www.payetteforward.com Open in urlscan Pro
2606:4700:20::ac43:460d Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://payetteforward.com/
Effective URL:
https://www.payetteforward.com/
Submission: On April 14 via api (April 14th 2021, 2:42:45 pm UTC) from US

Summary HTTP 67 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 67 HTTP transactions. The main IP is 2606:4700:20::ac43:460d, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.payetteforward.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 10th 2020. Valid for: a year.

This is the only time www.payetteforward.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 28	2606:4700:20:... 2606:4700:20::ac43:460d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6813:ff58	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
2	2600:9000:20e... 2600:9000:20e8:8c00:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	193.122.130.38 193.122.130.38	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1 1	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
1 1	88.214.206.247 88.214.206.247	46636 (NATCOWEB) (NATCOWEB)
2	2600:9000:20e... 2600:9000:20e8:a800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
67	21

28 2606:4700:20::ac43:460d (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

payetteforward.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.payetteforward.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6813:ff58 (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20e8:8c00:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.216 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.130.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island) 1 redirects

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.247 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20e8:a800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	payetteforward.com 2 redirects payetteforward.com www.payetteforward.com	312 KB
11	termly.io app.termly.io	158 KB
5	pubmatic.com 5 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	3 KB
5	udmserve.net udmserve.net	7 KB
3	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	quantcount.com rules.quantcount.com	706 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	underdog.media bid.underdog.media	152 KB
2	fastly.net confiant-integrations.global.ssl.fastly.net	47 KB
2	google.de ampcid.google.de www.google.de	577 B
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	11 KB
2	google.com ampcid.google.com www.google.com	834 B
2	googletagmanager.com www.googletagmanager.com	57 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	admanmedia.com 1 redirects cs.admanmedia.com	394 B
1	admixer.net 1 redirects inv-nets.admixer.net	472 B
1	technoratimedia.com sync.technoratimedia.com	300 B
1	gstatic.com fonts.gstatic.com	19 KB
67	20

	Domain	Requested by
26	www.payetteforward.com	www.payetteforward.com ajax.cloudflare.com
11	app.termly.io	www.payetteforward.com app.termly.io
5	udmserve.net	www.payetteforward.com
3	image8.pubmatic.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pixel.quantserve.com	www.payetteforward.com
2	rules.quantcount.com	secure.quantserve.com
2	cm.g.doubleclick.net	2 redirects
2	secure.adnxs.com	2 redirects
2	bid.underdog.media	udmserve.net bid.underdog.media
2	confiant-integrations.global.ssl.fastly.net	udmserve.net confiant-integrations.global.ssl.fastly.net
2	www.googletagmanager.com	www.payetteforward.com
2	fonts.googleapis.com	www.payetteforward.com
2	payetteforward.com	2 redirects
1	cs.admanmedia.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	sync.technoratimedia.com	www.payetteforward.com
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	secure.quantserve.com	udmserve.net
1	www.google.de	www.payetteforward.com
1	www.google.com	www.payetteforward.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cdnjs.cloudflare.com	ajax.cloudflare.com
1	ampcid.google.de	www.google-analytics.com
1	ajax.cloudflare.com	www.payetteforward.com
1	ampcid.google.com	www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
67	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
app.termly.io Go Daddy Secure Certificate Authority - G2	`2020-03-13` - `2021-05-12`	a year	crt.sh
udmserve.net DigiCert SHA2 High Assurance Server CA	`2019-07-15` - `2021-10-14`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-04-05` - `2022-04-06`	a year	crt.sh
www.underdog.media DigiCert SHA2 High Assurance Server CA	`2019-07-16` - `2021-10-18`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.payetteforward.com/
Frame ID: A8102D3EF5B681B706EA9614E528B4E3
Requests: 68 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-KD2DGX
Frame ID: 84A06AEC31596D3F6031EFF149824DE4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://payetteforward.com/ HTTP 301
https://payetteforward.com/ HTTP 301
https://www.payetteforward.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

67
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

28
Subdomains

21
IPs

6
Countries

794 kB
Transfer

2426 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/payetteforwardinc

Search URL Search Domain Scan URL

URL: https://twitter.com/payetteforward

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/payetteforward/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Payetteforward

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://payetteforward.com/ HTTP 301
https://payetteforward.com/ HTTP 301
https://www.payetteforward.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=8681995675005642929

Request Chain 41

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDI3MjdCNkItQzkzRi00QURBLTkwQjEtQjY1MzM0MUFGQjFF&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDI3MjdCNkItQzkzRi00QURBLTkwQjEtQjY1MzM0MUFGQjFF&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D02727B6B-C93F-4ADA-90B1-B653341AFB1E HTTP 302
https://udmserve.net/udm/fetch.pix?pmid=02727B6B-C93F-4ADA-90B1-B653341AFB1E

Request Chain 43

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;admix=ad040b75a02c45df89e788f32ac3faa6

Request Chain 44

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;acu=518a0011d7020907ff3ff7be90532ce7e9f7193d

67 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.payetteforward.com/
Redirect Chain

http://payetteforward.com/
https://payetteforward.com/
https://www.payetteforward.com/

303 KB
40 KB

205ms
204ms

Document
text/html

2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0883508273ac7a5faf1bd7f053ba2e7b4e8038375c1619dbeb562829b7a249

Request headers

:method: GET
:authority: www.payetteforward.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=dfc5d72c3969922301be8ad4e674efacf1618411340
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-type: text/html; charset=UTF-8
cf-ray: 63fdb33c7d3dbec9-FRA
access-control-allow-origin: *
age: 226
cache-control: max-age=84600, public
last-modified: Wed, 14 Apr 2021 14:33:29 GMT
vary: Accept-Encoding, Accept-Encoding
cf-cache-status: DYNAMIC
cf-railgun: de2aea6965 stream 0.000000 0210 57da
cf-request-id: 09726e59cc0000bec97a30a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: public
x-cache: HIT
x-cacheable: YES
x-html-edge-cache-status: Bypass for Reload, Cached
x-lw-cache: STALE
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HapLd2FhkF3UJmtiJQ6Ealnr%2FjuftSac2ZAOrEhe0I3uvHwClRhf6e5YzVbPg%2BrYawptPVxjyiKMEdi%2F%2FQnjGrCINUbyvMnRofrhhuQvG43S3VStMOOVNB19ttBVSa0Piaxt"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Wed, 14 Apr 2021 14:42:20 GMT
cache-control: max-age=3600
expires: Wed, 14 Apr 2021 15:42:20 GMT
location: https://www.payetteforward.com/
cf-request-id: 09726e59b70000bec98686d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jIFhWIMR%2Fr8bq0ZcDAt6II%2BqnKAJKY1QJIhOsJqu6Ipva%2B2H8yru9H7RvrdzC12FtBUqlfysr05odRwkCSCcdP3bWkoLz4nn2pa0ULlTdCPbRV0pPf66rs%2BOggpvk9I%3D"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 63fdb33c5d30bec9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 proximanova-regular-webfont.woff2
www.payetteforward.com/fonts/proxima-nova-web/ 21 KB
22 KB 31ms
30ms Font
application/octet-stream 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/fonts/proxima-nova-web/proximanova-regular-webfont.woff2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 501ed6d7c49a3526af1f804fff30cc8b7b8608525b100f4140b7504cc5afd4bd

Request headers

Origin: https://www.payetteforward.com
Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1986169
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5a9d0000bec976a40000000001
last-modified: Tue, 15 May 2018 21:36:16 GMT
server: cloudflare
etag: W/"5afb52d0-5540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tO16fMI2QBsBqr6I3NVWDlbF7VzXncsFJ4%2Bq5LVSb81iolTAAR92vpofIfW0gmebVenJ9KUUeYYWOujUa3t1hI69G2vjZQli2Pb44e1zkvhvuXWg7YGRosVyDkwUnnIUmn21"}],"max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 63fdb33dcddcbec9-FRA

GET
H2 200 proximanova-bold-webfont.woff2
www.payetteforward.com/fonts/proxima-nova-web/ 22 KB
22 KB 39ms
38ms Font
application/octet-stream 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/fonts/proxima-nova-web/proximanova-bold-webfont.woff2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4dac260dffc284594d633859fb508b2fcfade38b61c8af9cd55eb23adf9e89

Request headers

Origin: https://www.payetteforward.com
Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1986169
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5aa30000bec976a41000000001
last-modified: Tue, 15 May 2018 21:36:16 GMT
server: cloudflare
etag: W/"5afb52d0-57e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W1IAXmDhjjTeIQAIgJXGycocfNwT6ONaCcXdAOkJm3c8Il9OGMRnrkH9zq3Sns%2FpoPkAwxxosMHG3BrQK5vswZN1EHqJgKE1YwNXWhTJrHrFod8fh9eHl8jDQeNgy8CxHZBt"}],"max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 63fdb33dcdddbec9-FRA

GET
H2 200 fontawesome-webfont.woff2
www.payetteforward.com/wp-content/themes/smart-mag/css/fontawesome/fonts/ 55 KB
56 KB 32ms
32ms Font
application/octet-stream 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://www.payetteforward.com
Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 1986169
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5a9d0000bec9a131e000000001
last-modified: Thu, 29 Dec 2016 19:10:32 GMT
server: cloudflare
etag: W/"58655fa8-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QnziwWdfwd7WwIYvCmYYfDxcNCZxPic7fu8KRD6yjRbeJg7l15MafQiuGnQThp3eG0oOJqIjdsy%2BpbeWA2CXA57pjDaLgXEExTEKh2udsrwDzIJ%2F%2BT7l6exfIWB17UeJRtYd"}],"max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 63fdb33dcddebec9-FRA

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400Italic,600,700|Roboto+Slab|Merriweather:300italic&subset

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7c184aedbf3a0ac0ee3aabbc666b488738c2f4228d796e87fef9678446e66ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 13:16:15 GMT
server: ESF
date: Wed, 14 Apr 2021 14:42:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Apr 2021 14:42:20 GMT

GET
H2 200 style.css
www.payetteforward.com/wp-content/themes/smart-mag/ 61 KB
14 KB 44ms
42ms Stylesheet
text/css 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/style.css?ver=2.5.2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c9c000242ec31f3d772ddcf4ae871f8a8484a931ae01de7256fcd7227980799

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986169
cf-polished: origSize=83758
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5a9f0000bec98f829000000001
last-modified: Mon, 08 Jun 2020 21:11:07 GMT
server: cloudflare
etag: W/"5edea96b-1472e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Q%2Bp0aHj7G5YHFwrXiuo2ogWjAM8BI3z%2FUJS6eYzOBkPp0wWMi9v0YNRJc87hD3tjsnVxeBkJ2gDdenil7Xe%2BYE1U1JkTMBLSypxeZglH1VC3%2BOVJ2Rs7N1jG795yBCMzdG6B"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 63fdb33dcde0bec9-FRA
expires: Tue, 22 Mar 2022 14:59:31 GMT

GET
H2 200 responsive.css
www.payetteforward.com/wp-content/themes/smart-mag/css/ 16 KB
4 KB 59ms
57ms Stylesheet
text/css 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/css/responsive.css?ver=2.5.2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646f54e64d230bf10e2d2c14236c4f59b18257b96938951d346613671ee450b9

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986169
cf-polished: origSize=22152
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5a9f0000bec97ebfd000000001
last-modified: Thu, 29 Dec 2016 19:10:32 GMT
server: cloudflare
etag: W/"58655fa8-5688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OjjH2%2BDfdY8mI0%2BsZOrJuK%2B3YedcnhqGRKzTrt2aKReSOgouF37E5jPGcZVn01kI8KQZetwZimF1BGCImCMk%2FOauXM50ySqCNtgEbVgG%2BnQcl9UfpeXAvm3pyev6y0zkrNRR"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 63fdb33dcde1bec9-FRA
expires: Tue, 22 Mar 2022 14:59:31 GMT

GET
H2 200 font-awesome.min.css
www.payetteforward.com/wp-content/themes/smart-mag/css/fontawesome/css/ 23 KB
6 KB 43ms
41ms Stylesheet
text/css 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/css/fontawesome/css/font-awesome.min.css?ver=2.5.2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3c5400087c7a0933a14001c67987c69be79772724a3c6c1dcaac4119d976e3

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986169
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5a9f0000bec9a384d000000001
last-modified: Thu, 11 Jun 2020 16:08:40 GMT
server: cloudflare
etag: W/"5ee25708-5cce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kq%2BJ1b7SjmWurLdjKbjWebON7ZMmpR2%2BLlptSSAGf5NJ48BtJjaqqA5%2FS%2BsMi15tRcyQFnDqh4yR%2BE%2BdmOh7kVX1E1YWFkZLfWYzam6ATw6MREq1qBn6bjZ2TSya4ji5CJiJ"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 63fdb33dcde2bec9-FRA
expires: Tue, 22 Mar 2022 14:59:31 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
582 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A700&subset=

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

024c516feaf4f7e5fe74de6f78224771aac12add4039839a3ba53f77d0b546a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 14:42:20 GMT
server: ESF
date: Wed, 14 Apr 2021 14:42:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Apr 2021 14:42:20 GMT

GET
H2 200 /
www.payetteforward.com/ 25 KB
6 KB 52ms
51ms Stylesheet
text/css 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/?sccss=1&ver=5.7
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9756d0cb0bf229f18e41d174a6234f7e18095f8e0c817bfb7c72d9eebb5f80b2

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 171180
cf-polished: origSize=32554
x-cache: HIT
x-lw-cache: STALE
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5aa30000bec99c3ae000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RU0TCGRKL7bMI6eftdSbnFEhOW4Xi8sWHV6b%2BBu1vNWatoFgdla3F1bTfjvp8zoetttFT5sGWXP%2FkLr%2BX3tUfpFCGRptXHESasJJeqSRGCFU4md8xyRvidNa4R07HpewE3VR"}],"max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 63fdb33dcde3bec9-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
57 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KD2DGX

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bae01bb3396fa39af0ce48a332da64f6256ebb230c2570b82388552389e4ee7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57938
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Apr 2021 14:42:20 GMT

GET
H2 200 ns.html Show response
www.googletagmanager.com/ Frame 84A0 266 B
275 B 15ms
15ms Document
text/html 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-KD2DGX

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.googletagmanager.com
:scheme: https
:path: /ns.html?id=GTM-KD2DGX
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.payetteforward.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.payetteforward.com/

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Wed, 14 Apr 2021 14:42:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ 19 KB
19 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A700&subset=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payetteforward.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 275922
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19480
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dd07d410cf12478e9fedd90262cc824b7e8143b578bea4fd47b4cd3f608bc47

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5268a8afa9325a8e0ea0c0039216ccc1c87cc59303ca5d0e7cef64469d9221aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d44da8cb8d1fad9bc5999ce7e69b725b791d0abeab3b9ef837624ebf33b099ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dc665f3ade51319cb3df1ed00c2af977e87837208c8a1906c0d05359e5cce4b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e64be9c7535deda51f0f11fa8210cdf025dbb3ebd12ee4dfa090965957069026

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 embed.min.js Show response
app.termly.io/ 41 KB
16 KB 41ms
18ms Script
application/javascript 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1b50c1f3d14f876ad332a4c4714f779278773061209f4e7c23b1bc0e3e1e884

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5687
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 08 Apr 2021 02:10:06 GMT
server: cloudflare
etag: W/"606e65fe-a309"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09726e5b7d00004ee69d091000000001
cf-ray: 63fdb33f2e394ee6-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD2DGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 3044
date: Wed, 14 Apr 2021 13:51:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Wed, 14 Apr 2021 15:51:36 GMT

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 17 KB
4 KB 919ms
195ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=15839;tid=1;dt=6;
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: c197bcb485432971c54b41c4b8527a4bdfc3ad9713ee13003c783d994e00fc44

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 14:42:21 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 684
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Wed, 14 Apr 2021 15:30:56 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
541 B 43ms
15ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.payetteforward.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 29ms
11ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 09726e5ba70000c29a8c0df000000001
last-modified: Tue, 06 Apr 2021 15:06:53 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"606c790d-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lu0ynGlurcDxDyTDj3LpO%2BMN7pPFPB%2BZqsCG1EEnBmzeTJ6579UAq%2F3R%2B6A5evlq9rQ4%2FUtE8jyLqODeI9O61nNlARmPdSoe4NidvdvO14lXfy5cWzzJSRDyRU1wD%2BRo"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 63fdb33f7de8c29a-FRA
expires: Fri, 16 Apr 2021 14:42:20 GMT

GET
H2 200 379.embed.min.js Show response
app.termly.io/ 148 KB
45 KB 24ms
24ms Script
application/javascript 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/379.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41822aa93e076aa69c4ae6a778f44b16dfbe65fbb177c16869cf1970e1f5bf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5712
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 08 Apr 2021 02:10:06 GMT
server: cloudflare
etag: W/"606e65fe-24e64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09726e5b9b00004ee6649f0000000001
cf-ray: 63fdb33f5ea04ee6-FRA

GET
H2 200 644.embed.min.js Show response
app.termly.io/ 119 KB
27 KB 17ms
17ms Script
application/javascript 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/644.embed.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e243e4f5183945736e356dca41d9bdbf769a2fb78606ff170c05fbe395c617a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5712
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 08 Apr 2021 02:10:06 GMT
server: cloudflare
etag: W/"606e65fe-1ddd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cf-request-id: 09726e5b9b00004ee638928000000001
cf-ray: 63fdb33f5ea54ee6-FRA

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
470 B 37ms
16ms XHR
application/json 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.payetteforward.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 lazyload.min.js Show response
www.payetteforward.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 43ms
41ms Script
application/javascript 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986168
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5bbf0000bec976a4d000000001
last-modified: Wed, 26 Aug 2020 14:48:35 GMT
server: cloudflare
etag: W/"5f467643-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l1b%2BCMoCK76p8xilAqj1h4saJ6Hg%2Bsfs8nyLNN35Bi%2F0gqxBsjUSVcxuOXZE7di%2Bd2fzLS4Lcrd3lszWF2HGfRZ5gKWCodPlIFMLeuAOm%2FqElInKl9Bd%2FpAU66pchcBJusRo"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 63fdb33f9e88bec9-FRA
expires: Tue, 22 Mar 2022 14:59:32 GMT

GET
H2 200 wp-embed.min.js Show response
www.payetteforward.com/wp-includes/js/ 1 KB
1 KB 35ms
33ms Script
application/javascript 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-includes/js/wp-embed.min.js?ver=5.7
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986116
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5bbf0000bec9a1324000000001
last-modified: Thu, 04 Feb 2021 13:01:14 GMT
server: cloudflare
etag: W/"601bf01a-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lZZRd5RtFhJki6bKca%2FCf7JvDCTUWQ7l6qgtuPFphDlOHb2103Ej9VllLF9zQqVSwBRV%2FI6qv5W0tBwCV%2FOd5iAd3UY81YEiXqdfe8TlOy91FFwD8Tb5UJ%2FC%2Bl7mESFUjNCI"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 63fdb33f9e89bec9-FRA
expires: Tue, 22 Mar 2022 15:00:24 GMT

GET
H2 200 bunyad-theme.js Show response
www.payetteforward.com/wp-content/themes/smart-mag/js/ 33 KB
11 KB 38ms
37ms Script
application/javascript 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/js/bunyad-theme.js?ver=2.5.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f7117e895cffdd63c9588a8975b3842c00083c4cef4ccebadbfb55f4810607

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986168
cf-polished: origSize=44001
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5bc00000bec9a8bab000000001
last-modified: Mon, 08 Jun 2020 23:53:03 GMT
server: cloudflare
etag: W/"5edecf5f-abe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qv6ISzm44p9C%2B%2FIxaEiAfbfjB7ZWOJz%2FLbM7m3ZLXk17t5XqArVGjy7YuA5n912lqrAvCaOKktaDRmNdZjuT5LF7ILF%2FTI2nsx2XxiEi6VZ%2BI2DsAkCDhlGz33hVgG2hFXFS"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 63fdb33f9e8abec9-FRA
expires: Tue, 22 Mar 2022 14:59:32 GMT

GET
H2 200 jquery.flexslider-min.js Show response
cdnjs.cloudflare.com/ajax/libs/flexslider/2.7.2/ 23 KB
6 KB 27ms
26ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flexslider/2.7.2/jquery.flexslider-min.js?ver=2.7.2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1a3fc0ee5a71ce8585a3464a579461e0dc853ce9073beb88297babe8d2b701

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4816721
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5869
cf-request-id: 09726e5bbf000064b554ab1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5e-5a31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TuskQQ%2FQxDVpa0DFE%2BdKe3OQAvLQDFP0gaMpFKdUlVFmRsGhPKfcuhegDjcDoyVmbD655XNHDSOoj7ew5rcHHelUV%2F8X1qT0Kb757kcguiAevBTEA8rIBmM9xKft%2B%2FByFw%3D%3D"}],"max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 63fdb33f9abf64b5-FRA
expires: Mon, 04 Apr 2022 14:42:20 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.payetteforward.com/wp-includes/js/jquery/ 11 KB
4 KB 43ms
42ms Script
application/javascript 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986168
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5bc00000bec974a0e000000001
last-modified: Wed, 06 Jan 2021 23:05:44 GMT
server: cloudflare
etag: W/"5ff64248-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TQ9OcLCgh9yzLf4XV782WBzto9doIBjKZg0biyPCxb6YcAoEa5f%2FUNHqvuqoHylEUxfRRbd54j%2B5i34Mcc8HaaDpHWYXjlj5o%2FxfqNcQmiX2SiC272ONsFP4UyoGr0OKs9YH"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 63fdb33f9e8bbec9-FRA
expires: Tue, 22 Mar 2022 14:59:32 GMT

GET
H2 200 jquery.min.js Show response
www.payetteforward.com/wp-includes/js/jquery/ 87 KB
31 KB 38ms
37ms Script
application/javascript 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986168
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e5bc10000bec96e3c6000000001
last-modified: Wed, 06 Jan 2021 23:05:44 GMT
server: cloudflare
etag: W/"5ff64248-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NpcapzhLq7gJvIj%2Fg4PrO2mgyGiCCG4dEOxGEf9e2t%2FKOgKAm%2F7xCiKap0SPBKf3qNTOmT1Vlcre5STSfK72cGeLFBeS%2BKn8kwfSTE3aFFmLkxwI0Mw%2F9e%2BVHtLdm6XWHTzh"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 63fdb33f9e8cbec9-FRA
expires: Tue, 22 Mar 2022 14:59:32 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
199 B 14ms
14ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&aip=1&a=503002796&t=pageview&_s=1&dl=https%3A%2F%2Fwww.payetteforward.com%2F&ul=en-us&de=UTF-8&dt=Payette%20Forward&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAAjAAQCAC~&jid=463991884&gjid=490777142&cid=1614863798.1618411341&tid=UA-41913908-1&_gid=736578796.1618411341&_r=1&gtm=2wg3v0KD2DGX&cd1=David%20Payette&cd3=frontpage&z=892435348

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 14:42:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.payetteforward.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-41913908-1&cid=1614863798.1618411341&jid=463991884&gjid=490777142&_gid=736578796.1618411341&_u=aGBAAAAiAAQCAC~&z=769181014

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Apr 2021 14:42:20 GMT
content-type: text/plain
access-control-allow-origin: https://www.payetteforward.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 30ms
29ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-41913908-1&cid=1614863798.1618411341&jid=463991884&_u=aGBAAAAiAAQCAC~&z=1147852265

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 14:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-41913908-1&cid=1614863798.1618411341&jid=463991884&_u=aGBAAAAiAAQCAC~&z=1147852265

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 14:42:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/ 86 KB
19 KB 126ms
29ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15839;tid=1;dt=6;
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d80bee8fe117ad26e7b21ed56f6eb8114491441bfdbe8b622b8bab748b618184

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 14:42:21 GMT
Content-Encoding: gzip
Age: 1111
X-Cache: HIT
Connection: keep-alive
Content-Length: 18870
x-amz-id-2: AKzaW8YE10oah5YZBaq/tLdAIbA5VE3TtcAIOKz+FXJ4nGxjZdLr8skW8rHDTe7/tlwc+0PmAN8=
X-Served-By: cache-hhn4033-HHN
Last-Modified: Wed, 14 Apr 2021 14:17:56 GMT
Server: AmazonS3
X-Timer: S1618411342.698157,VS0,VE0
ETag: "7e5c4c7b5807d1f6ddfca61ed844246a"
x-amz-request-id: R24B1VVRJMJ2KYC5
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 174

GET
H2 200 udm-r3_v2.6.19.js Show response
bid.underdog.media/ 465 KB
143 KB 52ms
14ms Script
application/javascript 2600:9000:20e8:8c00:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_v2.6.19.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15839;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8c00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 93768961a651c6f37bd168e827c58d049b581f17ea25330429c9fe1570d205ad

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 20:05:12 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 19:56:09 GMT
server: AmazonS3
age: 1967830
etag: "2d21415a1f3a2f72268fac0981585058"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 145523
x-amz-cf-id: 35X-X4_iAkedTov2x5oseiQ8IPPDxmndem1rev-GT4qQ8w8z1dIVug==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 28ms
7ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15839;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:21 GMT
content-encoding: gzip
etag: "YoFsxqR3BwPygbSjh02Dug=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 21 Apr 2021 14:42:21 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID
https://udmserve.net/udm/fetch.pix?dt=1;apnid=8681995675005642929

43 B
595 B

191ms
154ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=8681995675005642929
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 14:42:22 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 14:42:22 GMT
X-Proxy-Origin: 89.40.183.4; 89.40.183.4; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.37:80
AN-X-Request-Uuid: aee7254b-a0b9-427e-8999-9e8241d8969b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=8681995675005642929
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDI3MjdCNkItQzkzRi00QURBLTkwQjEtQjY1MzM0MUFGQjFF&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDI3MjdCNkItQzkzRi00QURBLTkwQjEtQjY1MzM0MUFGQjFF&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D02727B6B-C93F-4ADA-90B1-B653341AFB1E
https://udmserve.net/udm/fetch.pix?pmid=02727B6B-C93F-4ADA-90B1-B653341AFB1E

43 B
611 B

156ms
156ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?pmid=02727B6B-C93F-4ADA-90B1-B653341AFB1E
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 14:42:27 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://udmserve.net/udm/fetch.pix?pmid=02727B6B-C93F-4ADA-90B1-B653341AFB1E
Date: Wed, 14 Apr 2021 14:42:26 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 396
Content-Type: text/html; charset=iso-8859-1

GET
H2 204 services
sync.technoratimedia.com/ 0
300 B 886ms
100ms Image
text/plain 193.122.130.38
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.130.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:22 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 804179495
access-control-allow-origin: https://www.payetteforward.com/
access-control-allow-credentials: true

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24
https://udmserve.net/udm/fetch.pix?dt=1;admix=ad040b75a02c45df89e788f32ac3faa6

43 B
608 B

155ms
154ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;admix=ad040b75a02c45df89e788f32ac3faa6
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 14:42:21 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Wed, 14 Apr 2021 14:42:21 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://udmserve.net/udm/fetch.pix?dt=1;admix=ad040b75a02c45df89e788f32ac3faa6
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D
https://udmserve.net/udm/fetch.pix?dt=1;acu=518a0011d7020907ff3ff7be90532ce7e9f7193d

43 B
614 B

185ms
154ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;acu=518a0011d7020907ff3ff7be90532ce7e9f7193d
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 14:42:22 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://udmserve.net/udm/fetch.pix?dt=1;acu=518a0011d7020907ff3ff7be90532ce7e9f7193d
Date: Wed, 14 Apr 2021 14:42:21 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 3 B
350 B 42ms
13ms Script
application/x-javascript 2600:9000:20e8:a800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 17:59:47 GMT
via: 1.1 f66aaf2d9f6a8e65595a1e24d5f18bcd.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 21:04:20 GMT
server: AmazonS3
age: 74555
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: Rxl_9vEayfzOBr5eCwO7L9f1Cmzv5kNR5qrNfl3ViK6XTs53SqdXNw==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 3 B
356 B 472ms
443ms Script
application/x-javascript 2600:9000:20e8:a800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:a800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:39:04 GMT
via: 1.1 f66aaf2d9f6a8e65595a1e24d5f18bcd.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 198
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: chs98d4MejZ26wTJidl2cr_WqtSxo15cAYXQTnY-U3K5MuG0F-B_GA==

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202104121324/ 83 KB
28 KB 44ms
43ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202104121324/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/UZYxC75kqDLRiEd9GoEYOmovVVM/prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9f62c3875012662294f9653e4116e7ccb9b612202d6b43248e11cc39ad07893

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 14:42:21 GMT
Content-Encoding: gzip
Age: 487
X-Cache: HIT
Connection: keep-alive
Content-Length: 27577
x-amz-id-2: oRPAPp5Sh3xdnzM8Kl3DLuBtiwqea8W5BED3LeinthZUyhlklAZNATI3vAecRbXFqmMz2kr4mP4=
X-Served-By: cache-hhn4033-HHN
Last-Modified: Mon, 12 Apr 2021 17:25:06 GMT
Server: AmazonS3
X-Timer: S1618411342.814949,VS0,VE0
ETag: "f56955ab8ecd49b50ae9336e4ece4ad4"
x-amz-request-id: PZA0F2JKCM6TXNPE
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 574

GET
H2 200 pixel;r=1707108321;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.payetteforward.com%2F;uht=2;fpan=1;fpa=P0-305235036-1618411342104;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=payett...
pixel.quantserve.com/ 35 B
371 B 11ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1707108321;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.payetteforward.com%2F;uht=2;fpan=1;fpa=P0-305235036-1618411342104;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=payetteforward.com;je=0;sr=1600x1200x24;dst=1;et=1618411342104;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.Payette%20Forward%2Cdescription.Payette%20Forward%20helps%20people%20solve%20problems%20with%20their%20iPhones%252C%20Macs%252C%20and%20other%20%2Curl.https%3A%2F%2Fwww%252Epayetteforward%252Ecom%2F%2Csite_name.Payette%20Forward%2Cimage.https%3A%2F%2Fwww%252Epayetteforward%252Ecom%2Fwp-content%2Fuploads%2F2020%2F05%2FFacebook-Cover%252Ejpg%2Cimage%3Awidth.851%2Cimage%3Aheight.315

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 14:42:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1979247363;labels=edge.1%2Csid.15839;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.payetteforward.com%2F;uht=2;fpan=0;fpa=P0-305235036-1618411342104;ns=0;ce=1;qjs=1;qv=e576aef5-2021031721120...
pixel.quantserve.com/ 35 B
371 B 10ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1979247363;labels=edge.1%2Csid.15839;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.payetteforward.com%2F;uht=2;fpan=0;fpa=P0-305235036-1618411342104;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=payetteforward.com;je=0;sr=1600x1200x24;dst=1;et=1618411342107;tzo=-120;ogl=locale.en_US%2Ctype.website%2Ctitle.Payette%20Forward%2Cdescription.Payette%20Forward%20helps%20people%20solve%20problems%20with%20their%20iPhones%252C%20Macs%252C%20and%20other%20%2Curl.https%3A%2F%2Fwww%252Epayetteforward%252Ecom%2F%2Csite_name.Payette%20Forward%2Cimage.https%3A%2F%2Fwww%252Epayetteforward%252Ecom%2Fwp-content%2Fuploads%2F2020%2F05%2FFacebook-Cover%252Ejpg%2Cimage%3Awidth.851%2Cimage%3Aheight.315

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 14:42:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 200 a180398f-793b-4288-ac64-758e7b38d67c
app.termly.io/api/v1/snippets/websites/ Frame 0
0 167ms
152ms Preflight 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c

Protocol

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.payetteforward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
content-length: 0
status: 200 OK
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 09726e764e00004e25d080d000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 63fdb36a1d2a4e25-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 21 KB
9 KB 13ms
12ms Script
application/x-javascript 2600:9000:20e8:8c00:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.19.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8c00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cafddb9dffdbe460832fe92631dcba3455ef4f8da707c1938eedd56f3e7482a

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 13:04:48 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 13:00:05 GMT
server: AmazonS3
age: 5860
etag: "0486a5ef58e69705795be209095bca3f"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 3987a119dd762046470f5ba503a917ea.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 9263
x-amz-cf-id: khwPwvMwGve12R_e_bZDd-IjtqQ-2jJtvkQgUbQgyy9Zfr9VoqnLPQ==

GET
H2 200 a180398f-793b-4288-ac64-758e7b38d67c Show response
app.termly.io/api/v1/snippets/websites/ 4 KB
1 KB 148ms
148ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4421567c09605717b213d9b83ba098a84aefd6997e07cbca680fef9878ac29e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Wed, 14 Apr 2021 14:42:27 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200 OK
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e76e600004e25ca03c000000001
x-request-id: f3677ade-e111-4084-b5a1-522a01f098eb
x-runtime: 0.008218
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4421567c09605717b213d9b83ba098a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 63fdb36b0f6d4e25-FRA

GET
H2 200 ip Show response
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ 120 B
280 B 170ms
169ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ip?random-uuid=595a4e91-4f60-b555-4e3d-af9bddd40469

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6d01ec98c7803b37e801273c65f6764911bd79a88b983196ac76dea0561ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Wed, 14 Apr 2021 14:42:28 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200 OK
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e77f500004e257d19a000000001
x-request-id: 914902d4-df0b-4605-b05a-fa058281d8fa
x-runtime: 0.004857
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cf6d01ec98c7803b37e801273c65f676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 63fdb36cbb824e25-FRA

OPTIONS
H2 200 ip
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ Frame 0
0 438ms
425ms Preflight 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ip?random-uuid=595a4e91-4f60-b555-4e3d-af9bddd40469

Protocol

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.payetteforward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
content-length: 0
status: 200 OK
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 09726e764e00004e25e5a41000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 63fdb36a1d2d4e25-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 Payette-Forward_Logo.svg
www.payetteforward.com/wp-content/uploads/2020/06/ 11 KB
4 KB 27ms
27ms Image
image/svg+xml 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/06/Payette-Forward_Logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 766a2e1984e6104f641176065f6806f1119a74a8703473c69658048146129997

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1986235
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e76860000bec9970ca000000001
last-modified: Tue, 09 Jun 2020 14:33:57 GMT
server: cloudflare
etag: W/"5edf9dd5-2b36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EOc6%2FGtnRf8U3vNQu955a793yzomgBjs8tR%2FYnS5htzE7UWzQaaFuCASjLQejZ59Ub8H9cwhVK0QrtpmhuecebpZjLk5VNYsqdQE07491AqdS0Q8esLbjVrXuh9xDX0wnJnh"}],"max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 63fdb36a6f6ebec9-FRA
expires: Wed, 21 Apr 2021 14:58:32 GMT

GET
H2 200 Why-Does-My-iPhone-Get-Hot-My-Battery-Drains-Too-The-Fix.-702x336.jpg
www.payetteforward.com/wp-content/uploads/2017/08/ 7 KB
8 KB 28ms
25ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2017/08/Why-Does-My-iPhone-Get-Hot-My-Battery-Drains-Too-The-Fix.-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f1d0b12bdd621288237765d687c18a07891fba5d3b8af5bf0417faebf89407

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292645
cf-polished: qual=85, origFmt=jpeg, origSize=15355
content-disposition: inline; filename="Why-Does-My-iPhone-Get-Hot-My-Battery-Drains-Too-The-Fix.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7620
cf-request-id: 09726e768b0000bec96e09e000000001
last-modified: Fri, 14 Sep 2018 14:45:24 GMT
server: cloudflare
etag: "5b9bc984-3bfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l2iM%2FOulxRmOjsAAHpLCI7s69xRhYk9apMC2rquG%2BFQ4%2BtQc4dbbDlKQN0W2%2BGQL%2BIYHx%2BYzPR2olbbU3nzpWVBe1klyUIUnvDH%2FLwfSz0LI54gVVgYVoIlLwlGM%2FBze8p8n"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36a7f74bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 My-iPhone-Wont-Charge-Heres-The-Real-Fix.-702x336.jpg
www.payetteforward.com/wp-content/uploads/2018/01/ 6 KB
7 KB 36ms
33ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2018/01/My-iPhone-Wont-Charge-Heres-The-Real-Fix.-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e1c3b691fad00b895d6ea8be4188c7d1253d56f4d1ae564e30e0de40cb5c1b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 67452
cf-polished: qual=85, origFmt=jpeg, origSize=15115
content-disposition: inline; filename="My-iPhone-Wont-Charge-Heres-The-Real-Fix.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6588
cf-request-id: 09726e768b0000bec99c095000000001
last-modified: Fri, 14 Sep 2018 14:40:17 GMT
server: cloudflare
etag: "5b9bc851-3b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7lmoYhu8ABzA1AvHLgmOC9fhhU%2Fyax98eBx3KuYRYH9aSLBuHh8yp5Fwtdvg2OC4lHbkPLn8m9%2BBC1RO9Dm80Z7LLm%2BfxVklmBT2b6rneqejChC8SV81wuxppXVcSw5JmKNp"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36a7f75bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Why-Does-My-iPhone-Battery-Die-So-Fast-Heres-The-Real-Fix-702x336.jpg
www.payetteforward.com/wp-content/uploads/2017/10/ 10 KB
10 KB 35ms
32ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2017/10/Why-Does-My-iPhone-Battery-Die-So-Fast-Heres-The-Real-Fix-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5a50538e93b491d1027591b0b6f06731e07fb29b284c71eb260219bdfc50b37

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292645
cf-polished: qual=85, origFmt=jpeg, origSize=16705
content-disposition: inline; filename="Why-Does-My-iPhone-Battery-Die-So-Fast-Heres-The-Real-Fix-702x336.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10012
cf-request-id: 09726e768c0000bec979a07000000001
last-modified: Fri, 14 Sep 2018 14:35:20 GMT
server: cloudflare
etag: "5b9bc728-4141"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s%2FRCPclUilYoWrSMFiQwOoqeLfukDDGDivt7OcLzs1JJZwiOwxpLapVdlZ8M3FewaYTgz9yukzIUqgObKrb90j2Zrryh2uh46jmxB0%2B5yWrhp7dukdIj1bmYiuVur8OqjhST"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36a7f76bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 What-Uses-Data-On-iPhone-Using-Too-Much-The-Fix-702x336.jpg
www.payetteforward.com/wp-content/uploads/2017/10/ 7 KB
8 KB 29ms
27ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2017/10/What-Uses-Data-On-iPhone-Using-Too-Much-The-Fix-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf861d17ccfb5484653c6faa83194e3cdd22d77f8c184563350aef2fe6b24c4

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292645
cf-polished: qual=85, origFmt=jpeg, origSize=16810
content-disposition: inline; filename="What-Uses-Data-On-iPhone-Using-Too-Much-The-Fix-702x336.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7594
cf-request-id: 09726e768c0000bec9901bd000000001
last-modified: Fri, 14 Sep 2018 14:37:20 GMT
server: cloudflare
etag: "5b9bc7a0-41aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ufP94R3MMRMLEeU9YDSQGwfptfyu%2B5E26Tv%2BpbAYw410xMbrjetNWIwefAHKOOpYmjs0r0fxO0TKREBZSprAuDvsGcWY54n0FSL1YngJKQY53Oqw8rZsBl45PAm1dZOznd0v"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36a7f77bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Why-Is-My-iPhone-So-Slow-Here%E2%80%99s-The-Fix-For-iPad-Too_featured-702x336.jpg
www.payetteforward.com/wp-content/uploads/2015/06/ 8 KB
8 KB 31ms
29ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2015/06/Why-Is-My-iPhone-So-Slow-Here%E2%80%99s-The-Fix-For-iPad-Too_featured-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676d46a3278abf750deeeca4b4e6adb477f0dfb187f94848fd68d9622cfe41e3

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 292644
cf-polished: qual=85, origFmt=jpeg, origSize=13501
content-disposition: inline; filename="Why-Is-My-iPhone-So-Slow-Here%E2%80%99s-The-Fix-For-iPad-Too_featured-702x336.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7962
cf-request-id: 09726e768c0000bec98384b000000001
last-modified: Mon, 31 Jul 2017 13:14:18 GMT
server: cloudflare
etag: "597f2d2a-34bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iJeuT6mNHCiR2mp4aY0A0iqa%2Fm40tPE3xBaLz8%2BzPVhgfShKTI%2FnXJTRMnIXppzUuwP7wkGaynUIo7Kgoum1k0DqNdgi4aAWk%2Bm5nSkmeFa%2FkLG5p0jMgRD7t%2BjE9dcYurr4"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36a7f78bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 My-iPhone-Keeps-Beeping-Heres-Why-And-The-Real-Fix-351x185.jpg
www.payetteforward.com/wp-content/uploads/2017/07/ 13 KB
14 KB 31ms
30ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2017/07/My-iPhone-Keeps-Beeping-Heres-Why-And-The-Real-Fix-351x185.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bee264daf76622a9f0ac913b45c7324fe981ca34968c094c89483a8847d99a1

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 67452
cf-polished: qual=85, origFmt=jpeg, origSize=16220
content-disposition: inline; filename="My-iPhone-Keeps-Beeping-Heres-Why-And-The-Real-Fix-351x185.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13792
cf-request-id: 09726e76a30000bec97a009000000001
last-modified: Mon, 17 Jul 2017 12:25:23 GMT
server: cloudflare
etag: "596cacb3-3f5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3tkmCpC25vqdzyhNbvY6tbyH6zqlVKW6C0w%2BkS2xsokqWtRfZGgVOE8XKL35H9uzi%2FZ4OkUV1eskSj%2FJO%2BnNF96%2FI1h3N4jZdYaVcpW8NXhNHEp1XWGiaTduiqep6HdyLqKy"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36a9f81bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 picture-in-picture-not-working-on-iphone-fix-168x137.jpg
www.payetteforward.com/wp-content/uploads/2020/07/ 4 KB
4 KB 29ms
27ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/07/picture-in-picture-not-working-on-iphone-fix-168x137.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 213905f3aa32b337f64b0c80e22c2e88b52ab8e349db22744d684c771b703ab5

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 74914
cf-polished: qual=85, origFmt=jpeg, origSize=21710
content-disposition: inline; filename="picture-in-picture-not-working-on-iphone-fix-168x137.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3700
cf-request-id: 09726e76a80000bec9970cb000000001
last-modified: Fri, 26 Feb 2021 21:58:32 GMT
server: cloudflare
etag: "60396f08-54ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j3%2FiGGCR1eoOCDrCYnzeE6XFKQh00t%2FVBDJSUflaoH0v1dzHVNLcKGwKWFw8jrXeuOuCcUti6yno%2FkWC5VkW3bmuwYtVlYUakCJHjqfBWx10PvmHRoim4qZ9mdLqgzGlX3Xp"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36aaf84bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Facebook-Messenger-Not-Working-On-iPhone-Heres-The-Fix-168x137.jpg
www.payetteforward.com/wp-content/uploads/2017/08/ 5 KB
6 KB 386ms
385ms Image
image/jpeg 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2017/08/Facebook-Messenger-Not-Working-On-iPhone-Heres-The-Fix-168x137.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f314a84f9d6c59392477ca04c9122b0c80e610ab58a891d407102a651d0eb65d

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:28 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5330
cf-request-id: 09726e76a80000bec96fa2d000000001
last-modified: Mon, 07 Aug 2017 12:05:16 GMT
server: cloudflare
etag: "5988577c-14d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1PJDTUGn%2BC2LoRqp2alm3inwFccOtcwgSe9%2BOz0P2B0oCWvNNZDV3%2B97qcnJ44bdaHbbr5lHnOL8aSVZffWvSQkFyOa0aWKswi%2F%2FRyzyYbA5GZfyPjBA9CcthtbY8x8W2F9O"}],"max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36aaf85bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 how-to-update-iphone-using-finder-702x439.jpg
www.payetteforward.com/wp-content/uploads/2020/07/ 8 KB
8 KB 32ms
31ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/07/how-to-update-iphone-using-finder-702x439.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53da90f8542efe36a24c22a0777ac720491d4aea61b2117737b0280d772ed76

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66248
cf-polished: qual=85, origFmt=jpeg, origSize=23206
content-disposition: inline; filename="how-to-update-iphone-using-finder-702x439.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8054
cf-request-id: 09726e76ab0000bec99e960000000001
last-modified: Tue, 08 Sep 2020 19:08:31 GMT
server: cloudflare
etag: "5f57d6af-5aa6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6G9LWm4NBmBYkeQ1fVgaOrxPmgeLXaIksMesSG4BMVYEpIVAMLU1fc9LJzvmO1rYNsqPyu0Nqyjn8bpa%2BWeqCMM0cKS1gsPk1rkgy90IMoZspNlkPOgEWdF5Q4UT0gwzmmUX"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36aaf88bec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Why-Does-Facebook-Keep-Crashing-On-My-iPhone-iPad-The-Fix-110x96.jpg
www.payetteforward.com/wp-content/uploads/2016/04/ 3 KB
4 KB 28ms
25ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2016/04/Why-Does-Facebook-Keep-Crashing-On-My-iPhone-iPad-The-Fix-110x96.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c084454bff71124bf2dadf3664bebfda3ce44a15cff8c6056f237dda68f472b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 10162
cf-polished: qual=85, origFmt=jpeg, origSize=3996
content-disposition: inline; filename="Why-Does-Facebook-Keep-Crashing-On-My-iPhone-iPad-The-Fix-110x96.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3392
cf-request-id: 09726e76b10000bec98384d000000001
last-modified: Mon, 07 Aug 2017 12:34:54 GMT
server: cloudflare
etag: "59885e6e-f9c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hRhG%2F%2FTsny7JewCfzXyqNCf9XJEDlHH2VNey04zR%2F%2FVpTOOzM21rz4ATxv0CbvEs0JJHg4AXFDtEkvE8kLkRKRVxJpleTxH0HPelA9NZ38vcZOedDr5wbcUM3omRl6XHSqeA"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36abf8ebec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 My-iPad-Screen-Is-Blurry-Heres-The-Real-Fix.-702x439.jpg
www.payetteforward.com/wp-content/uploads/2018/11/ 6 KB
6 KB 35ms
33ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2018/11/My-iPad-Screen-Is-Blurry-Heres-The-Real-Fix.-702x439.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f39847cedd29220034f0e6761c5cc0ccb43a0757e492fce1396106b3ff01fdec

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 66248
cf-polished: qual=85, origFmt=jpeg, origSize=14751
content-disposition: inline; filename="My-iPad-Screen-Is-Blurry-Heres-The-Real-Fix.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5972
cf-request-id: 09726e76b20000bec974ae2000000001
last-modified: Tue, 13 Nov 2018 13:55:57 GMT
server: cloudflare
etag: "5bead7ed-399f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1evJjrhdiL5aXdfXibZiHp0umYZiQjXf7gthClkl1yfSYWTfrRziOSCvw7SQrqFMeJvqFU9hce12YN%2Ffkm0CWe7KqMCddP08CmaJbjlxF%2FkHgG3aQOvOwb0d4yNZmCBP5acT"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36abf8fbec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 I-Deleted-the-App-Store-Safari-iTunes-or-the-Camera-from-my-iPhone-iPad-or-iPod-fix-110x96.jpg
www.payetteforward.com/wp-content/uploads/2021/03/ 3 KB
4 KB 49ms
48ms Image
image/webp 2606:4700:20::ac43:460d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2021/03/I-Deleted-the-App-Store-Safari-iTunes-or-the-Camera-from-my-iPhone-iPad-or-iPod-fix-110x96.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:460d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96760a8b2280940532c36c0284389fed89b52956ee740030f61a7f2310ee7301

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 14:42:27 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 10159
cf-polished: qual=85, origFmt=jpeg, origSize=21600
content-disposition: inline; filename="I-Deleted-the-App-Store-Safari-iTunes-or-the-Camera-from-my-iPhone-iPad-or-iPod-fix-110x96.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3094
cf-request-id: 09726e76c50000bec9a8883000000001
last-modified: Wed, 07 Apr 2021 20:53:34 GMT
server: cloudflare
etag: "606e1bce-5460"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t4Ex2uBrxXJVlPZ8KpgeGI0xMpkJHrZmZQo151scNk1pFrNavgEyLiA6EPlPxofvAb%2FZlYDlZXL7nWMf8FkDQXsGzkP4vOoT%2BEvXmW%2BJiNtMMAyrOktY9J3om2dsmMWorQg4"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 63fdb36adf9bbec9-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

OPTIONS
H2 200 statistics
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ Frame 0
0 162ms
160ms Preflight 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/statistics

Protocol

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.payetteforward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Apr 2021 14:42:28 GMT
content-length: 0
status: 200 OK
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: POST
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 09726e78b500004e25c331b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 63fdb36deea54e25-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 cookies
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/documents/b4f9fe89-1ed3-40dc-ab88-148f1afc5106/ Frame 0
0 151ms
150ms Preflight 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/documents/b4f9fe89-1ed3-40dc-ab88-148f1afc5106/cookies

Protocol

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.payetteforward.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 14 Apr 2021 14:42:28 GMT
content-length: 0
status: 200 OK
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 09726e78b500004e25928dd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 63fdb36deea84e25-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 201 statistics Show response
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ 3 B
203 B 176ms
176ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/statistics

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Wed, 14 Apr 2021 14:42:28 GMT
vary: Origin
cf-cache-status: DYNAMIC
status: 201 Created
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e795600004e25820a2000000001
x-request-id: 80fc69d8-403b-400b-acb7-b042ae4da665
x-runtime: 0.017049
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"43974ed74066b207c30ffd0fed514676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 63fdb36ef95f4e25-FRA

GET
H2 200 cookies Show response
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/documents/b4f9fe89-1ed3-40dc-ab88-148f1afc5106/ 371 KB
69 KB 33ms
33ms XHR
application/json 2606:4700::6813:ff58
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/documents/b4f9fe89-1ed3-40dc-ab88-148f1afc5106/cookies

Requested by

Host: app.termly.io
URL: https://app.termly.io/644.embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:ff58 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57536f64fe1b433c9fd9149bd748ef6aec29c358ab5c274a1a57e24cff1f45a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Wed, 14 Apr 2021 14:42:28 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 34788
status: 200 OK
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09726e794e00004e25d1980000000001
x-request-id: 49f75403-3bc9-47f4-878d-4ce33c97011b
x-runtime: 0.117375
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"57536f64fe1b433c9fd9149bd748ef6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=600
cf-ray: 63fdb36ee94a4e25-FRA

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.payetteforward.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	debug	URL: https://app.termly.io/644.embed.min.js(Line 1) Message: [Termly] Region %o has consent_mode set to %o global opt_in

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
ampcid.google.com
ampcid.google.de
app.termly.io
bid.underdog.media
cdnjs.cloudflare.com
cm.g.doubleclick.net
confiant-integrations.global.ssl.fastly.net
cs.admanmedia.com
fonts.googleapis.com
fonts.gstatic.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
payetteforward.com
pixel.quantserve.com
rules.quantcount.com
secure.adnxs.com
secure.quantserve.com
stats.g.doubleclick.net
sync.technoratimedia.com
udmserve.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.payetteforward.com
142.250.186.162
146.0.227.110
151.101.113.194
185.33.220.145
185.64.189.110
185.64.189.216
185.64.190.81
193.122.130.38
2600:9000:20e8:8c00:5:c4ab:c3c0:93a1
2600:9000:20e8:a800:6:44e3:f8c0:93a1
2606:4700:20::ac43:460d
2606:4700::6810:135e
2606:4700::6810:a723
2606:4700::6813:ff58
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:800::200a
2a00:1450:4001:802::2003
2a00:1450:4001:803::200e
2a00:1450:4001:808::200e
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c04::9a
68.71.249.118
88.214.206.247
024c516feaf4f7e5fe74de6f78224771aac12add4039839a3ba53f77d0b546a8
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
1508490e2a7f3949d866ce8f032895224c55a02eb24f9ada50c7cb79a4c887c8
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
1c084454bff71124bf2dadf3664bebfda3ce44a15cff8c6056f237dda68f472b
1c3c5400087c7a0933a14001c67987c69be79772724a3c6c1dcaac4119d976e3
1dd07d410cf12478e9fedd90262cc824b7e8143b578bea4fd47b4cd3f608bc47
213905f3aa32b337f64b0c80e22c2e88b52ab8e349db22744d684c771b703ab5
2c0883508273ac7a5faf1bd7f053ba2e7b4e8038375c1619dbeb562829b7a249
2c9c000242ec31f3d772ddcf4ae871f8a8484a931ae01de7256fcd7227980799
2cafddb9dffdbe460832fe92631dcba3455ef4f8da707c1938eedd56f3e7482a
41822aa93e076aa69c4ae6a778f44b16dfbe65fbb177c16869cf1970e1f5bf6e
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
4421567c09605717b213d9b83ba098a84aefd6997e07cbca680fef9878ac29e0
4545eb1dec25fe868d19dc292d417d8a9e41c0276d75a4eaf524a9db21aa705a
4bee264daf76622a9f0ac913b45c7324fe981ca34968c094c89483a8847d99a1
501ed6d7c49a3526af1f804fff30cc8b7b8608525b100f4140b7504cc5afd4bd
5268a8afa9325a8e0ea0c0039216ccc1c87cc59303ca5d0e7cef64469d9221aa
54e1c3b691fad00b895d6ea8be4188c7d1253d56f4d1ae564e30e0de40cb5c1b
57536f64fe1b433c9fd9149bd748ef6aec29c358ab5c274a1a57e24cff1f45a2
57f7117e895cffdd63c9588a8975b3842c00083c4cef4ccebadbfb55f4810607
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e1a3fc0ee5a71ce8585a3464a579461e0dc853ce9073beb88297babe8d2b701
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
646f54e64d230bf10e2d2c14236c4f59b18257b96938951d346613671ee450b9
676d46a3278abf750deeeca4b4e6adb477f0dfb187f94848fd68d9622cfe41e3
6a4dac260dffc284594d633859fb508b2fcfade38b61c8af9cd55eb23adf9e89
6dc665f3ade51319cb3df1ed00c2af977e87837208c8a1906c0d05359e5cce4b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
766a2e1984e6104f641176065f6806f1119a74a8703473c69658048146129997
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8e243e4f5183945736e356dca41d9bdbf769a2fb78606ff170c05fbe395c617a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93768961a651c6f37bd168e827c58d049b581f17ea25330429c9fe1570d205ad
95f1d0b12bdd621288237765d687c18a07891fba5d3b8af5bf0417faebf89407
96760a8b2280940532c36c0284389fed89b52956ee740030f61a7f2310ee7301
9756d0cb0bf229f18e41d174a6234f7e18095f8e0c817bfb7c72d9eebb5f80b2
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a9f62c3875012662294f9653e4116e7ccb9b612202d6b43248e11cc39ad07893
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bae01bb3396fa39af0ce48a332da64f6256ebb230c2570b82388552389e4ee7e
c197bcb485432971c54b41c4b8527a4bdfc3ad9713ee13003c783d994e00fc44
c53da90f8542efe36a24c22a0777ac720491d4aea61b2117737b0280d772ed76
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdf861d17ccfb5484653c6faa83194e3cdd22d77f8c184563350aef2fe6b24c4
cf6d01ec98c7803b37e801273c65f6764911bd79a88b983196ac76dea0561ecb
d44da8cb8d1fad9bc5999ce7e69b725b791d0abeab3b9ef837624ebf33b099ef
d80bee8fe117ad26e7b21ed56f6eb8114491441bfdbe8b622b8bab748b618184
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1b50c1f3d14f876ad332a4c4714f779278773061209f4e7c23b1bc0e3e1e884
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64be9c7535deda51f0f11fa8210cdf025dbb3ebd12ee4dfa090965957069026
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f314a84f9d6c59392477ca04c9122b0c80e610ab58a891d407102a651d0eb65d
f39847cedd29220034f0e6761c5cc0ccb43a0757e492fce1396106b3ff01fdec
f5a50538e93b491d1027591b0b6f06731e07fb29b284c71eb260219bdfc50b37
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7c184aedbf3a0ac0ee3aabbc666b488738c2f4228d796e87fef9678446e66ff

www.payetteforward.com Open in urlscan Pro 2606:4700:20::ac43:460d Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

63 %IPv6

20 Domains

28 Subdomains

21 IPs

6 Countries

794 kBTransfer

2426 kBSize

0 Cookies

4 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.payetteforward.com Open in urlscan Pro
2606:4700:20::ac43:460d Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

63 %
IPv6

20
Domains

28
Subdomains

21
IPs

6
Countries

794 kB
Transfer

2426 kB
Size

0
Cookies

67 HTTP transactions
6 data transactions