999f8940cb8786a01f75b8f4
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"8d37-5b9c7a3862040-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
6307
x-content-type-options
nosniff
dropzone.css
getpaid.gcash.com/assets/css/formplugins/dropzone/
15 KB
4 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/formplugins/dropzone/dropzone.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
66ad6be91e4a162f734b4d48441b9701ba0d7eb5622f29440e9fbd0f08c48f10
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:53 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"3c33-5b9c7a3862fe1-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
4013
x-content-type-options
nosniff
toastr.css
getpaid.gcash.com/assets/css/notifications/toastr/
15 KB
6 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/notifications/toastr/toastr.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
c11af04b56bf576a41c01652420fb5650363983655a753654636d6c2f343fe37
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"3a58-5b9c7a3864f21-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
5506
x-content-type-options
nosniff
sweetalert2.bundle.css
getpaid.gcash.com/assets/css/notifications/sweetalert2/
47 KB
8 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/notifications/sweetalert2/sweetalert2.bundle.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
61411faa05a1f53a032170125de9ba71edd63cf0a408d14138ac546597faa17d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"bc71-5b9c7a3863f81-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
7691
x-content-type-options
nosniff
font-awesome.min.css
getpaid.gcash.com/assets/vendor/icon-awesome/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/vendor/icon-awesome/css/font-awesome.min.css
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
882146362bbda5e9239e3f72f1f25287ab01bf65ff9f0f66ef21cb6b39612be1
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"78b7-5b9c7a388ef03-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
7064
x-content-type-options
nosniff
custom.css
getpaid.gcash.com/assets/css/
19 KB
4 KB
Stylesheet
General
Full URL
https://getpaid.gcash.com/assets/css/custom.css?v=1.3
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
8702cca0f8e3878fd6e8e5990b5f1148b2a4ba447afd017824630e2d52845d74
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Feb 2021 05:21:25 GMT
server
nginx
etag
"4d16-5bb9581c230cc-gzip"
x-frame-options
SAMEORIGIN
content-type
text/css
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
4140
x-content-type-options
nosniff
vendors.bundle.js
getpaid.gcash.com/assets/js/
785 KB
200 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/vendors.bundle.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
a355403546df72b19517ba05bfe493880cb2f7369c5cc6fc0843459fa67af83b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"c45bd-5b9c7a388b083-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-content-type-options
nosniff
moment.js
getpaid.gcash.com/assets/js/
126 KB
31 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/moment.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
19245ee5c1e69930f70e00714627f390d2da5b58b03d3cedf6427ceab19af2d8
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"1f7b1-5b9c7a3887202-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
31341
x-content-type-options
nosniff
config.php
getpaid.gcash.com/assets/js/custom_objects/
468 B
565 B
Script
General
Full URL
https://getpaid.gcash.com/assets/js/custom_objects/config.php?v=1.4
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
4c34089ef85acc8394db133ae082f18106d933302fc13a9ef7be3d997ccdc64b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
226
x-content-type-options
nosniff
global.js
getpaid.gcash.com/assets/js/custom_objects/
12 KB
5 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/custom_objects/global.js?v=1.8
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
9061ee6755d1e8e175a683e5e9c2066cd3fa8f7b80b2a506762dcc755244d4e5
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Nov 2021 12:45:22 GMT
server
nginx
etag
"30b1-5d0bf10c31662-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
4595
x-content-type-options
nosniff
fs.js
getpaid.gcash.com/assets/js/custom_objects/
3 KB
1 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/custom_objects/fs.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
4461f1c80f478740a8b4d0cfc18e41f1b1b5c7637331058e70e20e023ec9ea28
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"ca2-5b9c7a3876862-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
975
x-content-type-options
nosniff
localdata.js
getpaid.gcash.com/assets/js/custom_objects/
3 KB
1 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/custom_objects/localdata.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
a80efddb2542029c21ef3f21855d1fd746323118dfce86b288b18eb81ef23547
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"b30-5b9c7a3876862-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
882
x-content-type-options
nosniff
account.js
getpaid.gcash.com/assets/js/custom_objects/
12 KB
2 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/custom_objects/account.js?_=1.0
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
25f298cd95008c945a3d9df67ba60b8a7251eb48da3cbd8f350129f03999d4f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Mar 2021 01:10:34 GMT
server
nginx
etag
"2eb2-5bd9d088e2858-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
1895
x-content-type-options
nosniff
site.js
getpaid.gcash.com/assets/js/custom_objects/
14 KB
2 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/custom_objects/site.js?v=1.8
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
6d4274b0181d0326f5fa7a8f86b3e9b76d89c1c87e187d361e627dfde7a0bfd8
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 14 Nov 2021 12:45:22 GMT
server
nginx
etag
"3683-5d0bf10c31662-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
1788
x-content-type-options
nosniff
load-image.all.min.js
getpaid.gcash.com/assets/js/custom_objects/JavaScript-Load-Image-2.26.0/js/
21 KB
7 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/custom_objects/JavaScript-Load-Image-2.26.0/js/load-image.all.min.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
b3a72838ff04a5e6d14646a2384ba7d0c52cecec86c13bedab9381ac07f34e5f
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"526e-5b9c7a3876862-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
6881
x-content-type-options
nosniff
fileuploader.js
getpaid.gcash.com/assets/js/custom_objects/
10 KB
3 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/custom_objects/fileuploader.js?v=1
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
6f6006cb6f591c21156dc8c83617e6464e5c29ea065d6fd7796ab93cdc5498a9
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 25 Apr 2022 04:29:15 GMT
server
nginx
etag
"27ca-5dd7304ce4d92-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
2406
x-content-type-options
nosniff
logo@3x.png
getpaid.gcash.com/assets/img/
28 KB
28 KB
Image
General
Full URL
https://getpaid.gcash.com/assets/img/logo@3x.png
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
9e7a8b7fbb096c1363c8c487eb30aecb613fc811f3d99cbb08f4b1035807e82d
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"6f11-5b9c7a38758c2"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
28433
x-content-type-options
nosniff
paynamics_rgb.png
getpaid.gcash.com/assets/img/
32 KB
33 KB
Image
General
Full URL
https://getpaid.gcash.com/assets/img/paynamics_rgb.png
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
4c10aed89aad63ef5fed16ada9d2240174e916cb8fa93bfa370380a8d550eb76
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"8182-5b9c7a38758c2"
x-frame-options
SAMEORIGIN
content-type
image/png
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
33154
x-content-type-options
nosniff
app.bundle.js
getpaid.gcash.com/assets/js/
68 KB
17 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/app.bundle.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
f264e407225292ae7c54847c9bfc954de5ba11203023f1f0f0a799e342d981b0
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"10ecf-5b9c7a3876862-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
17151
x-content-type-options
nosniff
peity.bundle.js
getpaid.gcash.com/assets/js/statistics/peity/
9 KB
3 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/statistics/peity/peity.bundle.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
6b3e11a65eaf7c51cb3d4d79b2d235ad45ff689dd06bd90c5218307e7e1138f7
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"245c-5b9c7a388a0e3-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
2588
x-content-type-options
nosniff
flot.bundle.js
getpaid.gcash.com/assets/js/statistics/flot/
279 KB
69 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/statistics/flot/flot.bundle.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
9f0b626f83ddc7c2e7dd4026d2bf46858da9463fd651ed997db107a6601aea3b
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"45aae-5b9c7a388a0e3-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-content-type-options
nosniff
easypiechart.bundle.js
getpaid.gcash.com/assets/js/statistics/easypiechart/
10 KB
4 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/statistics/easypiechart/easypiechart.bundle.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
6b57f07699239d69466d8fa8b94bb20e8b29a72fbc611374aeccfafc3a6da8c8
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"2984-5b9c7a3889143-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
3628
x-content-type-options
nosniff
datatables.bundle.js
getpaid.gcash.com/assets/js/datagrid/datatables/
890 KB
224 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/datagrid/datatables/datatables.bundle.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
1e701154d2bf0c7504ecf5fa175477d2df0f9a566474be12c3e89faea90d7c15
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"de8a1-5b9c7a3877802-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
x-content-type-options
nosniff
inputmask.bundle.js
getpaid.gcash.com/assets/js/formplugins/inputmask/
216 KB
35 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/formplugins/inputmask/inputmask.bundle.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
5803827c6a3298ec06256298a323c37ac7c3dc3ce651b3db7e5e99d07061b0c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"35f25-5b9c7a387e562-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
35012
x-content-type-options
nosniff
bootstrap-datepicker.js
getpaid.gcash.com/assets/js/formplugins/bootstrap-datepicker/
57 KB
15 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/formplugins/bootstrap-datepicker/bootstrap-datepicker.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
248043456441d27ebbb2332eb13cb8c59f4bd3d57c048345d2777f51450e8b8f
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"e22a-5b9c7a387d5c2-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
14933
x-content-type-options
nosniff
dropzone.js
getpaid.gcash.com/assets/js/formplugins/dropzone/
131 KB
32 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/formplugins/dropzone/dropzone.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
4f1059133c9e8e9462246c06c250626fee78beb7f8dea8067e4d2913d118175c
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"20de0-5b9c7a387e562-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
31826
x-content-type-options
nosniff
toastr.js
getpaid.gcash.com/assets/js/notifications/toastr/
17 KB
4 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/notifications/toastr/toastr.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
f0f9920dc97a3453f7dd0ec5b543153cf5b2b808e47fa02cbacb69758c975d70
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"4540-5b9c7a3887202-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
3388
x-content-type-options
nosniff
sweetalert2.bundle.js
getpaid.gcash.com/assets/js/notifications/sweetalert2/
105 KB
25 KB
Script
General
Full URL
https://getpaid.gcash.com/assets/js/notifications/sweetalert2/sweetalert2.bundle.js
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
8478a65e409063a64d227604a6088b141a5335ca1226710b2d71b24ab5b1aa4a
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:54 GMT
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"1a37d-5b9c7a3887202-gzip"
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
vary
Accept-Encoding
content-length
24917
x-content-type-options
nosniff
signupbg.jpg
getpaid.gcash.com/assets/img/
134 KB
135 KB
Image
General
Full URL
https://getpaid.gcash.com/assets/img/signupbg.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
b52860cd9fff260db87014743ad14f4c7f8a215ce68bd86f161fc3b25d02fd01
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://getpaid.gcash.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:55 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"218fe-5b9c7a38758c2"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
137470
x-content-type-options
nosniff
Karla-Regular.ttf
getpaid.gcash.com/assets/webfonts/
37 KB
38 KB
Font
General
Full URL
https://getpaid.gcash.com/assets/webfonts/Karla-Regular.ttf
Requested by
Host: getpaid.gcash.com
URL: https://getpaid.gcash.com/assets/css/custom.css?v=1.3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.53.117.211 Singapore, Singapore, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS
li2213-211.members.linode.com
Software
nginx /
Resource Hash
c202ef4c5e75166b8ee4783527eb5da05fca86869aa322c3c1e4e305f7ceb070
Security Headers
Name Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://getpaid.gcash.com/assets/css/custom.css?v=1.3
Origin
https://getpaid.gcash.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 02 Jul 2022 06:59:55 GMT
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 26 Jan 2021 06:19:36 GMT
server
nginx
etag
"95a0-5b9c7a3891de3"
x-frame-options
SAMEORIGIN
content-type
application/font-sfnt
x-xss-protection
1; mode=block
content-security-policy
default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
strict-transport-security
max-age=31536000; includeSubDomains; preload
accept-ranges
bytes
content-length
38304
x-content-type-options
nosniff

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| getUrlParameter function| detectIE function| rgb2hex object| Pace function| $ function| jQuery function| Popper object| bootstrap object| bootbox object| Waves function| moment object| CONFIG object| Base64 function| md5 function| escapeRegExp object| Global object| FS object| LOCALDATA object| ACCOUNT object| SITE function| loadImage object| classHolder object| themeSettings string| themeURL string| themeOptions undefined| cssfile function| saveSettings function| resetSettings object| myapp_config object| initApp object| layouts object| color function| Inputmask function| _typeof function| _possibleConstructorReturn function| _getPrototypeOf function| _assertThisInitialized function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| Emitter function| Dropzone function| without function| camelize function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| contentLoaded function| __guard__ function| __guardMethod__ object| toastr function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| pageLoginOnSignIn

1 Cookies

Domain/Path Name / Value
getpaid.gcash.com/ Name: PHPSESSID
Value: clru1oiieotvnlvftj1inu956f

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

getpaid.gcash.com
192.53.117.211
19245ee5c1e69930f70e00714627f390d2da5b58b03d3cedf6427ceab19af2d8
1e701154d2bf0c7504ecf5fa175477d2df0f9a566474be12c3e89faea90d7c15
248043456441d27ebbb2332eb13cb8c59f4bd3d57c048345d2777f51450e8b8f
25f298cd95008c945a3d9df67ba60b8a7251eb48da3cbd8f350129f03999d4f3
3a43485dc6f6da8958baad3800802de101d3283c999f8940cb8786a01f75b8f4
4461f1c80f478740a8b4d0cfc18e41f1b1b5c7637331058e70e20e023ec9ea28
4c10aed89aad63ef5fed16ada9d2240174e916cb8fa93bfa370380a8d550eb76
4c34089ef85acc8394db133ae082f18106d933302fc13a9ef7be3d997ccdc64b
4c4a53b213aab7f7ace3a3c5aecf5d10bffc7b420064add9c6da1cc308a24354
4cf8cca75fc197f11c805665cdf7815bbbd0e765d5ba7d56a5c3b4d0611d08a6
4f003f3a0d7fc67d66c3281429d8f1850656e750ba3e9f14442b1771430a8084
4f1059133c9e8e9462246c06c250626fee78beb7f8dea8067e4d2913d118175c
5803827c6a3298ec06256298a323c37ac7c3dc3ce651b3db7e5e99d07061b0c3
61411faa05a1f53a032170125de9ba71edd63cf0a408d14138ac546597faa17d
66ad6be91e4a162f734b4d48441b9701ba0d7eb5622f29440e9fbd0f08c48f10
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6b3e11a65eaf7c51cb3d4d79b2d235ad45ff689dd06bd90c5218307e7e1138f7
6b57f07699239d69466d8fa8b94bb20e8b29a72fbc611374aeccfafc3a6da8c8
6cb17dd2b923eed22d8681f09a63011eea893fcfd9a27b01af6424a777803eb3
6d4274b0181d0326f5fa7a8f86b3e9b76d89c1c87e187d361e627dfde7a0bfd8
6f6006cb6f591c21156dc8c83617e6464e5c29ea065d6fd7796ab93cdc5498a9
8478a65e409063a64d227604a6088b141a5335ca1226710b2d71b24ab5b1aa4a
8702cca0f8e3878fd6e8e5990b5f1148b2a4ba447afd017824630e2d52845d74
882146362bbda5e9239e3f72f1f25287ab01bf65ff9f0f66ef21cb6b39612be1
9061ee6755d1e8e175a683e5e9c2066cd3fa8f7b80b2a506762dcc755244d4e5
9667c54541db9fdbf819dd3571c35546c9a445723cb3121244a63588d4b9e12a
9e7a8b7fbb096c1363c8c487eb30aecb613fc811f3d99cbb08f4b1035807e82d
9f0b626f83ddc7c2e7dd4026d2bf46858da9463fd651ed997db107a6601aea3b
a355403546df72b19517ba05bfe493880cb2f7369c5cc6fc0843459fa67af83b
a80efddb2542029c21ef3f21855d1fd746323118dfce86b288b18eb81ef23547
b3a72838ff04a5e6d14646a2384ba7d0c52cecec86c13bedab9381ac07f34e5f
b52860cd9fff260db87014743ad14f4c7f8a215ce68bd86f161fc3b25d02fd01
c11af04b56bf576a41c01652420fb5650363983655a753654636d6c2f343fe37
c202ef4c5e75166b8ee4783527eb5da05fca86869aa322c3c1e4e305f7ceb070
e81e771829f8af6ad4df8a834a6420a9c2d821806e1e4725d80604a6dd195ffd
f0f9920dc97a3453f7dd0ec5b543153cf5b2b808e47fa02cbacb69758c975d70
f264e407225292ae7c54847c9bfc954de5ba11203023f1f0f0a799e342d981b0
f7c6cdf2f71d0e10c1684c5eea8fe782db9ac6aa0a8550838c88e4d53b4b6601