payl8r.com Open in urlscan Pro
172.67.74.35 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payl8r.com/
Submission: On February 03 via automatic, source certstream-suspicious (February 3rd 2021, 12:23:42 am UTC)

Summary HTTP 58 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 21 IPs in 5 countries across 14 domains to perform 58 HTTP transactions. The main IP is 172.67.74.35, located in United States and belongs to CLOUDFLARENET, US. The main domain is payl8r.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 27th 2020. Valid for: a year.

This is the only time payl8r.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
21	172.67.74.35 172.67.74.35	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
1	65.9.7.50 65.9.7.50	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
2	213.244.146.28 213.244.146.28	3356 (LEVEL3) (LEVEL3)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
8	185.20.209.147 185.20.209.147	41913 (COMPUTERL...) (COMPUTERLINE Computerline)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.7.71 65.9.7.71	16509 (AMAZON-02) (AMAZON-02)
1 2	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
58	21

21 172.67.74.35 (United States)

ASN13335 (CLOUDFLARENET, US)

payl8r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.50 (Seattle, United States)

ASN16509 (AMAZON-02, US)

pj.l.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.244.146.28 (United Kingdom)

ASN3356 (LEVEL3, US)

salesiq.zoho.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.20.209.147 (Sierre, Switzerland)

ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH)

css.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js.zohocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.7.71 (Seattle, United States)

ASN16509 (AMAZON-02, US)

ps.l.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Mountain View, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	payl8r.com payl8r.com	6 MB
8	zohocdn.com css.zohocdn.com js.zohocdn.com	301 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	74 KB
4	admedo.com 1 redirects pj.l.admedo.com ps.l.admedo.com pool.admedo.com	4 KB
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	googletagmanager.com www.googletagmanager.com	112 KB
2	googleadservices.com 1 redirects www.googleadservices.com	13 KB
2	zoho.eu salesiq.zoho.eu	42 KB
2	cloudflare.com cdnjs.cloudflare.com	2 KB
1	google.de www.google.de	154 B
1	google.com www.google.com	138 B
1	google.pl www.google.pl	569 B
1	googleapis.com fonts.googleapis.com	830 B
58	14

	Domain	Requested by
21	payl8r.com	payl8r.com
6	js.zohocdn.com	salesiq.zoho.eu js.zohocdn.com
4	fonts.gstatic.com	fonts.googleapis.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	payl8r.com www.googletagmanager.com
2	pool.admedo.com	1 redirects
2	css.zohocdn.com	salesiq.zoho.eu js.zohocdn.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	salesiq.zoho.eu	payl8r.com salesiq.zoho.eu
2	cdnjs.cloudflare.com	payl8r.com
1	ps.l.admedo.com	pj.l.admedo.com
1	www.google.de	payl8r.com
1	www.google.com	payl8r.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.google.pl	payl8r.com
1	pj.l.admedo.com	payl8r.com
1	fonts.googleapis.com	payl8r.com
58	19

This site contains links to these domains. Also see Links.

Domain
wp-demo.payl8r.com
brand-guidelines.payl8r.uk
www.facebook.com
www.instagram.com
www.linkedin.com

Subject Issuer	Validity	Valid
payl8r.com Cloudflare Inc ECC CA-3	`2020-06-27` - `2021-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
pj.l.admedo.com Amazon	`2020-07-14` - `2021-08-14`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.zoho.eu Thawte RSA CA 2018	`2020-05-31` - `2021-05-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.pl GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.zohocdn.com R3	`2021-01-06` - `2021-04-06`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
ps.l.admedo.com Amazon	`2020-07-14` - `2021-08-14`	a year	crt.sh
pool.admedo.com Sectigo RSA Domain Validation Secure Server CA	`2020-03-03` - `2022-03-03`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://payl8r.com/
Frame ID: 43D143A9E10538F9E9988699953600C5
Requests: 52 HTTP requests in this frame

Frame: https://css.zohocdn.com/salesiq/https/styles/newembedtheme_0a86fc156c7c6ac6714ec2614cff8f15_.css
Frame ID: F8F670F7630E42794BE2CC6F6FD91E9F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Gatsby (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Gatsby(?: ([0-9.]+))?$/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<[^>]+data-react/i
meta generator /^Gatsby(?: ([0-9.]+))?$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

webpack (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

meta generator /^Gatsby(?: ([0-9.]+))?$/i

Page Statistics

58
Requests

97 %
HTTPS

65 %
IPv6

14
Domains

19
Subdomains

21
IPs

5
Countries

7179 kB
Transfer

9623 kB
Size

8
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://wp-demo.payl8r.com/
Title: Demo store

Search URL Search Domain Scan URL

URL: http://brand-guidelines.payl8r.uk/
Title: Developers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/payl8r/
Title: 002-facebookCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.instagram.com/payl8r/
Title: 001-twitterCreated with Sketch.

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/payl8r/
Title: 003-linkedinCreated with Sketch.

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://www.googleadservices.com/pagead/conversion/730590535/wcm?cc=ZZ&dn=01614256363&cl=QMGPCLLI3aYBEMfar9wC&ct_eid=2 HTTP 302
https://www.google.pl/pagead/attribution/wcm?cc=ZZ&dn=01614256363&cl=QMGPCLLI3aYBEMfar9wC

Request Chain 50

https://pool.admedo.com/pixel?id=137929,137957&t=js HTTP 302
https://pool.admedo.com/ul_cb/pixel?id=137929,137957&t=js

58 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payl8r.com/ 144 KB
26 KB 308ms
192ms Document
text/html 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1376ef0e7348d6b33bbe40988912dc22bdd7ccffdfc58854fc3b7b08bb26ad36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: payl8r.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=df7279b92b8cfcb49fcd384175cd8908e1612311800; expires=Fri, 05-Mar-21 00:23:20 GMT; path=/; domain=.payl8r.com; HttpOnly; SameSite=Lax AWSELB=67D965D504DF1086DC57343127669328995CF5B57C480ADA92870B6C869B34914074A3F5D953ECC2310CFBCC7E8928AD7317DE46137D20E8BA9DE24FE7A300B864EBB18264;PATH=/;MAX-AGE=3600 AWSELBCORS=67D965D504DF1086DC57343127669328995CF5B57C480ADA92870B6C869B34914074A3F5D953ECC2310CFBCC7E8928AD7317DE46137D20E8BA9DE24FE7A300B864EBB18264;PATH=/;MAX-AGE=3600;SECURE;SAMESITE=None
cache-control: no-cache="set-cookie"
last-modified: Tue, 02 Feb 2021 08:48:49 GMT
x-amz-id-2: eTXZrKnduNgTXdr1a40eHWsywunqbzqMxEhEXq0lhDWb8J1I+E8J8y0AbV7YWa0eKycxQF45xC0=
x-amz-request-id: EB1BFD0CD33206AE
cf-cache-status: DYNAMIC
cf-request-id: 0806dec24a0000c7856d945000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WDEX5Ju1yCMqEmI6YR88u%2BETwC%2FHzZmztyRBezk23TGTCO9DlvzxNTkSnAWcCAHWH1VV5dtZeatSAEnKSQZBSNfwQ0juROSm1yI7"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 61b800b07973c785-AMS
content-encoding: br

GET
H2 200 webpack-runtime-79206f694eec4dffb6d8.js Show response
payl8r.com/ 3 KB
2 KB 64ms
62ms Script
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/webpack-runtime-79206f694eec4dffb6d8.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c81ed2156b3ef967c9a55e5e0098b41123997e48525b037df83757ffa694066

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3693
cf-polished: origSize=3046
vary: Accept-Encoding
x-amz-request-id: 8D0891142D9EC48B
x-amz-id-2: JQDUfLWSzFIw7uZItzdEske3bClifE3rsPx2f9BL0tqw3PyqYl8ln0mBCsJgJU/KbPwDUCANxok=
last-modified: Tue, 02 Feb 2021 08:48:53 GMT
server: cloudflare
etag: W/"5896c5b60c03c238fa5e2f14553ba33d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=85v4sUxBOvJLMQd5Rv%2FIebi2jp3FZtfeJWPLW4G7RQtmLfIE35rNkt3XC9N7azEPcfF0SjyrPrNwx43hoXSA9TZn8JjHeq1z9NS0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec3100000c785b6a1d000000001
cf-ray: 61b800b1ba7bc785-AMS
cf-bgj: minify

GET
H2 200 app-0aa983b8b328d17f8440.js Show response
payl8r.com/ 205 KB
62 KB 73ms
71ms Script
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/app-0aa983b8b328d17f8440.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80830dc8f88102b30c93db24f56a23a64b4b8b4207cbf8a9bf485ca20e981621

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3693
cf-polished: origSize=210419
vary: Accept-Encoding
x-amz-request-id: CF78B93352CBB2CA
x-amz-id-2: Ll5AaledrEMBcTbiK3X7iFcYLtR2C5BYsDArOadZ850VlpULvPcRz4rWrNeIgp1vqnpVnRpTi1w=
last-modified: Tue, 02 Feb 2021 08:48:47 GMT
server: cloudflare
etag: W/"88ca783c1fabf5e511c85f18d3ded22c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YgxkyKcGpxAhLnvt9yiSbxZuFLYqR8M1clil%2BghEXKqP2h8xMT32LYN8i3zWO5AyLlwt2HM9nDEUX%2BdqNZqeq87BMcZL%2Bg3NIKd%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec3100000c7856f16c000000001
cf-ray: 61b800b1ba7cc785-AMS
cf-bgj: minify

GET
H2 200 1-e075752baf1032c7a8b3.js Show response
payl8r.com/ 596 KB
147 KB 107ms
105ms Script
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/1-e075752baf1032c7a8b3.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6935458d9c0d346d2ccbff206bb6287894cae681cd1cf5e1a9fcef0c25120804

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3693
cf-polished: origSize=610446
vary: Accept-Encoding
x-amz-request-id: 4A9E1781DEF55D19
x-amz-id-2: Xa3JR/T9hiCm1fCP1630Kk71fcHh8CW03jFSxr/tNysQPfCPARY9QxGiQIM3AVS3IFUEcuHvSJk=
last-modified: Tue, 02 Feb 2021 08:48:47 GMT
server: cloudflare
etag: W/"96cc85778fd1847dcf7879e3d24e0f11"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XS9g1JWsWQfXnSzN%2Fn3VPpRdY5cuviQEf45JJgIJOl11nFRRG9M9T%2FUPNi2G5ZlcUZsafkJFbjvX2ECZ7s4lbKuNivoVQPopxc%2Bs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec3100000c785da07c000000001
cf-ray: 61b800b1ba7dc785-AMS
cf-bgj: minify

GET
H2 200 16-48e83f0c5f3b9baaaa72.js Show response
payl8r.com/ 207 KB
64 KB 106ms
104ms Script
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/16-48e83f0c5f3b9baaaa72.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a169671bcc8a40802448dd21c4d48328302f076b238d035c30816bcf920c201f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3693
cf-polished: origSize=212296
vary: Accept-Encoding
x-amz-request-id: CEE64A7C0B6849F9
x-amz-id-2: pNGnm50WEy7K9GmwdCBrnxFTGxDkBOq36OYfowvkrJRlnlsRv+MYod4D5LOF8JdYUjPTthJzfCk=
last-modified: Tue, 02 Feb 2021 08:48:47 GMT
server: cloudflare
etag: W/"28fafaef803f30752d4c6d3609685ea5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C6uKTJg8IW3s2Qzdwyy1iWoGPee05SLLxEcbm50zdsbf0oaiMB08ebv29mfn2rp2vWz1oZUnpLK7kOLc%2Be9%2FexzJxL91FUl9d%2BVj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec3100000c7859e155000000001
cf-ray: 61b800b1ba7ec785-AMS
cf-bgj: minify

GET
H2 200 0-a96c30bb628eb3c90f6c.js Show response
payl8r.com/ 257 KB
90 KB 106ms
104ms Script
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/0-a96c30bb628eb3c90f6c.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74b6d8e710fb2006e2a3c6a3cc91ae9874ef9b08c3e8935f5b71fe1474a2adab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3693
cf-polished: origSize=263498
vary: Accept-Encoding
x-amz-request-id: 959E8FC02D64322D
x-amz-id-2: n2APLHnZpFQMXhL9pPJERlFUGC+aYzXnajVjNuccDvdCdHeB/VpMdXuno9U6bB0AclBTBNmMPjc=
last-modified: Tue, 02 Feb 2021 08:48:47 GMT
server: cloudflare
etag: W/"f84b6463dc1598409db90bc0476eee9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tOUduMCCyueltaitAMem9HOWK5GJjxLVBG0C2FqbLr%2FbM9IuU5iJbbriZnwtg9H2ZGQ4oUV3ZKraPy5fyrbanUfshFPpucXenGzV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec3110000c785a58fa000000001
cf-ray: 61b800b1ba7fc785-AMS
cf-bgj: minify

GET
H2 200 component---src-pages-index-js-f844e8a532b7a9482466.js Show response
payl8r.com/ 21 KB
8 KB 64ms
62ms Script
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/component---src-pages-index-js-f844e8a532b7a9482466.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d42742d2c26d2465bdc7687bd47ceae4c4f394fb46ab8a39b06937cb898b7727

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3693
cf-polished: origSize=21367
vary: Accept-Encoding
x-amz-request-id: BTDSFS7T5MEG4M5P
x-amz-id-2: 9mxfE9RZzDNMn3QeGVp7TxBs4hdycMvWUpok52Znxw6wYA/Cmgb3OL8npBrzOX9iqIkGRO1NdjA=
last-modified: Tue, 02 Feb 2021 08:48:48 GMT
server: cloudflare
etag: W/"2594345b5bafd7ac51b2cc6235ed713a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ka5fNGgaV1apOJ5XnYkHolnOWXxwlQ3qMRSReWj81pnBafbnGs8VmHI2ymolM%2FaCAtywFV480LqJETN%2BDWrB8r46N1I%2BN9j8Hau%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec3150000c78582b52000000001
cf-ray: 61b800b1ba81c785-AMS
cf-bgj: minify

GET
H2 200 path---index-6a9-0SUcWyAf8ecbYDsMhQkEfPzV8.json
payl8r.com/static/d/140/ 55 B
475 B 183ms
181ms Other
application/json 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/static/d/140/path---index-6a9-0SUcWyAf8ecbYDsMhQkEfPzV8.json

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6de95067f387a7502caf98cc87da9fac659f401596c3d616c0d7087fe30978b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://payl8r.com
Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: EE7792E717D121D1
x-amz-id-2: R9tUpNjiUWNwlQk+ExUX+fLjyJgr7F+04SJmsZucIP9/Ytta0EJkLE69uwsvwibEoiJeqXkkbS8=
last-modified: Tue, 02 Feb 2021 08:48:52 GMT
server: cloudflare
etag: W/"02094403799cfe9d216f51de06d00d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fM2z63kSX1RS%2FT1a99wfMs57EIu%2BT0g8YVQbVzP8OY2RhSCvhesX3CT6mW31zRQV9lTtTLgowJMJ0zy%2ByDFusyDmoR3%2B7W5P5Vc0"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-request-id: 0806dec3110000c785d8280000000001
cf-ray: 61b800b1ba82c785-AMS

GET
H2 200 css
fonts.googleapis.com/ 5 KB
830 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0fcbf25f0b90f6e8a66a7ec7fe7eb919706b8dac6cd26e2464b481f89e839c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 00:23:20 GMT
server: ESF
date: Wed, 03 Feb 2021 00:23:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Feb 2021 00:23:20 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
768 B 12ms
11ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 1131598
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 382
cf-request-id: 0806dec2f70000062d7e136000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r2zZF6sMgbJpesxZ5Qoc%2Bm8DHfD4ABipVVAIgydqUKB5FWPR3fZ4Byu5ZLMwjACyzbjHrZiuPEfN2R85PSN9wcsZsoUnt4Ge9VDsX0JM6P6DMFTax4QNiZiMNRBaJNxF9Q%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61b800b1883f062d-FRA
expires: Mon, 24 Jan 2022 00:23:20 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 15ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 703525
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 637
cf-request-id: 0806dec2f70000062d7a9cf000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gE7qi8diaK9LwBM0XX%2B3rUMBUGxdta%2Bvxxokokn41kOqV4bd%2FGMdYMLestg55hZ9S2i9HYjdE%2BzyRjGjkurlCDY18LVbsgAKcXanNp6q2ycLn4Qyg2Dmh8fLkIrdGyXriw%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61b800b18840062d-FRA
expires: Mon, 24 Jan 2022 00:23:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
35 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TZRSPH5

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8abce67d960dd80b17a55cd2f965e29fbecbb345a0ba540c971ba71bfad11d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36181
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 00:06:10 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Feb 2021 00:23:20 GMT

GET
H2 200 admtracker.lib.min.js Show response
pj.l.admedo.com/ 5 KB
2 KB 205ms
62ms Script
application/javascript 65.9.7.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pj.l.admedo.com/admtracker.lib.min.js
Requested by: Host: payl8r.com
URL: https://payl8r.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.50 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:15:16 GMT
content-encoding: gzip
last-modified: Tue, 25 Aug 2020 14:10:14 GMT
server: AmazonS3
age: 491
etag: W/"5a420213029638ecea775a40089898aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 673c96d1f19de21216629aa48d90ac92.cloudfront.net (CloudFront)
cache-control: public,max-age=900
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: OktkfnQSeGqCKJ7e0vI6AHpHxwSilsOfWjRg5k8pSjy8VoNuv1IEwg==

GET
H2 200 postermob-7355ffd417e2ce2ad35b68b1e4898cea.webp
payl8r.com/static/ 22 KB
22 KB 85ms
84ms Image
binary/octet-stream 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://payl8r.com/static/postermob-7355ffd417e2ce2ad35b68b1e4898cea.webp

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1249e2284576f49668779cd8f4b1407aaaf6d1f7e0ede44317a3e4a4199774c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3693
cf-ray: 61b800b1caa3c785-AMS
vary: Accept-Encoding
content-length: 22582
x-amz-id-2: Dx2r0g3AGgGcv4o+/gKJ5NOJvR4yOqELIQY9AlHEK9FtkJuJ6AkLkeWYujS716zKBFvlTMeHbyE=
last-modified: Tue, 02 Feb 2021 08:48:53 GMT
server: cloudflare
etag: "7355ffd417e2ce2ad35b68b1e4898cea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4ev4okCrh326UaVGQrzpp8pIskaBdb2qptI57B7lseq5i0reLxxmh9VMJzgDztcimrvnabYZIcUUEbrc%2FJQ6Phtiq2cxiboVURlN"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: FP1Z9WAS7S9JCG2R
cache-control: max-age=259200
cf-request-id: 0806dec3200000c785da9c0000000001
accept-ranges: bytes
content-type: binary/octet-stream

GET
H2 206 hero-web-0719c299baeca58a9272f8d96cc893e1.mp4
payl8r.com/static/ 6 MB
6 MB 185ms
185ms Media
video/mp4 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/static/hero-web-0719c299baeca58a9272f8d96cc893e1.mp4

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58111290c02856c00d3b14ec7c0c584cae84f28e480c390d43b5ce0a1325c123

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: CB51F5F0CDD0E0B9
Content-Range: bytes 0-6259355/6259356
Content-Length: 6259356
x-amz-id-2: RU858y5X37wNQ4Ud8Djd2TBA0zUHZcbBWaxvE00IuyJ9mCp3lH6B8Te6llKlebrtt5Q4N5acPgY=
last-modified: Tue, 02 Feb 2021 08:48:53 GMT
server: cloudflare
etag: "0719c299baeca58a9272f8d96cc893e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kkg8sRzeNvNDjKXYIvo%2FmETV2H6N7U2dfxg10PZmuFS976ZMUzkvOaG3eHnwY%2FF7LRVV2j0n0TGZuBY7UcW3qtfIO%2F762XhWuRqH"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
cf-request-id: 0806dec3260000c7856f16d000000001
cf-ray: 61b800b1daaec785-AMS

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 13 KB
13 KB 8ms
7ms Font
font/woff 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1y9osUZiYySUhiCXAA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db6e9800cf0dfb3407e2ebe938a425bae9d63d9d266c2917af5fd9459c6a9235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://payl8r.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:33:16 GMT
server: sffe
age: 111706
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13160
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:34 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v17/ 13 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://payl8r.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 08:42:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:30 GMT
server: sffe
age: 574871
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13732
x-xss-protection: 0
expires: Thu, 27 Jan 2022 08:42:09 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_c5H3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://payl8r.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Feb 2021 17:21:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:06 GMT
server: sffe
age: 111719
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13516
x-xss-protection: 0
expires: Tue, 01 Feb 2022 17:21:21 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v17/ 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://payl8r.com
Referer: https://fonts.googleapis.com/css?family=Lato:400,900|Montserrat:800|Oswald:600&display=swap
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 06:30:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:12:59 GMT
server: sffe
age: 323575
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14044
x-xss-protection: 0
expires: Sun, 30 Jan 2022 06:30:25 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 50ms
36ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-63459940-1

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6762eee7329e09b916ba2d6beb05d4b408110de8e42e8529fb1e639fe95742cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38878
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Feb 2021 00:23:20 GMT

GET
DATA 200
OK truncated
/ 600 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ae08a40b437d1664b37e4259ad08da4342dac2b312fae6dd7d36b22a394edb6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZRSPH5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4157
date: Tue, 02 Feb 2021 23:14:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 03 Feb 2021 01:14:03 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-730590535

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TZRSPH5

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eb4a70cde9a5582e05ca94401cee761fd8e1020ef6a6e1ebc12a9a61a1e06264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38857
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 00:06:10 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Feb 2021 00:23:20 GMT

GET
H/1.1 200 widget Show response
salesiq.zoho.eu/ 102 KB
30 KB 204ms
90ms Script
text/javascript 213.244.146.28
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.eu/widget

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

213.244.146.28 , United Kingdom, ASN3356 (LEVEL3, US),

Reverse DNS

Software

ZGS /

Resource Hash

c93f847e887532ea39ad124e21db580d59ed1d5d4e2c522a540f9bb38c8ff4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
Date: Wed, 03 Feb 2021 00:23:20 GMT
Content-Encoding: gzip
Server: ZGS
ETag: W/517347083
vary: accept-encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000
Expires: Wed, 03 Feb 2021 00:28:20 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
62 B 13ms
13ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=313753738&t=pageview&_s=1&dl=https%3A%2F%2Fpayl8r.com%2F&ul=en-us&de=UTF-8&dt=Buy%20Now%20Pay%20Later%20%7C%20Online%20Finance%20%7C%20Quick%20Finance%20UK%20%E2%80%93%20PayL8r&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=371598405&gjid=1077703817&cid=2145205864.1612311801&tid=UA-63459940-1&_gid=673565126.1612311801&_r=1&gtm=2wg1k0TZRSPH5&z=523899594

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 00:23:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payl8r.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 91e29a4ac2f2c35bf88faed680b706cd31650b87f89484d5164efc7ce32e582d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pages-manifest-f30eb924e836de6cd4d8.js Show response
payl8r.com/ 2 KB
1 KB 204ms
203ms Script
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/pages-manifest-f30eb924e836de6cd4d8.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/webpack-runtime-79206f694eec4dffb6d8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

738b0080a3fe6cb7263eea6704c1895b3499879f44818deea07091696efec126

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3692
cf-polished: origSize=2465
vary: Accept-Encoding
x-amz-request-id: 15C9AA69C67E97E9
x-amz-id-2: nv1yskTCUIX+jldu9gavHIDsnKfUyI3PQbJtOP97fcIpRB6oivGdNPzhmFJCG+gLDDgopMt04L0=
last-modified: Tue, 02 Feb 2021 08:48:49 GMT
server: cloudflare
etag: W/"db10f6721f139046013605d43c978cca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dfECQJScTDbFxGIvHnDvBL36w5zf5gEl5lw9iU6sXlo37iMipSRyJkSyK%2FbvAkncd4kUmBO0wt%2Fuxtf9aMgHEOk9%2FJpF32nl%2FQC%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec5210000c7858f9a3000000001
cf-ray: 61b800b50d97c785-AMS
cf-bgj: minify

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
81 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-63459940-1&cid=2145205864.1612311801&jid=371598405&gjid=1077703817&_gid=673565126.1612311801&_u=YEBAAEAAAAAAAC~&z=1872050546

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Feb 2021 00:23:20 GMT
content-type: text/plain
access-control-allow-origin: https://payl8r.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 path---index-6a9-0SUcWyAf8ecbYDsMhQkEfPzV8.json
payl8r.com/static/d/140/ 0
485 B 273ms
272ms Other
application/json 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/static/d/140/path---index-6a9-0SUcWyAf8ecbYDsMhQkEfPzV8.json

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: 8WANAZ3N7P2G9WER
x-amz-id-2: DI+ZhC/9U1BCRMnrwdcbKk9vwdZJ7iVvnkLkFsK+7s0csbuARAuHhk2PGraAYsPDA3SFoYvBZZg=
last-modified: Tue, 02 Feb 2021 08:48:52 GMT
server: cloudflare
etag: W/"02094403799cfe9d216f51de06d00d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=li%2BNYJVbsuom%2BSfAHh2r%2FchgxCd7ijGRVPvN9zmNR3uSSqxQTFurDWgDsFe15QMt9F9HRNMBQG9HUGzCuQ3waoZV5DhqkcVRD9am"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-request-id: 0806dec5210000c785a5909000000001
cf-ray: 61b800b50d98c785-AMS

GET
H2 200 component---src-pages-index-js-f844e8a532b7a9482466.js
payl8r.com/ 0
8 KB 174ms
174ms Other
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/component---src-pages-index-js-f844e8a532b7a9482466.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3694
cf-polished: origSize=21367
vary: Accept-Encoding
x-amz-request-id: BTDSFS7T5MEG4M5P
x-amz-id-2: 9mxfE9RZzDNMn3QeGVp7TxBs4hdycMvWUpok52Znxw6wYA/Cmgb3OL8npBrzOX9iqIkGRO1NdjA=
last-modified: Tue, 02 Feb 2021 08:48:48 GMT
server: cloudflare
etag: W/"2594345b5bafd7ac51b2cc6235ed713a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YNvzqOOO19H1iatOd8YDLsZuJcmdbtn4F8d7zR%2BJ09v3NWw5QQg6omV1ILLzTD4UMl%2FWf0bZ9bTeqWfk2gIqG8lieZTPzhxGGjJG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec5210000c7859e16b000000001
cf-ray: 61b800b50d9ac785-AMS
cf-bgj: minify

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
48 B 13ms
13ms XHR
text/plain 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=313753738&t=pageview&_s=1&dl=https%3A%2F%2Fpayl8r.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Buy%20Now%20Pay%20Later%20%7C%20Online%20Finance%20%7C%20Quick%20Finance%20UK%20%E2%80%93%20PayL8r&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAAC~&jid=25695859&gjid=1327271731&cid=2145205864.1612311801&tid=UA-63459940-1&_gid=673565126.1612311801&_r=1&gtm=2ou1k0&z=599253468

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 00:23:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://payl8r.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 229ms
74ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-730590535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

c4eb51f22f568120cf9ab08fbeae1a5369ec10fd7dba0ceba07038b07a9a9975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12189
x-xss-protection: 0
server: cafe
etag: 7685221537260973389
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Feb 2021 00:23:21 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 539 B
494 B 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-730590535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Jun 2020 00:15:00 GMT
server: sffe
age: 1387
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 366
x-xss-protection: 0
expires: Wed, 03 Feb 2021 01:00:14 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
417 B 74ms
16ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-63459940-1&cid=2145205864.1612311801&jid=25695859&gjid=1327271731&_gid=673565126.1612311801&_u=aEDAAUABAAAAAC~&z=223234184

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 03 Feb 2021 00:23:21 GMT
content-type: text/plain
access-control-allow-origin: https://payl8r.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 getembeddetails.ls Show response
salesiq.zoho.eu/ 32 KB
11 KB 135ms
135ms XHR
application/json 213.244.146.28
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://salesiq.zoho.eu/getembeddetails.ls?widgetcode=15303d58a492a597cc2e9155415abb265cbaa0bbdda793a872e4f088f377453a&fetchavuid=true&fetchapilang=true&lang_browser=en&currdomain=https%3A%2F%2Fpayl8r.com&pagetitle=Buy%20Now%20Pay%20Later%20%7C%20Online%20Finance%20%7C%20Quick%20Finance%20UK%20%E2%80%93%20PayL8r

Requested by

Host: salesiq.zoho.eu
URL: https://salesiq.zoho.eu/widget

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

213.244.146.28 , United Kingdom, ASN3356 (LEVEL3, US),

Reverse DNS

Software

ZGS /

Resource Hash

6d9d263507966dbb216e44353ed60b45718d17dd5ea35e0c0110a9127fce7e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Feb 2021 00:23:21 GMT
Content-Encoding: gzip
Referrer-Policy: strict-origin
Server: ZGS
X-Frame-Options: SAMEORIGIN
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://payl8r.com
Connection: keep-alive
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000
Access-Control-Allow-Credentials: true
vary: accept-encoding
X-XSS-Protection: 1

GET
H3-Q050 200 call-tracking_2.js Show response
www.gstatic.com/call-tracking/ 51 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_2.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 18:34:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 23 Apr 2020 17:15:00 GMT
server: sffe
age: 20940
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19708
x-xss-protection: 0
expires: Wed, 02 Feb 2022 18:34:21 GMT

GET
H2

200

wcm Show response
www.google.pl/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/730590535/wcm?cc=ZZ&dn=01614256363&cl=QMGPCLLI3aYBEMfar9wC&ct_eid=2
https://www.google.pl/pagead/attribution/wcm?cc=ZZ&dn=01614256363&cl=QMGPCLLI3aYBEMfar9wC

80 B
569 B

34ms
14ms

XHR
application/json

2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.pl/pagead/attribution/wcm?cc=ZZ&dn=01614256363&cl=QMGPCLLI3aYBEMfar9wC

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Wed, 03 Feb 2021 00:23:21 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.pl/pagead/attribution/wcm?cc=ZZ&dn=01614256363&cl=QMGPCLLI3aYBEMfar9wC
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://payl8r.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 floatbutton_1550909b2a5eac5fd6fcbc535271f54f_.css
css.zohocdn.com/salesiq/https/styles/ 107 KB
18 KB 240ms
75ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/floatbutton_1550909b2a5eac5fd6fcbc535271f54f_.css

Requested by

Host: salesiq.zoho.eu
URL: https://salesiq.zoho.eu/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 Sierre, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

b3b87ff288c1b0ff24858412597360cdeefdfc2d0d57155fa7293a07edb30290

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css
x-cache: HIT
vary: Accept-Encoding
content-length: 18234
x-xss-protection: 1
x-sts-request-id: ex1-60153527bda7c63210c3dd30
last-modified: Fri, 29 Jan 2021 13:53:11 GMT
server: ZGS
etag: "30ba7d24ae85abb714f8e3a9e4faeb5a"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
timing-allow-origin: *

GET
H2 200 floatbutton_0d6c5a92fcd8169ad47ab5bd1ec25b24_.js Show response
js.zohocdn.com/salesiq/https/js/ 55 KB
12 KB 232ms
74ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/floatbutton_0d6c5a92fcd8169ad47ab5bd1ec25b24_.js

Requested by

Host: salesiq.zoho.eu
URL: https://salesiq.zoho.eu/widget

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 Sierre, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

a502e809548dd66d52f928ed10377350f6a2cbdd0bb49a6f468ce645fde1e92b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 11854
x-xss-protection: 1
x-sts-request-id: ex1-6011599fbda7c63210beeb2f
last-modified: Wed, 27 Jan 2021 08:52:35 GMT
server: ZGS
etag: "82a6822e9338d6a1cebecb94b58d658e"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
timing-allow-origin: *

GET
H2 200 path---shop-directory-226-785-hIkTs5YDE07jo7hgwsVyH5Co9sQ.json
payl8r.com/static/d/740/ 0
8 KB 174ms
173ms Other
application/json 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/static/d/740/path---shop-directory-226-785-hIkTs5YDE07jo7hgwsVyH5Co9sQ.json

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: 8D71DDE015F575F7
x-amz-id-2: pYuUyotICYTJRebMUOhHOFHQag4hl0hxER8ZX2Zbol183QLuvVNY/n7ec8c50GdYYrg1QTXoIMA=
last-modified: Tue, 02 Feb 2021 08:48:52 GMT
server: cloudflare
etag: W/"cf3311207ca26909f32e1c4fb9e5b548"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fv%2FOaLnAZ7vM68NsJ7Tq%2FEdpE5Cxdcjd6VW%2FXT8pjGfTSgSLoNQs6CqVX7Hp67cdfy9muybxuiQqRYPujGN8vpuPCF3xngaFSMLP"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-request-id: 0806dec56f0000c785b09af000000001
cf-ray: 61b800b57e06c785-AMS

GET
H2 200 component---src-pages-shop-directory-js-82355e818b92473996ce.js
payl8r.com/ 0
4 KB 61ms
60ms Other
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/component---src-pages-shop-directory-js-82355e818b92473996ce.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3127
cf-polished: origSize=9972
vary: Accept-Encoding
x-amz-request-id: E9780DC366D86ED2
x-amz-id-2: MpjP98Fwg6GqOzryw4xgwQDr+n3pdHEncTGNM8W9n+e/D0P+3cE/9N4HfItVAWWM9ox5uDmSeS4=
last-modified: Tue, 02 Feb 2021 08:48:48 GMT
server: cloudflare
etag: W/"afbee2d2df4dca740794c512dc0ed6bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jUZyKswL3oc0laNs3Zikx7NpUFngY%2Fa5kCT2KScsGOyUPMP3wirJ%2FJMDEJptKCU1DU8ZhToypE5%2F4WGm9PdikhN1Omltyo%2F4uxIS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec56f0000c7858537b000000001
cf-ray: 61b800b57e07c785-AMS
cf-bgj: minify

GET
H2 200 path---merchants-273-8be-0SUcWyAf8ecbYDsMhQkEfPzV8.json
payl8r.com/static/d/134/ 0
399 B 121ms
120ms Other
application/json 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/static/d/134/path---merchants-273-8be-0SUcWyAf8ecbYDsMhQkEfPzV8.json

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: FC92CA29D6737FFB
x-amz-id-2: cPCAx6oOylm5lfOHE0mEfvgcPRE6RhP4ruTr4TBl7Ia6L8IsQR4yqEMYL7sqzAvpa3lLzRF7HZU=
last-modified: Tue, 02 Feb 2021 08:48:52 GMT
server: cloudflare
etag: W/"02094403799cfe9d216f51de06d00d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MoWA4LYpZXo0Vr%2BRAt2rxgm8E6oVaAO7acuap%2BqynLehHS3lrzJyBTXP3sIfr38Z15aECfXiIj4BZnKkGOlkR9vnwfWojuHdoIke"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-request-id: 0806dec5700000c785d8298000000001
cf-ray: 61b800b57e08c785-AMS

GET
H2 200 component---src-pages-merchants-js-a186127fa5635ae42eaa.js
payl8r.com/ 0
34 KB 65ms
63ms Other
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/component---src-pages-merchants-js-a186127fa5635ae42eaa.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3127
cf-polished: origSize=60984
vary: Accept-Encoding
x-amz-request-id: F2B1584240B9024A
x-amz-id-2: 9XVdjq3+dy2DJlpENoKtB/LUOJePch2BSUPP+oIYUDzj+6SruaGs11m+NEQh8DqDNVXhA3AJBYM=
last-modified: Tue, 02 Feb 2021 08:48:48 GMT
server: cloudflare
etag: W/"f4dc73be30a6c0f0940ee6b50c0bf202"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2BkFS7odPLW0HAQqnOn28m%2BTS7QMW%2FuT65O7dJxQdW4s%2FuRRpLi%2Bcg5RfouQwISlP6sMgPrHwwAU9oks6ZHRTELlBs6C61kEXNgR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec5700000c785ba8fe000000001
cf-ray: 61b800b57e0ac785-AMS
cf-bgj: minify

GET
H2 200 path---contact-us-110-75b-0SUcWyAf8ecbYDsMhQkEfPzV8.json
payl8r.com/static/d/170/ 0
403 B 176ms
175ms Other
application/json 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/static/d/170/path---contact-us-110-75b-0SUcWyAf8ecbYDsMhQkEfPzV8.json

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: 1328A14AE746E25F
x-amz-id-2: L4WcFL7HMWNhRPWdi0mHrvOZ1eo5hp8RdBc+8EvEQw6qsQnYaK+jWzMy7bpFxDAd4w4Mo7fH9S0=
last-modified: Tue, 02 Feb 2021 08:48:52 GMT
server: cloudflare
etag: W/"02094403799cfe9d216f51de06d00d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OZAPYjdZFYv9%2BfDFMLIRmvxXAjyiGX4qJop6A6CLuF5NIMmsQ%2B5BVnXCEgSqi2zLaraP%2FIPl9tYKAQFTBniz61zgM4H9Sb3pOJUZ"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-request-id: 0806dec5700000c785bb2ba000000001
cf-ray: 61b800b58e0bc785-AMS

GET
H2 200 component---src-pages-contact-us-js-18882df14a8c1976b60e.js
payl8r.com/ 0
5 KB 63ms
62ms Other
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/component---src-pages-contact-us-js-18882df14a8c1976b60e.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3133
cf-polished: origSize=11991
vary: Accept-Encoding
x-amz-request-id: 0F23CB0140B29051
x-amz-id-2: 4jMDfBumpO/ZeUWAWmQQXNKU4aWPNrBuUwMcz0oxx0VIGJERoZyXVHBY+p0ZPTWlvpa3cujHBrY=
last-modified: Tue, 02 Feb 2021 08:48:48 GMT
server: cloudflare
etag: W/"afb383aaee70b547787a8e26df8fe250"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5LaCADHyQ8wfW6UqvTqME6uYZJKWWksqaywbpedRFb7oYiEfXFXblDY1yWqKEHwE6KRdR%2FittQNFPSRgk5htAJApWvNHu%2FdXg9rE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec5710000c7857937c000000001
cf-ray: 61b800b58e0dc785-AMS
cf-bgj: minify

GET
H2 200 path---how-it-works-9-f-8-5b3-0SUcWyAf8ecbYDsMhQkEfPzV8.json
payl8r.com/static/d/257/ 0
402 B 112ms
111ms Other
application/json 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/static/d/257/path---how-it-works-9-f-8-5b3-0SUcWyAf8ecbYDsMhQkEfPzV8.json

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-request-id: F77E7DE387AB551D
x-amz-id-2: 6/CAzVgGxK42pn3bKDb28wQoyg3BIXoQQc3RdieWw85ONs/M2RsCoim1R7hNqeRIQcspFgdkJp0=
last-modified: Tue, 02 Feb 2021 08:48:52 GMT
server: cloudflare
etag: W/"02094403799cfe9d216f51de06d00d63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WtHsghfq6q1N1Wl7TDGGJaOVhYaDhPYFABX2g5mcRQQf%2Fvqw7zGuCcBA7bg%2BGESOG5xMyygum41N%2FwRuRCcjTcp%2B4Cb76yHwZtex"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-request-id: 0806dec5710000c785da9d6000000001
cf-ray: 61b800b58e0ec785-AMS

GET
H2 200 component---src-pages-how-it-works-js-698fb4652cfc5061ddfa.js
payl8r.com/ 0
9 KB 82ms
81ms Other
application/javascript 172.67.74.35
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://payl8r.com/component---src-pages-how-it-works-js-698fb4652cfc5061ddfa.js

Requested by

Host: payl8r.com
URL: https://payl8r.com/app-0aa983b8b328d17f8440.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.35 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 3127
cf-polished: origSize=25691
vary: Accept-Encoding
x-amz-request-id: 54751197E6F94D94
x-amz-id-2: friknbm2ToBBLZWy2I+KczPseE19vj8818i07/LL0/nWQeECefK2TFysQhHjzYEUMjiG525QsNM=
last-modified: Tue, 02 Feb 2021 08:48:48 GMT
server: cloudflare
etag: W/"f4069a7afe4769c8e65965cb05a7b12b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ajOHOJRpLtatvKHpHTsKuIdL0A%2F1p1ODKWA4Bd%2BEK1TaizQH9JxIk%2Be6olEB9FkT8c9VhCcPI8AzEJAKAJz0%2F%2ByjRXEVnZD6bG%2B2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=259200
cf-request-id: 0806dec5870000c7856f92a000000001
cf-ray: 61b800b5ae2cc785-AMS
cf-bgj: minify

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/730590535/ 2 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/730590535/?random=1612311801288&cv=9&fst=1612311801288&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpayl8r.com%2F&tiba=Buy%20Now%20Pay%20Later%20%7C%20Online%20Finance%20%7C%20Quick%20Finance%20UK%20%E2%80%93%20PayL8r&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c7a0633e524bd84fa30660f455f8df85f6aa60d1ce85a91f5a1bfed0952c7b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 00:23:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/730590535/ 42 B
138 B 21ms
20ms Image
image/gif 2a00:1450:4001:816::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/730590535/?random=1612311801288&cv=9&fst=1612310400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpayl8r.com%2F&tiba=Buy%20Now%20Pay%20Later%20%7C%20Online%20Finance%20%7C%20Quick%20Finance%20UK%20%E2%80%93%20PayL8r&async=1&fmt=3&is_vtc=1&random=1466562616&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 00:23:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/730590535/ 42 B
154 B 19ms
19ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/730590535/?random=1612311801288&cv=9&fst=1612310400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa1k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpayl8r.com%2F&tiba=Buy%20Now%20Pay%20Later%20%7C%20Online%20Finance%20%7C%20Quick%20Finance%20UK%20%E2%80%93%20PayL8r&async=1&fmt=3&is_vtc=1&random=1466562616&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: payl8r.com
URL: https://payl8r.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Feb 2021 00:23:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 450b12b5-c5a2-4732-8a6c-8b9efb354aba.json Show response
ps.l.admedo.com/ 2 KB
804 B 336ms
188ms XHR
application/json 65.9.7.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ps.l.admedo.com/450b12b5-c5a2-4732-8a6c-8b9efb354aba.json
Requested by: Host: pj.l.admedo.com
URL: https://pj.l.admedo.com/admtracker.lib.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.71 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db5fe7988a302023618a2b6bc8b13cbb3b7e942db1a081841e39769945578b8b

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:22 GMT
content-encoding: gzip
last-modified: Thu, 13 Feb 2020 16:40:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: W/"5348dbafe949744db04ca1dc0a1cd794"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: public,max-age=900
x-cache: RefreshHit from cloudfront
x-amz-cf-id: aK4FR0kyd7_7oggkJT1y91phvS5M-i51yRNTt8aGKP9ixTLac3Rajg==
via: 1.1 7778e859490081303ab32e0feeba8515.cloudfront.net (CloudFront)

GET
H2

200

pixel Show response
pool.admedo.com/ul_cb/
Redirect Chain

https://pool.admedo.com/pixel?id=137929,137957&t=js
https://pool.admedo.com/ul_cb/pixel?id=137929,137957&t=js

0
216 B

66ms
66ms

Script
text/javascript

35.210.53.219
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://pool.admedo.com/ul_cb/pixel?id=137929,137957&t=js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.210.53.219 Mountain View, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 219.53.210.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:22 GMT
via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
alt-svc: clear
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://pool.admedo.com/ul_cb/pixel?id=137929,137957&t=js
date: Wed, 03 Feb 2021 00:23:21 GMT
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 newembedtheme_0a86fc156c7c6ac6714ec2614cff8f15_.css
css.zohocdn.com/salesiq/https/styles/ Frame F8F6 175 KB
33 KB 85ms
83ms Stylesheet
text/css 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://css.zohocdn.com/salesiq/https/styles/newembedtheme_0a86fc156c7c6ac6714ec2614cff8f15_.css

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_0d6c5a92fcd8169ad47ab5bd1ec25b24_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 Sierre, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

5b97867dcb3eb62fc922d2281302e66931e1b608dda218ae5106ea86f47028b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: text/css
x-cache: HIT
vary: Accept-Encoding
content-length: 32946
x-xss-protection: 1
x-sts-request-id: ex1-6015352c7c42e84ee6842c59
last-modified: Fri, 29 Jan 2021 13:53:02 GMT
server: ZGS
etag: "40099b7231f1620fd9fe6698ee8a575d"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
timing-allow-origin: *

GET
H2 200 Jan_19_2021_1_wmsliteapi.js Show response
js.zohocdn.com/ichat/js/ Frame F8F6 14 KB
4 KB 73ms
72ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/Jan_19_2021_1_wmsliteapi.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_0d6c5a92fcd8169ad47ab5bd1ec25b24_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 Sierre, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

be4b9320e0735e955904b9b01d7df112e0db10694bf098e88a5a9a4610781c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 4190
x-xss-protection: 1
x-sts-request-id: ex1-6006e2e6bda7c63210b302f6
last-modified: Tue, 19 Jan 2021 12:58:39 GMT
server: ZGS
etag: "bce052c611d1118ad89736731b72778e"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
timing-allow-origin: *

GET
H2 200 siqnewchatwindow_512b0955da698dceaf2cc5b400cf7254_.js Show response
js.zohocdn.com/salesiq/https/js/ Frame F8F6 845 KB
181 KB 85ms
84ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/siqnewchatwindow_512b0955da698dceaf2cc5b400cf7254_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_0d6c5a92fcd8169ad47ab5bd1ec25b24_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 Sierre, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

20b9025824394964a23addb1c45cb58f01186dc7fb52e5a20463d97e6af220f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 184949
x-xss-protection: 1
x-sts-request-id: ex1-6012e83e7c42e84ee68184b0
last-modified: Thu, 28 Jan 2021 15:47:56 GMT
server: ZGS
etag: "a3f75234e9e99dac461f475b249e9468"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
timing-allow-origin: *

GET
H2 200 resource_fc34de1d5ccc2882bdb2cbf654c70fae_.js Show response
js.zohocdn.com/salesiq/https/js/resource/embed/ Frame F8F6 39 KB
10 KB 182ms
181ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/resource/embed/resource_fc34de1d5ccc2882bdb2cbf654c70fae_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_0d6c5a92fcd8169ad47ab5bd1ec25b24_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 Sierre, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

4d4c0127870b55b5a8576134e2cc49194c31ec5a64683d695da73c61dfa65f33

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 10000
x-xss-protection: 1
x-sts-request-id: ex1-5fec432dbda7c63210988004
last-modified: Thu, 24 Dec 2020 13:59:25 GMT
server: ZGS
etag: "60dd55d293f1be52baf9c60ef28b2476"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
timing-allow-origin: *

GET
H2 200 embedmedia-rtc_0c4afa6df23e97b774cd56ae023004a4_.js Show response
js.zohocdn.com/salesiq/https/js/ Frame F8F6 184 KB
38 KB 182ms
181ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/salesiq/https/js/embedmedia-rtc_0c4afa6df23e97b774cd56ae023004a4_.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/floatbutton_0d6c5a92fcd8169ad47ab5bd1ec25b24_.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 Sierre, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

4d64a98fd6f3512eb819a6e94889545d16302b6f8af396ff6779f3c30d493cd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 38767
x-xss-protection: 1
x-sts-request-id: ex1-601159a4bda7c63210beeb44
last-modified: Wed, 27 Jan 2021 08:52:23 GMT
server: ZGS
etag: "110e2890331980684b26ac1e61e53599"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
timing-allow-origin: *

GET
H2 200 73291e5e_wmsbridge.js Show response
js.zohocdn.com/ichat/js/ Frame F8F6 12 KB
4 KB 164ms
164ms Script
application/javascript 185.20.209.147
COMPUTERLINE Comp...

General

Check archive.org

Show headers Download Go to

Full URL

https://js.zohocdn.com/ichat/js/73291e5e_wmsbridge.js

Requested by

Host: js.zohocdn.com
URL: https://js.zohocdn.com/ichat/js/Jan_19_2021_1_wmsliteapi.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.20.209.147 Sierre, Switzerland, ASN41913 (COMPUTERLINE Computerline, Schlierbach, Switzerland, CH),

Reverse DNS

Software

ZGS /

Resource Hash

ec59872055a6edaa85fed24b4ef82f9a99c8f052132d24482b39f2b02bb05cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://payl8r.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 00:23:26 GMT
content-encoding: br
x-content-type-options: nosniff
content-type: application/javascript
x-cache: HIT
vary: Accept-Encoding
content-length: 3432
x-xss-protection: 1
x-sts-request-id: ex1-5fddc0117c42e84ee64bb059
last-modified: Sat, 19 Dec 2020 03:20:25 GMT
server: ZGS
etag: "659ae71697931fca2566bac98ce1b8ab"
strict-transport-security: max-age=15768000
content-language: en-US
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=5184000, immutable
timing-allow-origin: *

GET embedpostload_1d4b0964e559f6c6464a377ee2a1d604_.js
js.zohocdn.com/salesiq/https/js/ Frame F8F6 0
0

GET embedpostload_b08f1e6aa9116b31b91b3d87dff43aa0_.css
css.zohocdn.com/salesiq/https/styles/ Frame F8F6 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: js.zohocdn.com
URL: https://js.zohocdn.com/salesiq/https/js/embedpostload_1d4b0964e559f6c6464a377ee2a1d604_.js

Domain: css.zohocdn.com
URL: https://css.zohocdn.com/salesiq/https/styles/embedpostload_b08f1e6aa9116b31b91b3d87dff43aa0_.css

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.payl8r.com/	1970-01-19 15:51:51	Name: _gat_gtag_UA_63459940_1 Value: 1
.payl8r.com/	1970-01-19 15:51:51	Name: _gat_UA-63459940-1 Value: 1
payl8r.com/	1970-01-19 15:51:55	Name: AWSELB Value: 67D965D504DF1086DC57343127669328995CF5B57C480ADA92870B6C869B34914074A3F5D953ECC2310CFBCC7E8928AD7317DE46137D20E8BA9DE24FE7A300B864EBB18264
.payl8r.com/	1970-01-20 09:23:03	Name: _ga Value: GA1.2.2145205864.1612311801
.payl8r.com/	1970-01-19 15:53:18	Name: _gid Value: GA1.2.673565126.1612311801
.payl8r.com/	1970-01-19 18:01:27	Name: _gcl_au Value: 1.1.1214244013.1612311801
payl8r.com/	1970-01-19 15:51:55	Name: AWSELBCORS Value: 67D965D504DF1086DC57343127669328995CF5B57C480ADA92870B6C869B34914074A3F5D953ECC2310CFBCC7E8928AD7317DE46137D20E8BA9DE24FE7A300B864EBB18264
.payl8r.com/	1970-01-19 16:35:03	Name: __cfduid Value: df7279b92b8cfcb49fcd384175cd8908e1612311800

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
css.zohocdn.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.zohocdn.com
payl8r.com
pj.l.admedo.com
pool.admedo.com
ps.l.admedo.com
salesiq.zoho.eu
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.google.pl
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
css.zohocdn.com
js.zohocdn.com
172.217.18.98
172.67.74.35
185.20.209.147
213.244.146.28
2606:4700::6810:135e
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:816::2004
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2003
2a00:1450:400c:c00::9a
2a00:1450:400c:c00::9c
35.210.53.219
65.9.7.50
65.9.7.71
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0fcbf25f0b90f6e8a66a7ec7fe7eb919706b8dac6cd26e2464b481f89e839c15
1249e2284576f49668779cd8f4b1407aaaf6d1f7e0ede44317a3e4a4199774c1
1376ef0e7348d6b33bbe40988912dc22bdd7ccffdfc58854fc3b7b08bb26ad36
20b9025824394964a23addb1c45cb58f01186dc7fb52e5a20463d97e6af220f7
3c7a0633e524bd84fa30660f455f8df85f6aa60d1ce85a91f5a1bfed0952c7b4
412c173f93136f00006d6941a755fc6b84e29ea6a772cd274a668deef3e77dd1
4d4c0127870b55b5a8576134e2cc49194c31ec5a64683d695da73c61dfa65f33
4d64a98fd6f3512eb819a6e94889545d16302b6f8af396ff6779f3c30d493cd9
58111290c02856c00d3b14ec7c0c584cae84f28e480c390d43b5ce0a1325c123
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
5b97867dcb3eb62fc922d2281302e66931e1b608dda218ae5106ea86f47028b2
6762eee7329e09b916ba2d6beb05d4b408110de8e42e8529fb1e639fe95742cb
6935458d9c0d346d2ccbff206bb6287894cae681cd1cf5e1a9fcef0c25120804
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c81ed2156b3ef967c9a55e5e0098b41123997e48525b037df83757ffa694066
6d9d263507966dbb216e44353ed60b45718d17dd5ea35e0c0110a9127fce7e54
738b0080a3fe6cb7263eea6704c1895b3499879f44818deea07091696efec126
74b6d8e710fb2006e2a3c6a3cc91ae9874ef9b08c3e8935f5b71fe1474a2adab
7ae08a40b437d1664b37e4259ad08da4342dac2b312fae6dd7d36b22a394edb6
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
80830dc8f88102b30c93db24f56a23a64b4b8b4207cbf8a9bf485ca20e981621
8abce67d960dd80b17a55cd2f965e29fbecbb345a0ba540c971ba71bfad11d88
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
91e29a4ac2f2c35bf88faed680b706cd31650b87f89484d5164efc7ce32e582d
973ebbead06df6ace22a88d2856663d37845792bdf1b40ff69df2e20912fedef
99eace92e2b9e41a2896e111345d00a4dc6107656adaf52ce756ea76a12ac41d
a169671bcc8a40802448dd21c4d48328302f076b238d035c30816bcf920c201f
a502e809548dd66d52f928ed10377350f6a2cbdd0bb49a6f468ce645fde1e92b
b3b87ff288c1b0ff24858412597360cdeefdfc2d0d57155fa7293a07edb30290
b6de95067f387a7502caf98cc87da9fac659f401596c3d616c0d7087fe30978b
be4b9320e0735e955904b9b01d7df112e0db10694bf098e88a5a9a4610781c33
c4eb51f22f568120cf9ab08fbeae1a5369ec10fd7dba0ceba07038b07a9a9975
c93f847e887532ea39ad124e21db580d59ed1d5d4e2c522a540f9bb38c8ff4a3
d42742d2c26d2465bdc7687bd47ceae4c4f394fb46ab8a39b06937cb898b7727
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
db5fe7988a302023618a2b6bc8b13cbb3b7e942db1a081841e39769945578b8b
db6e9800cf0dfb3407e2ebe938a425bae9d63d9d266c2917af5fd9459c6a9235
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb4a70cde9a5582e05ca94401cee761fd8e1020ef6a6e1ebc12a9a61a1e06264
ec59872055a6edaa85fed24b4ef82f9a99c8f052132d24482b39f2b02bb05cd2
ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

payl8r.com Open in urlscan Pro 172.67.74.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

58 Requests

97 %HTTPS

65 %IPv6

14 Domains

19 Subdomains

21 IPs

5 Countries

7179 kBTransfer

9623 kBSize

8 Cookies

5 Outgoing links

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

payl8r.com Open in urlscan Pro
172.67.74.35 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

97 %
HTTPS

65 %
IPv6

14
Domains

19
Subdomains

21
IPs

5
Countries

7179 kB
Transfer

9623 kB
Size

8
Cookies

58 HTTP transactions
2 data transactions