app.playbackrewards.com Open in urlscan Pro
2001:4860:4802:38::15 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://app.playbackrewards.com/
Effective URL:
https://app.playbackrewards.com/
Submission: On November 22 via api (November 22nd 2023, 8:14:39 am UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 49 HTTP transactions. The main IP is 2001:4860:4802:38::15, located in United States and belongs to GOOGLE, US. The main domain is app.playbackrewards.com.
TLS certificate: Issued by GTS CA 1D4 on October 25th 2023. Valid for: 3 months.

This is the only time app.playbackrewards.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4860:480... 2001:4860:4802:34::15	15169 (GOOGLE) (GOOGLE)
9	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
3	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200d	15169 (GOOGLE) (GOOGLE)
1	159.89.102.253 159.89.102.253	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.96 99.86.4.96	16509 (AMAZON-02) (AMAZON-02)
1	44.241.50.239 44.241.50.239	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
49	20

1 2001:4860:4802:34::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

app.playbackrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

app.playbackrewards.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.89.102.253 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

geolocation-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-96.fra6.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.241.50.239 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-50-239.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

content-firebaseappcheck.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	playbackrewards.com 1 redirects app.playbackrewards.com	2 MB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 accounts.google.com — Cisco Umbrella Rank: 24 region1.analytics.google.com — Cisco Umbrella Rank: 3040	135 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 1287 q.stripe.com — Cisco Umbrella Rank: 7148 m.stripe.com — Cisco Umbrella Rank: 1249	158 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	462 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 content-firebaseappcheck.googleapis.com — Cisco Umbrella Rank: 75393	4 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6862	670 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	3 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1354	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	183 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	185 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145	2 KB
1	geolocation-db.com geolocation-db.com — Cisco Umbrella Rank: 19793	256 B
49	13

	Domain	Requested by
10	app.playbackrewards.com	1 redirects app.playbackrewards.com
6	www.google.com	1 redirects app.playbackrewards.com www.gstatic.com www.google.com
3	q.stripe.com	app.playbackrewards.com
3	www.google.de	app.playbackrewards.com
3	www.gstatic.com	www.google.com
3	fonts.gstatic.com	fonts.googleapis.com
3	js.stripe.com	app.playbackrewards.com js.stripe.com
3	fonts.googleapis.com	app.playbackrewards.com
2	content-firebaseappcheck.googleapis.com	app.playbackrewards.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
2	region1.analytics.google.com	www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.googletagmanager.com	app.playbackrewards.com www.googletagmanager.com
1	m.stripe.com	m.stripe.network
1	www.facebook.com	app.playbackrewards.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	geolocation-db.com	app.playbackrewards.com
1	accounts.google.com	app.playbackrewards.com
49	20

This site contains links to these domains. Also see Links.

Domain
playbackrewards.com

Subject Issuer	Validity	Valid
app.playbackrewards.com GTS CA 1D4	`2023-10-25` - `2024-01-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-10-30` - `2024-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
geolocation-db.com R3	`2023-10-13` - `2024-01-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-31` - `2023-11-29`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-09` - `2024-01-18`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-05` - `2024-01-18`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://app.playbackrewards.com/
Frame ID: D068DA0CF01B7963134AFC97EC0CA1AA
Requests: 35 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvMVsnAAAAAOp6W_cAC_GzJhHxOCq7CXZ7BZaX&co=aHR0cHM6Ly9hcHAucGxheWJhY2tyZXdhcmRzLmNvbTo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gc7z50x3t6ia
Frame ID: 67D5AD2E78948F5AE54D6965D24DA0F7
Requests: 5 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
Frame ID: 675604BBE1350F3FBA0E7193E196731C
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 484AD6D65DDEA101E0D13CFC8D5E44E7
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Playback Rewards

Page URL History Show full URLs

http://app.playbackrewards.com/ HTTP 302
https://app.playbackrewards.com/ Page URL

Detected technologies

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

49
Requests

98 %
HTTPS

71 %
IPv6

13
Domains

20
Subdomains

20
IPs

3
Countries

2639 kB
Transfer

4760 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://playbackrewards.com/terms-of-service
Title: Terms and Services

Search URL Search Domain Scan URL

URL: https://playbackrewards.com/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://app.playbackrewards.com/ HTTP 302
https://app.playbackrewards.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11267469439/?random=2087385127&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&label=fy8JCPvww74YEP_g3_wp&hn=www.googleadservices.com&frm=0&tiba=Playback%20Rewards&value=0&auid=1776277239.1700640874&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=arhdZaGWIq6f9u8Po_iE8AI&sscte=1&crd=&eitems=ChAIgOr2qgYQ2aq5tOfbsdVJEh0AolztpV2cv0si1RX_g7AwjJXIz_-Qz96uKpSoEg&pscrd=Ek5DaEFJZ09yMnFnWVE4TkR1cnBfdm5PQWtFaVlBSS1lNHc4TXFYWGktUlBWY3UwcGdMN1dPcVlHMzBFeVlVckpLVGtJMlMzTHZuc1I3TUEaWkNoRUlnT3IycWdZUXlyQ3JsS25oNnNDaEFSSXVBRmlyWkpSWVh2ekNDdjlHTUdLTDVaakNUWHM2V3ZpZEg1QjV5Y3dEaHZJd0h5Ni16Y3BSYzhLTDltMTA4dyITCKHz3_mU14IDFa6P_QcdIzwBLg HTTP 302
https://www.google.com/pagead/1p-conversion/11267469439/?random=2087385127&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&label=fy8JCPvww74YEP_g3_wp&hn=www.googleadservices.com&frm=0&tiba=Playback%20Rewards&value=0&auid=1776277239.1700640874&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ09yMnFnWVE4TkR1cnBfdm5PQWtFaVlBSS1lNHc4TXFYWGktUlBWY3UwcGdMN1dPcVlHMzBFeVlVckpLVGtJMlMzTHZuc1I3TUEaWkNoRUlnT3IycWdZUXlyQ3JsS25oNnNDaEFSSXVBRmlyWkpSWVh2ekNDdjlHTUdLTDVaakNUWHM2V3ZpZEg1QjV5Y3dEaHZJd0h5Ni16Y3BSYzhLTDltMTA4dyITCKHz3_mU14IDFa6P_QcdIzwBLg&is_vtc=1&ocp_id=arhdZaGWIq6f9u8Po_iE8AI&cid=CAQSKQDICaaNluKewidS7ej3vVgU5RPFs98-tKm33UKvXlRJjSUTEJBGyhrw&eitems=ChAIgOr2qgYQ2aq5tOfbsdVJEh0AolztpY3NywI0GsQ1CorvtIUp9acg-WBb1KBQuQ&random=1351464100 HTTP 302
https://www.google.de/pagead/1p-conversion/11267469439/?random=2087385127&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&label=fy8JCPvww74YEP_g3_wp&hn=www.googleadservices.com&frm=0&tiba=Playback%20Rewards&value=0&auid=1776277239.1700640874&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ09yMnFnWVE4TkR1cnBfdm5PQWtFaVlBSS1lNHc4TXFYWGktUlBWY3UwcGdMN1dPcVlHMzBFeVlVckpLVGtJMlMzTHZuc1I3TUEaWkNoRUlnT3IycWdZUXlyQ3JsS25oNnNDaEFSSXVBRmlyWkpSWVh2ekNDdjlHTUdLTDVaakNUWHM2V3ZpZEg1QjV5Y3dEaHZJd0h5Ni16Y3BSYzhLTDltMTA4dyITCKHz3_mU14IDFa6P_QcdIzwBLg&is_vtc=1&ocp_id=arhdZaGWIq6f9u8Po_iE8AI&cid=CAQSKQDICaaNluKewidS7ej3vVgU5RPFs98-tKm33UKvXlRJjSUTEJBGyhrw&eitems=ChAIgOr2qgYQ2aq5tOfbsdVJEh0AolztpY3NywI0GsQ1CorvtIUp9acg-WBb1KBQuQ&random=1351464100&ipr=y

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
app.playbackrewards.com/
Redirect Chain

http://app.playbackrewards.com/
https://app.playbackrewards.com/

670 B
837 B

258ms
164ms

Document
text/html

2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playbackrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: b930d012e99efffe9d1bf543642f163a047ae79a5fac9f0e1cd5f333d28d3bae

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-length: 670
content-type: text/html
date: Wed, 22 Nov 2023 08:14:32 GMT
etag: "6554c780-29e"
last-modified: Wed, 15 Nov 2023 13:28:32 GMT
server: Google Frontend
x-cloud-trace-context: 0f2834ee6a72d177ddd4301b6ddd4cee

Redirect headers

Content-Length: 0
Content-Type: text/html
Date: Wed, 22 Nov 2023 08:14:32 GMT
Location: https://app.playbackrewards.com/
Server: Google Frontend
X-Cloud-Trace-Context: 4065f76686de2386a66366abcfc19e7c

GET
H2 200 main.052c2cb7.js Show response
app.playbackrewards.com/static/js/ 1 MB
1 MB 176ms
175ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playbackrewards.com/static/js/main.052c2cb7.js
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: eecc50dc59b48efa84668fb680b75a55e734da5fe57d78c9a871928b8cad38c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:32 GMT
last-modified: Wed, 15 Nov 2023 13:28:32 GMT
server: Google Frontend
etag: "6554c780-1501d9"
content-type: application/javascript
x-cloud-trace-context: 0762fd03283bc0cb72ffa951d2ff02b8
accept-ranges: bytes
content-length: 1376729

GET
H2 200 main.6882b284.css
app.playbackrewards.com/static/css/ 52 KB
16 KB 159ms
158ms Stylesheet
text/css 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://app.playbackrewards.com/static/css/main.6882b284.css
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: df13438af925ad869fbaf54e054af4cf94eeb88ecb5a2e733580c3a1cfce7139

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:32 GMT
content-encoding: gzip
last-modified: Wed, 15 Nov 2023 13:28:32 GMT
server: Google Frontend
etag: W/"6554c780-d14a"
vary: Accept-Encoding
content-type: text/css
cache-control: private

GET
H2 200 css2
fonts.googleapis.com/ 34 KB
1 KB 138ms
51ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/static/css/main.6882b284.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 08:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 07:59:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 08:14:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
622 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/static/css/main.6882b284.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 08:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 08:14:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 08:14:33 GMT

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 134ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/static/css/main.6882b284.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3ad4aaf27e099c8a2c0eee7c074fd4dead5219807643963f78bd820e6ed87fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Nov 2023 08:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 06:59:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Nov 2023 08:14:33 GMT

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1 KB
1 KB 139ms
49ms Script
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/static/js/main.052c2cb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37935278316eca3e3952a80bfb80b455710750c0fa4676a339c23929bd1bce3a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 22 Nov 2023 08:14:33 GMT

GET
H2 200 v3 Show response
js.stripe.com/ 556 KB
154 KB 141ms
45ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/static/js/main.052c2cb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 08:14:33 GMT
via: 1.1 varnish
age: 56
x-cache: HIT
content-length: 157307
x-request-id: aec5dba4-3b77-4c27-ae72-e4312656ee06
x-served-by: cache-fra-etou8220046-FRA
last-modified: Tue, 21 Nov 2023 22:15:37 GMT
server: Fastly
etag: "e28d4375fad3ffbfb5f7bdf0303a2787"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 coinLoader.png
app.playbackrewards.com/images/ 65 KB
66 KB 163ms
163ms Image
image/png 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.playbackrewards.com/images/coinLoader.png
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6c83ed7d942f3648a0f91404534c25928fed9ca182ef8a34e74e8aaf64b90b97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
last-modified: Wed, 15 Nov 2023 13:27:26 GMT
server: Google Frontend
etag: "6554c73e-1052a"
content-type: image/png
x-cloud-trace-context: 73b2a376377f5964ca019e64f80646d1
accept-ranges: bytes
content-length: 66858

GET
H2 200 background.png
app.playbackrewards.com/images/ 215 KB
0 163ms
162ms Image
image/png 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.playbackrewards.com/images/background.png
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
last-modified: Wed, 15 Nov 2023 13:27:26 GMT
server: Google Frontend
etag: "6554c73e-4ccf1"
content-type: image/png
x-cloud-trace-context: 65ad04c01c9159d7e4c338a573ea98e9
accept-ranges: bytes
content-length: 314609

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 230 KB
80 KB 149ms
60ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NQJ4NRS&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ac1b00cc298aa9420b9db429152dc69a749b5a0266e68de00556556c94d48b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81942
x-xss-protection: 0
last-modified: Wed, 22 Nov 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Nov 2023 08:14:33 GMT

GET
H2 200 client Show response
accounts.google.com/gsi/ 199 KB
79 KB 164ms
76ms Script
application/javascript 2a00:1450:4001:806::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/static/js/main.052c2cb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4fb731738e143f7dcecc1db22ae8b99c0804b76d173b9f76a618f89ee8d1d171

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dYNfHNebpd4W6beHxm3Tnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-dYNfHNebpd4W6beHxm3Tnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Wed, 22 Nov 2023 08:14:33 GMT

GET
H2 200 / Show response
geolocation-db.com/json/ 144 B
256 B 150ms
61ms Fetch
text/html 159.89.102.253
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geolocation-db.com/json/
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/static/js/main.052c2cb7.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.89.102.253 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: aa519a0dc8fdad65eb29c4979a465cede685981e1c41f5e66e00ea69195d6954

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Nov 2023 08:14:33 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 128ms
40ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.playbackrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:28:42 GMT
x-content-type-options: nosniff
age: 254751
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Nov 2024 09:28:42 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 179ms
92ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@300;400;500;600;700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.playbackrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:13:02 GMT
x-content-type-options: nosniff
age: 385291
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:13:02 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 132ms
45ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://app.playbackrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 20 Nov 2023 20:04:26 GMT
x-content-type-options: nosniff
age: 130207
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Nov 2024 20:04:26 GMT

GET
H2 200 playbackLogo.png
app.playbackrewards.com/images/ 11 KB
11 KB 163ms
161ms Image
image/png 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.playbackrewards.com/images/playbackLogo.png
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 9e9573cae82449f7407fe61277b7e6139c69b558fd7bb8e615091e8f05fd9149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/auth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
last-modified: Wed, 15 Nov 2023 13:27:26 GMT
server: Google Frontend
etag: "6554c73e-2a94"
content-type: image/png
x-cloud-trace-context: f9324d79078fd23802174a3a85041521
accept-ranges: bytes
content-length: 10900

GET
H2 200 createAccountSliderImage4.png
app.playbackrewards.com/images/ 38 KB
38 KB 163ms
161ms Image
image/png 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.playbackrewards.com/images/createAccountSliderImage4.png
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: e0121e937cc4dbb1b3e948651184d8d762cae04e88e1dbabf141506c4d448f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/auth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
last-modified: Wed, 15 Nov 2023 13:27:26 GMT
server: Google Frontend
etag: "6554c73e-9638"
content-type: image/png
x-cloud-trace-context: 9fe4cf8f1d97776f9c55c55363312e9a
accept-ranges: bytes
content-length: 38456

GET
H2 200 createAccountSliderImage2.png
app.playbackrewards.com/images/ 58 KB
58 KB 162ms
160ms Image
image/png 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.playbackrewards.com/images/createAccountSliderImage2.png
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 97cafb72d2cca8ea8e940c90cf2fbb9cb06ce2a3e7ad990f422860ebeb03c137

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/auth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
last-modified: Wed, 15 Nov 2023 13:27:26 GMT
server: Google Frontend
etag: "6554c73e-e6ba"
content-type: image/png
x-cloud-trace-context: 43b59966fbc83567cd64e9a45c0ea54f
accept-ranges: bytes
content-length: 59066

GET
H2 200 createAccountSliderImage3.png
app.playbackrewards.com/images/ 50 KB
50 KB 163ms
161ms Image
image/png 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://app.playbackrewards.com/images/createAccountSliderImage3.png
Requested by: Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 8c1f7b5875d4ea3ad1a83d1760b117553267eb4cf1c10ce7428e42bf69d742f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/auth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
last-modified: Wed, 15 Nov 2023 13:27:26 GMT
server: Google Frontend
etag: "6554c73e-c842"
content-type: image/png
x-cloud-trace-context: c27574b5ede74e994172e41d9f0c1489
accept-ranges: bytes
content-length: 51266

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ 468 KB
188 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://app.playbackrewards.com/
Origin: https://app.playbackrewards.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75975
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 11:08:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
102 KB 63ms
62ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EPW5Z4GP6T&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQJ4NRS&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c08cb65933d357e88bc9c36975d727af562ef0eff4b0253acc12f9cefef20d23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104702
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Nov 2023 08:14:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 710ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQJ4NRS&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Nov 2023 08:14:34 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 7nwrHs/lryEyr2zkMCB3ApzbVI6KzzoU6Lp4KDfTAgdFYfcaxu6YBUJUWJJomXqsJKrWVW/N9yCWnaSw8fPEdw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11267469439/ 3 KB
2 KB 741ms
68ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11267469439/?random=1700640873858&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&label=fy8JCPvww74YEP_g3_wp&hn=www.googleadservices.com&frm=0&tiba=Playback%20Rewards&value=0&bttype=purchase&auid=1776277239.1700640874&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NQJ4NRS&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

1dac4d941e9c3709f4448e31494b7a088e39b6860f57c6a6cd509faf0b926c74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1628
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame 67D5 60 KB
34 KB 125ms
84ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvMVsnAAAAAOp6W_cAC_GzJhHxOCq7CXZ7BZaX&co=aHR0cHM6Ly9hcHAucGxheWJhY2tyZXdhcmRzLmNvbTo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gc7z50x3t6ia

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4da73ea2b172cffb84c4a13c86dd8fadbfffd1018235c7541cffd12a464f772

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rs1eITMkcMdQVFd1y4rlKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://app.playbackrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-rs1eITMkcMdQVFd1y4rlKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 08:14:34 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 558ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EPW5Z4GP6T&gtm=45je3b81v9116528739z89116758734&_p=1700640873547&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1571943706.1700640874&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700640874&sct=1&seg=0&dl=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&dt=Playback%20Rewards&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1793
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPW5Z4GP6T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.playbackrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 558ms
49ms Ping
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EPW5Z4GP6T&cid=1571943706.1700640874&gtm=45je3b81v9116528739z89116758734&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPW5Z4GP6T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.playbackrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11267469439/ 3 KB
2 KB 548ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11267469439/?random=1700640874028&cv=11&fst=1700640874028&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9116528739z89116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&hn=www.googleadservices.com&frm=0&tiba=Playback%20Rewards&auid=1776277239.1700640874&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPW5Z4GP6T&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c693f5684d2ad3b6e470d0f6d2cdd418f2a08cabec1d2063d13097bf3454235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 559ms
66ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EPW5Z4GP6T&cid=1571943706.1700640874&gtm=45je3b81v9116528739z89116758734&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=107078727

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/11267469439/ 42 B
64 B 70ms
69ms Image
image/gif 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11267469439/?random=1700640874028&cv=11&fst=1700640000000&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9116528739z89116758734&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&frm=0&tiba=Playback%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNf2fAn3fR7YIfGSCKsRK33vU-phaIXA&random=188392339&rmt_tld=0&ipr=y

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11267469439/ 42 B
154 B 59ms
57ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11267469439/?random=1700640874028&cv=11&fst=1700640000000&bg=ffffff&guid=ON&async=1&gtm=45je3b81v9116528739z89116758734&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&frm=0&tiba=Playback%20Rewards&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwDICaaNf2fAn3fR7YIfGSCKsRK33vU-phaIXA&random=188392339&rmt_tld=1&ipr=y

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/11267469439/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11267469439/?random=2087385127&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=syph...
https://www.google.com/pagead/1p-conversion/11267469439/?random=2087385127&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h...
https://www.google.de/pagead/1p-conversion/11267469439/?random=2087385127&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=...

42 B
108 B

59ms
58ms

Image
image/gif

2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11267469439/?random=2087385127&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&label=fy8JCPvww74YEP_g3_wp&hn=www.googleadservices.com&frm=0&tiba=Playback%20Rewards&value=0&auid=1776277239.1700640874&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ09yMnFnWVE4TkR1cnBfdm5PQWtFaVlBSS1lNHc4TXFYWGktUlBWY3UwcGdMN1dPcVlHMzBFeVlVckpLVGtJMlMzTHZuc1I3TUEaWkNoRUlnT3IycWdZUXlyQ3JsS25oNnNDaEFSSXVBRmlyWkpSWVh2ekNDdjlHTUdLTDVaakNUWHM2V3ZpZEg1QjV5Y3dEaHZJd0h5Ni16Y3BSYzhLTDltMTA4dyITCKHz3_mU14IDFa6P_QcdIzwBLg&is_vtc=1&ocp_id=arhdZaGWIq6f9u8Po_iE8AI&cid=CAQSKQDICaaNluKewidS7ej3vVgU5RPFs98-tKm33UKvXlRJjSUTEJBGyhrw&eitems=ChAIgOr2qgYQ2aq5tOfbsdVJEh0AolztpY3NywI0GsQ1CorvtIUp9acg-WBb1KBQuQ&random=1351464100&ipr=y

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth

Protocol

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:34 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11267469439/?random=2087385127&cv=11&fst=1700640873858&bg=ffffff&guid=ON&async=1&gtm=45He3b81v9116758734&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&label=fy8JCPvww74YEP_g3_wp&hn=www.googleadservices.com&frm=0&tiba=Playback%20Rewards&value=0&auid=1776277239.1700640874&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ09yMnFnWVE4TkR1cnBfdm5PQWtFaVlBSS1lNHc4TXFYWGktUlBWY3UwcGdMN1dPcVlHMzBFeVlVckpLVGtJMlMzTHZuc1I3TUEaWkNoRUlnT3IycWdZUXlyQ3JsS25oNnNDaEFSSXVBRmlyWkpSWVh2ekNDdjlHTUdLTDVaakNUWHM2V3ZpZEg1QjV5Y3dEaHZJd0h5Ni16Y3BSYzhLTDltMTA4dyITCKHz3_mU14IDFa6P_QcdIzwBLg&is_vtc=1&ocp_id=arhdZaGWIq6f9u8Po_iE8AI&cid=CAQSKQDICaaNluKewidS7ej3vVgU5RPFs98-tKm33UKvXlRJjSUTEJBGyhrw&eitems=ChAIgOr2qgYQ2aq5tOfbsdVJEh0AolztpY3NywI0GsQ1CorvtIUp9acg-WBb1KBQuQ&random=1351464100&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 67D5 55 KB
24 KB 121ms
40ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvMVsnAAAAAOp6W_cAC_GzJhHxOCq7CXZ7BZaX&co=aHR0cHM6Ly9hcHAucGxheWJhY2tyZXdhcmRzLmNvbTo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gc7z50x3t6ia

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 15:37:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24606
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 15:37:43 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 67D5 468 KB
188 KB 142ms
61ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 11:08:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192016
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Nov 2024 11:08:18 GMT

GET
H2 200 720883529834649 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 195ms
193ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/720883529834649?v=2.9.138&r=stable&domain=app.playbackrewards.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b1bef1d74ab4982e6c771138359a41a3b5533f876d19850dcfc8fae0becb3b35

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Nov 2023 08:14:34 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2RDikxP+FL8YaPyGfGv/7rEHEBZWkQ7z4D8ShyMaPkaxcqEYqMxZBw/7rarg9x1FBJj1+F1jTtiQFgzbQBvpYA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame 67D5 102 B
135 B 51ms
49ms Other
text/javascript 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvMVsnAAAAAOp6W_cAC_GzJhHxOCq7CXZ7BZaX&co=aHR0cHM6Ly9hcHAucGxheWJhY2tyZXdhcmRzLmNvbTo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gc7z50x3t6ia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:14:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 22 Nov 2023 08:14:34 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 126ms
41ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=720883529834649&ev=PageView&dl=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&rl=&if=false&ts=1700640874996&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1700640874993.421614188&cs_est=true&ler=empty&it=1700640874688&coo=false&tm=1&rqm=GET

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/auth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Nov 2023 08:14:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 m-outer-27c67c0d52761104439bb051c7856ab1.html Show response
js.stripe.com/v3/ Frame 6756 200 B
840 B 41ms
39ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://app.playbackrewards.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1229828
cache-control: max-age=31536000
content-encoding: br
content-length: 154
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 08:14:35 GMT
etag: "27c67c0d52761104439bb051c7856ab1"
last-modified: Fri, 08 Sep 2023 21:23:50 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 172577
x-content-type-options: nosniff
x-request-id: 2472aab3-18b8-4bdf-a082-6372d3b6fea7
x-served-by: cache-fra-etou8220046-FRA

GET
H2 200 m-outer-6576085ca35ee42f2f484cda6763e4aa.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 6756 631 B
533 B 40ms
39ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-27c67c0d52761104439bb051c7856ab1.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 22 Nov 2023 08:14:35 GMT
via: 1.1 varnish
age: 1907771
x-cache: HIT
content-length: 399
x-request-id: 5d444250-8b1c-4fdf-a3ea-8db66bd5398a
x-served-by: cache-fra-etou8220046-FRA
last-modified: Fri, 08 Sep 2023 21:23:49 GMT
server: Fastly
etag: "70cacf09ae81711ac6dcbc5ee59750c4"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 163076

POST
H2 200 csp-report
q.stripe.com/ Frame 6756 0
717 B 667ms
217ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Nov 2023 08:14:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700640875764912
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700640875764349
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 6756 0
716 B 667ms
218ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Nov 2023 08:14:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700640875765109
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1700640875764508
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 484A 930 B
2 KB 157ms
41ms Document
text/html 99.86.4.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-6576085ca35ee42f2f484cda6763e4aa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-96.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 167
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 22 Nov 2023 08:11:49 GMT
etag: "06bfcd88af438673a8bf9b845a11aa6e"
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-amz-cf-id: GVpNqNiyxYhqoMP57aISDYvyac1_2_1TU8OFJSiIKfdDNCmOFNOvUg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 67D5 35 KB
20 KB 120ms
119ms XHR
application/json 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6LdvMVsnAAAAAOp6W_cAC_GzJhHxOCq7CXZ7BZaX

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbda778e613dd7e6dc4c20add75896f16187f8d236ed92aec8d67a7608c28382

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LdvMVsnAAAAAOp6W_cAC_GzJhHxOCq7CXZ7BZaX&co=aHR0cHM6Ly9hcHAucGxheWJhY2tyZXdhcmRzLmNvbTo0NDM.&hl=de&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&cb=gc7z50x3t6ia
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 22 Nov 2023 08:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Wed, 22 Nov 2023 08:14:35 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 484A 0
490 B 405ms
222ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 22 Nov 2023 08:14:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700640875765642
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 3
x-stripe-client-envoy-start-time-us: 1700640875764660
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 484A 87 KB
15 KB 57ms
45ms Script
text/javascript 99.86.4.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-96.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:13:44 GMT
content-encoding: br
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Fri, 30 Jun 2023 14:32:28 GMT
server: Cloudfront
age: 52
x-content-type-options: nosniff
etag: W/"69cb7809b5011312e716f29b3d19dce6"
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: wfBoACBzcCXFVX5jEuPLC74i3KL-1OoojLy7s8mu7qQG-PF5R1usEw==

POST
H2 200 6 Show response
m.stripe.com/ Frame 484A 156 B
669 B 664ms
215ms XHR
application/json 44.241.50.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.241.50.239 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-241-50-239.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

3f617f430f6989c8d4f9b371639c2b5761c2a721fd9b6b54563eaea27fd43f9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Wed, 22 Nov 2023 08:14:36 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1700640876188598
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 2
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1700640876188314
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 1:263808262800:web:184b29c2a4e3cea2c66e15:exchangeRecaptchaEnterpriseToken Show response
content-firebaseappcheck.googleapis.com/v1/projects/webapp-prod-f99c0/apps/ 1004 B
984 B 221ms
216ms Fetch
application/json 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://content-firebaseappcheck.googleapis.com/v1/projects/webapp-prod-f99c0/apps/1:263808262800:web:184b29c2a4e3cea2c66e15:exchangeRecaptchaEnterpriseToken?key=AIzaSyDLv3VZqgR_RZR8aRXv6RwibUFT_1I44k4

Requested by

Host: app.playbackrewards.com
URL: https://app.playbackrewards.com/static/js/main.052c2cb7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c12b621af32ac1ab14680ab03cfd1fded34acd8f5b709318b617c8c2c893dcbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://app.playbackrewards.com/
accept-language: de-DE,de;q=0.9
X-Firebase-Client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjkuMTQgZmlyZS1jb3JlLWVzbTIwMTcvMC45LjE0IGZpcmUtanMvIGZpcmUtYXBwLWNoZWNrLzAuOC4wIGZpcmUtcnRkYi8xLjAuMCBmaXJlLXJ0ZGItZXNtMjAxNy8xLjAuMCBmaXJlLWpzLWFsbC1hcHAvMTAuMC4wIiwiZGF0ZXMiOlsiMjAyMy0xMS0yMiJdfV19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Nov 2023 08:14:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://app.playbackrewards.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 794
x-xss-protection: 0

OPTIONS
H2 200 1:263808262800:web:184b29c2a4e3cea2c66e15:exchangeRecaptchaEnterpriseToken
content-firebaseappcheck.googleapis.com/v1/projects/webapp-prod-f99c0/apps/ Frame 0
0 219ms
88ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client
Access-Control-Request-Method: POST
Origin: https://app.playbackrewards.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://app.playbackrewards.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 22 Nov 2023 08:14:35 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EPW5Z4GP6T&gtm=45je3b81v9116528739&_p=1700640873547&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1571943706.1700640874&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1700640874&sct=1&seg=0&dl=https%3A%2F%2Fapp.playbackrewards.com%2Fauth&dt=Playback%20Rewards&en=scroll&epn.percent_scrolled=90&_et=21&tfd=6821
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EPW5Z4GP6T&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app.playbackrewards.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Nov 2023 08:14:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://app.playbackrewards.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 20:43:12	Name: _GRECAPTCHA Value: 09AJo8oUPzMxu6-8nFCBQI7tP7mLfF4dfc8tU8EnYPhFXB_zZowGli_grytLnSvselb-cEV_xQi-eGe9wtm2Civmc
.playbackrewards.com/	1970-01-20 18:33:36	Name: _gcl_au Value: 1.1.1776277239.1700640874
.playbackrewards.com/	1970-01-21 02:00:00	Name: _ga Value: GA1.1.1571943706.1700640874
.playbackrewards.com/	1970-01-21 02:00:00	Name: _ga_EPW5Z4GP6T Value: GS1.1.1700640874.1.0.1700640874.60.0.0
.doubleclick.net/	1970-01-21 01:45:36	Name: IDE Value: AHWqTUly8y9A3id07LGyNvr74baDMgotjyXywK4v8REkyDHlVykbQs2VHsfCSDbO
.playbackrewards.com/	1970-01-20 18:33:36	Name: _fbp Value: fb.1.1700640874993.421614188
m.stripe.com/	1970-01-21 02:00:00	Name: m Value: 6401a07b-6c38-4212-bdc9-394a921470e67822da
.app.playbackrewards.com/	1970-01-21 01:09:36	Name: __stripe_mid Value: 3661102f-35ce-42f9-82e7-505bc2fcc52942d178
.app.playbackrewards.com/	1970-01-20 16:24:02	Name: __stripe_sid Value: 6ab89f9f-65aa-4fa6-a31d-49df098102d55e2a24

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
app.playbackrewards.com
connect.facebook.net
content-firebaseappcheck.googleapis.com
fonts.googleapis.com
fonts.gstatic.com
geolocation-db.com
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
151.101.0.176
159.89.102.253
172.217.18.98
2001:4860:4802:32::36
2001:4860:4802:34::15
2001:4860:4802:38::15
2a00:1450:4001:800::2004
2a00:1450:4001:806::200d
2a00:1450:4001:808::200a
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2008
2a00:1450:400c:c0a::9a
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
44.241.50.239
54.187.159.182
99.86.4.96
0ac1b00cc298aa9420b9db429152dc69a749b5a0266e68de00556556c94d48b0
16125b67dd44a6df2eadad443e941af6085d45a67fad4421f2160d92fe605278
1dac4d941e9c3709f4448e31494b7a088e39b6860f57c6a6cd509faf0b926c74
351ffc2bdf381352dcd801be49be5018361119588eae077650260f9e162fe7b9
37935278316eca3e3952a80bfb80b455710750c0fa4676a339c23929bd1bce3a
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f617f430f6989c8d4f9b371639c2b5761c2a721fd9b6b54563eaea27fd43f9e
4fb731738e143f7dcecc1db22ae8b99c0804b76d173b9f76a618f89ee8d1d171
6c693f5684d2ad3b6e470d0f6d2cdd418f2a08cabec1d2063d13097bf3454235
6c83ed7d942f3648a0f91404534c25928fed9ca182ef8a34e74e8aaf64b90b97
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8c1f7b5875d4ea3ad1a83d1760b117553267eb4cf1c10ce7428e42bf69d742f7
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
97cafb72d2cca8ea8e940c90cf2fbb9cb06ce2a3e7ad990f422860ebeb03c137
983871cac9e719263fcecaa540c4e1597c8ece1805845830ec21fef0e71d9f88
9e9573cae82449f7407fe61277b7e6139c69b558fd7bb8e615091e8f05fd9149
aa519a0dc8fdad65eb29c4979a465cede685981e1c41f5e66e00ea69195d6954
b1bef1d74ab4982e6c771138359a41a3b5533f876d19850dcfc8fae0becb3b35
b930d012e99efffe9d1bf543642f163a047ae79a5fac9f0e1cd5f333d28d3bae
c08cb65933d357e88bc9c36975d727af562ef0eff4b0253acc12f9cefef20d23
c12b621af32ac1ab14680ab03cfd1fded34acd8f5b709318b617c8c2c893dcbc
dbda778e613dd7e6dc4c20add75896f16187f8d236ed92aec8d67a7608c28382
dc2a9ecb9eae34a409e66cbdd46b3562c560f8ffa1c1f80ea84532999d6d408c
df13438af925ad869fbaf54e054af4cf94eeb88ecb5a2e733580c3a1cfce7139
e0121e937cc4dbb1b3e948651184d8d762cae04e88e1dbabf141506c4d448f30
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3ad4aaf27e099c8a2c0eee7c074fd4dead5219807643963f78bd820e6ed87fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4da73ea2b172cffb84c4a13c86dd8fadbfffd1018235c7541cffd12a464f772
eecc50dc59b48efa84668fb680b75a55e734da5fe57d78c9a871928b8cad38c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0205495d259e89d99e6c4989147f8a65bef41513bfbe3e97251cd6fb6fa5947
f3706dd9e175fdadc2a564238f1ddc64afea19e67aefd5b922f33040d5f94540
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fad08488ab9bdf68897a3a6eeb699584c94d259cf814b1f81a330964852f0274

app.playbackrewards.com Open in urlscan Pro 2001:4860:4802:38::15 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

98 %HTTPS

71 %IPv6

13 Domains

20 Subdomains

20 IPs

3 Countries

2639 kBTransfer

4760 kBSize

9 Cookies

2 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

app.playbackrewards.com Open in urlscan Pro
2001:4860:4802:38::15 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

98 %
HTTPS

71 %
IPv6

13
Domains

20
Subdomains

20
IPs

3
Countries

2639 kB
Transfer

4760 kB
Size

9
Cookies

49 HTTP transactions
0 data transactions