www.payetteforward.com Open in urlscan Pro
2606:4700:20::681a:b95 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.payetteforward.com/
Submission: On January 28 via automatic, source certstream-suspicious (January 28th 2021, 11:50:44 pm UTC)

Summary HTTP 66 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 21 domains to perform 66 HTTP transactions. The main IP is 2606:4700:20::681a:b95, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.payetteforward.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 10th 2020. Valid for: a year.

This is the only time www.payetteforward.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700:20:... 2606:4700:20::681a:b95	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
6	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700::68... 2606:4700::6813:9059	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:21f... 2600:9000:21f3:200:5:c4ab:c3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.220.145 185.33.220.145	29990 (ASN-APPNEX) (ASN-APPNEX)
3 3	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
1	150.136.26.45 150.136.26.45	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 1	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
2	2600:9000:20e... 2600:9000:20eb:ba00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
66	20

26 2606:4700:20::681a:b95 (United States)

ASN13335 (CLOUDFLARENET, US)

www.payetteforward.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.71.249.118 (Atlanta, United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6813:9059 (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:200:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bid.underdog.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.145 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.216 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom) 1 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.26.45 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898, US)

sync.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Germany) 1 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.214.206.142 (United Kingdom) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:20eb:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	payetteforward.com www.payetteforward.com	319 KB
9	termly.io app.termly.io	121 KB
6	udmserve.net udmserve.net	7 KB
5	pubmatic.com 5 redirects image8.pubmatic.com image2.pubmatic.com image4.pubmatic.com	3 KB
3	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
3	underdog.media bid.underdog.media	155 KB
3	doubleclick.net 2 redirects stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	quantcount.com rules.quantcount.com	704 B
2	adnxs.com 2 redirects secure.adnxs.com	2 KB
2	google.de ampcid.google.de www.google.de	975 B
2	google.com ampcid.google.com www.google.com	834 B
2	googletagmanager.com www.googletagmanager.com	55 KB
2	cloudflare.com ajax.cloudflare.com cdnjs.cloudflare.com	11 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	admanmedia.com 1 redirects cs.admanmedia.com	394 B
1	admixer.net 1 redirects inv-nets.admixer.net	472 B
1	sonobi.com sync.go.sonobi.com	501 B
1	technoratimedia.com sync.technoratimedia.com	300 B
1	1rx.io 1 redirects sync.1rx.io	307 B
1	gstatic.com fonts.gstatic.com	13 KB
66	21

	Domain	Requested by
26	www.payetteforward.com	www.payetteforward.com ajax.cloudflare.com
9	app.termly.io	www.payetteforward.com app.termly.io
6	udmserve.net	www.payetteforward.com
3	image8.pubmatic.com	3 redirects
3	bid.underdog.media	udmserve.net bid.underdog.media
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	pixel.quantserve.com	www.payetteforward.com
2	rules.quantcount.com	secure.quantserve.com
2	cm.g.doubleclick.net	2 redirects
2	secure.adnxs.com	2 redirects
2	www.googletagmanager.com	www.payetteforward.com
2	fonts.googleapis.com	www.payetteforward.com
1	cs.admanmedia.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	sync.go.sonobi.com	www.payetteforward.com
1	sync.technoratimedia.com	www.payetteforward.com
1	sync.1rx.io	1 redirects
1	image4.pubmatic.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	secure.quantserve.com	udmserve.net
1	www.google.de	www.payetteforward.com
1	www.google.com	www.payetteforward.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	cdnjs.cloudflare.com	ajax.cloudflare.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.cloudflare.com	www.payetteforward.com
66	28

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.pinterest.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-10` - `2021-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
udmserve.net DigiCert SHA2 High Assurance Server CA	`2019-07-15` - `2021-10-14`	2 years	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
app.termly.io Go Daddy Secure Certificate Authority - G2	`2020-03-13` - `2021-05-12`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
www.underdog.media DigiCert SHA2 High Assurance Server CA	`2019-07-16` - `2021-10-18`	2 years	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh

This page contains 2 frames:

Primary Page: https://www.payetteforward.com/
Frame ID: 467F0B02C6B240FCC7ADD19AEF9CA66D
Requests: 67 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-KD2DGX
Frame ID: 428FB224587E824217F1EB86EEF59850
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

prettyPhoto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

html /(?:<link [^>]*href="[^"]*prettyPhoto(?:\.min)?\.css|<a [^>]*rel="prettyPhoto)/i

Page Statistics

66
Requests

100 %
HTTPS

61 %
IPv6

21
Domains

28
Subdomains

20
IPs

5
Countries

715 kB
Transfer

2155 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/payetteforwardinc

Search URL Search Domain Scan URL

URL: https://twitter.com/payetteforward

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/payetteforward/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Payetteforward

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;apnid=8457331651258229674

Request Chain 42

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MURFNzgyQ0UtMTg5MS00NTkxLTg4NzktMTc5OTJCMUY3RTNF&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MURFNzgyQ0UtMTg5MS00NTkxLTg4NzktMTc5OTJCMUY3RTNF&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D1DE782CE-1891-4591-8879-17992B1F7E3E HTTP 302
https://udmserve.net/udm/fetch.pix?pmid=1DE782CE-1891-4591-8879-17992B1F7E3E

Request Chain 43

https://sync.1rx.io/usersync2/underdogmedia HTTP 302
https://udmserve.net/udm/fetch.pix?roid=OPTOUT

Request Chain 46

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24 HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;admix=08b9aa5d80714b9dbabf00ecdc119860

Request Chain 47

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D HTTP 302
https://udmserve.net/udm/fetch.pix?dt=1;acu=afe45f51e44afbaa5f020965df2f922c4084bd9d

66 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.payetteforward.com/ 304 KB
41 KB 659ms
641ms Document
text/html 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bee02b09d9401a5ee7795a35f29afbc45a9c936e75350182c4840be0a01e33e5

Request headers

:method: GET
:authority: www.payetteforward.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:25 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d68af178fb49ec51e90d00528b635c5381611877825; expires=Sat, 27-Feb-21 23:50:25 GMT; path=/; domain=.payetteforward.com; HttpOnly; SameSite=Lax
cf-ray: 618e9d987f1cbef6-FRA
access-control-allow-origin: *
age: 245
cache-control: max-age=84600, public
last-modified: Thu, 28 Jan 2021 23:41:20 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-railgun: direct (starting new WAN connection)
cf-request-id: 07ed00d34d0000bef6ae310000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: public
x-cache: HIT
x-cacheable: YES
x-html-edge-cache-status: Bypass for Reload, Cached
x-lw-cache: STALE
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uslPI8KWbj0iURaVabKUGOrjTOxArNUaJu6utqeZFVYAmDzP%2BUI%2BN0%2BIwysjkb27H3d8j5H%2B0OqVG6bnjr2%2FvXcro3%2BgkBUWI%2FTlL4WNl2CPs4nj9Pu0fWRW85%2BzCYlY010M"}],"max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 proximanova-regular-webfont.woff2
www.payetteforward.com/fonts/proxima-nova-web/ 21 KB
22 KB 38ms
37ms Font
application/octet-stream 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/fonts/proxima-nova-web/proximanova-regular-webfont.woff2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 501ed6d7c49a3526af1f804fff30cc8b7b8608525b100f4140b7504cc5afd4bd

Request headers

Origin: https://www.payetteforward.com
Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 201858
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d5db0000bef6753b4000000001
last-modified: Tue, 15 May 2018 21:36:16 GMT
server: cloudflare
etag: W/"5afb52d0-5540"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DK3XfW21aiVdV4CDEEQEJ5sqln57BfWd0SRCP0ouACzOhq%2BvS%2FkH9i7QWpWZpPpjHXUZluJbqzr%2BCDKvqx552Bd3u69OBTovT3DrNYgTLyTDvUQoMDVtU6BNWNMmEDlDS%2BWY"}],"max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 618e9d9c9804bef6-FRA

GET
H2 200 proximanova-bold-webfont.woff2
www.payetteforward.com/fonts/proxima-nova-web/ 22 KB
22 KB 25ms
24ms Font
application/octet-stream 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/fonts/proxima-nova-web/proximanova-bold-webfont.woff2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4dac260dffc284594d633859fb508b2fcfade38b61c8af9cd55eb23adf9e89

Request headers

Origin: https://www.payetteforward.com
Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 201858
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d5dc0000bef671a5c000000001
last-modified: Tue, 15 May 2018 21:36:16 GMT
server: cloudflare
etag: W/"5afb52d0-57e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pmGwOPyy6LT41Q%2Bzw4lVg%2FIFqRBP9EIg7iZi0b4aH%2BUodXrhkXPANJ%2FhT2WnanfpnzCrqYLmfPOxToVXc3N2Wj0eqGK1QXMz7xdLJpRJPlNQyTHKwRuE7Jne0dBIPegqq6xK"}],"max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 618e9d9c9805bef6-FRA

GET
H2 200 fontawesome-webfont.woff2
www.payetteforward.com/wp-content/themes/smart-mag/css/fontawesome/fonts/ 55 KB
56 KB 34ms
33ms Font
application/octet-stream 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Origin: https://www.payetteforward.com
Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 201858
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d5dc0000bef68d2d8000000001
last-modified: Thu, 29 Dec 2016 19:10:32 GMT
server: cloudflare
etag: W/"58655fa8-ddcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gvnKaIvOZEJESD8frQsDGLuyuIoODHbMP3nIKnwxQSUcinFCpV2uSYrZS0Xq0ekwTdzD8GUC1g4b%2FBgO%2BVkU4y2yVkUPg%2BctpPgovqgc3WSXAUNb74eDLyW6RykGxwF0PfaO"}],"max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 618e9d9c9806bef6-FRA

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 16ms
14ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400Italic,600,700|Roboto+Slab|Merriweather:300italic&subset

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f3f2f99c81ceb76562cf44082d6f7be0f9add805cafa81989064606728d8120c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 23:02:34 GMT
server: ESF
date: Thu, 28 Jan 2021 23:50:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jan 2021 23:50:26 GMT

GET
H2 200 style.css
www.payetteforward.com/wp-content/themes/smart-mag/ 61 KB
14 KB 33ms
32ms Stylesheet
text/css 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/style.css?ver=2.5.2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c9c000242ec31f3d772ddcf4ae871f8a8484a931ae01de7256fcd7227980799

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201858
cf-polished: origSize=83758
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d5de0000bef67c86f000000001
last-modified: Mon, 08 Jun 2020 21:11:07 GMT
server: cloudflare
etag: W/"5edea96b-1472e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fkY9Qc1M0aaCXettU2Jz%2BFAM1YbVpmkgK3vhN8zVDu9Dmk8Jm%2B7AO2CredWuBSD6dzRp9gESFYWI8pPIO%2Fxoki4ZrdAAIkM%2F6YnX7TE4r2k2ZmLijsgySLH6G4KrGK2Jk27b"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 618e9d9c9807bef6-FRA
expires: Wed, 26 Jan 2022 15:46:07 GMT

GET
H2 200 responsive.css
www.payetteforward.com/wp-content/themes/smart-mag/css/ 16 KB
4 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/css/responsive.css?ver=2.5.2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 646f54e64d230bf10e2d2c14236c4f59b18257b96938951d346613671ee450b9

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201859
cf-polished: origSize=22152
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d5de0000bef69200a000000001
last-modified: Thu, 29 Dec 2016 19:10:32 GMT
server: cloudflare
etag: W/"58655fa8-5688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=S1EP4m3vuHJzi9SybcX95a3uW3wz9xiEx4JAxs%2FmBqZO9CzaASfGerSlBRhgk%2F3bX9y%2BsMEbB4PTmZ12bdY29CjG0c2FBB4XT9fz17DfdaLd9BSMK6sCrJxp26Oh5RxXtk0g"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 618e9d9c9808bef6-FRA
expires: Wed, 26 Jan 2022 15:46:07 GMT

GET
H2 200 font-awesome.min.css
www.payetteforward.com/wp-content/themes/smart-mag/css/fontawesome/css/ 23 KB
5 KB 27ms
26ms Stylesheet
text/css 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/css/fontawesome/css/font-awesome.min.css?ver=2.5.2
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3c5400087c7a0933a14001c67987c69be79772724a3c6c1dcaac4119d976e3

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d5df0000bef674185000000001
last-modified: Thu, 11 Jun 2020 16:08:40 GMT
server: cloudflare
etag: W/"5ee25708-5cce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WQPqD6t72f040xgJpG32z%2BiCg4LatAGEZqzRr6%2F2ed53dFOVgcZLvNvp76XCTap%2Fx3v3T1FhQ8jWu%2Bl9gWtr28lEQuYxN7HdA%2FnyJMOtAv6F6pzZKbOlWQ2QorZf4o6LcclF"}],"max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 618e9d9c9809bef6-FRA
expires: Wed, 26 Jan 2022 15:46:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
589 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A700&subset=

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af6be7b3a7dc23038ca85fd83573d48eed8ac9614472eb3b69e9039ba3aac229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 23:50:26 GMT
server: ESF
date: Thu, 28 Jan 2021 23:50:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Jan 2021 23:50:26 GMT

GET
H2 200 /
www.payetteforward.com/ 25 KB
6 KB 37ms
36ms Stylesheet
text/css 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/?sccss=1&ver=5.6
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9756d0cb0bf229f18e41d174a6234f7e18095f8e0c817bfb7c72d9eebb5f80b2

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-cacheable: YES
age: 201858
cf-polished: origSize=32554
x-cache: HIT
x-lw-cache: STALE
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d5e00000bef69a868000000001
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m38lDtCC1mLmNZLYyhllX%2FpqhaSdB%2Be4MvRfLEFTazgI469Ayx%2FdUn4Io7bctPiF1MDoF1IApZwNRr94pPjbhXRxxhpj%2FnkZmtpKP2uLYjsSww0P6eakh%2FXQCOrnh6FeTwfB"}],"max_age":604800}
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=691200
cf-ray: 618e9d9c980abef6-FRA

GET
H/1.1 200
OK img.fetch Show response
udmserve.net/udm/ 19 KB
5 KB 802ms
215ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=15839;tid=1;dt=6;
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: 8b40e66d9a36d9b7b0b99c883a712af50fce13d1cb360dafb4c818db3b346c42

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Jan 2021 23:50:26 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: application/x-javascript
Expires: 0

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 28ms
11ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"max_age":604800,"report_to":"cf-nel"}
vary: Accept-Encoding
cf-request-id: 07ed00d6150000c27c031d5000000001
last-modified: Mon, 25 Jan 2021 17:22:41 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"600efe61-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=N4xEb0ggd4d2%2BVpWSMTnG7%2BDjUk8z%2ByZcP6CizqbJ2go3RK2n3u0bRLfAP3KreTwubXbfFdtqgq1QX6a%2BVesTcy8ylESa7L6VIZnpCAJuDmFR0npmjpVGWqdjGpUDI%2BF"}],"max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 618e9d9cea62c27c-FRA
expires: Sat, 30 Jan 2021 23:50:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
55 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KD2DGX

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2131e0fea71e26cb304726f566fe16b68fae46e772be992ab18d30a651cc942

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55950
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:56:50 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 28 Jan 2021 23:50:26 GMT

GET
H2 200 ns.html
www.googletagmanager.com/ Frame 428F 0
0 15ms
15ms Document
text/html 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/ns.html?id=GTM-KD2DGX

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.googletagmanager.com
:scheme: https
:path: /ns.html?id=GTM-KD2DGX
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.payetteforward.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.payetteforward.com/

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: *
date: Thu, 28 Jan 2021 23:50:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 92
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dd07d410cf12478e9fedd90262cc824b7e8143b578bea4fd47b4cd3f608bc47

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5268a8afa9325a8e0ea0c0039216ccc1c87cc59303ca5d0e7cef64469d9221aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d44da8cb8d1fad9bc5999ce7e69b725b791d0abeab3b9ef837624ebf33b099ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6dc665f3ade51319cb3df1ed00c2af977e87837208c8a1906c0d05359e5cce4b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e64be9c7535deda51f0f11fa8210cdf025dbb3ebd12ee4dfa090965957069026

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2
fonts.gstatic.com/s/montserrat/v15/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE3gnD_vx3rCs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A700&subset=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.payetteforward.com
Referer: https://fonts.googleapis.com/css?family=Montserrat%3A700&subset=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 27 Jan 2021 08:43:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:15 GMT
server: sffe
age: 140827
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13612
x-xss-protection: 0
expires: Thu, 27 Jan 2022 08:43:19 GMT

GET
H2 200 lazyload.min.js Show response
www.payetteforward.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 8 KB
3 KB 31ms
29ms Script
application/javascript 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201859
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d6620000bef6a1818000000001
last-modified: Wed, 26 Aug 2020 14:48:35 GMT
server: cloudflare
etag: W/"5f467643-1ed2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ygfhRfxgscKvWY6hqYgT%2FT8mxWNJsYziHtuHb5UPNp0OKLXsoQnYfHgEF7J6PitFfBDa4UMDEtUjajA5S1zqULXSPOiAxjQ1zmtSYXHtQLgQ%2FQj2uIVPPsNq48qCpwnCTVwg"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 618e9d9d6829bef6-FRA
expires: Wed, 26 Jan 2022 15:46:07 GMT

GET
H2 200 wp-embed.min.js Show response
www.payetteforward.com/wp-includes/js/ 1 KB
1017 B 29ms
27ms Script
application/javascript 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-includes/js/wp-embed.min.js?ver=5.6
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201859
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d6630000bef67c054000000001
last-modified: Sat, 26 Oct 2019 04:17:08 GMT
server: cloudflare
etag: W/"5db3c8c4-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7oRtaLaHBp2SHc4NYXtcuEpaESHz6V5h0WUDMg3iqN%2BeTsd8WEd1fnGGRIk8fe2GiDbvS0wjy0%2F3df3NyG5Q%2FQigyvIUJ5Irm%2FnO9Nlm%2BgAjpdc03pVmjo9K0Hx5k%2FSStNKd"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 618e9d9d682abef6-FRA
expires: Wed, 26 Jan 2022 15:46:07 GMT

GET
H2 200 bunyad-theme.js Show response
www.payetteforward.com/wp-content/themes/smart-mag/js/ 33 KB
11 KB 27ms
25ms Script
application/javascript 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-content/themes/smart-mag/js/bunyad-theme.js?ver=2.5.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f7117e895cffdd63c9588a8975b3842c00083c4cef4ccebadbfb55f4810607

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201858
cf-polished: origSize=44001
cf-bgj: minify
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d6630000bef6ae31d000000001
last-modified: Mon, 08 Jun 2020 23:53:03 GMT
server: cloudflare
etag: W/"5edecf5f-abe1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yx8KtEy5UKpq9mWVrhE1SM1e4xTppt6df6%2Fb%2BhqtTnJNM7j%2BZz1u8i8plAguD30DD8bsHq48yv2xft9o1oVOXr3Y0xmov2ar4lcQ0yt9xP57fp88nFFNBOQEQbR6SGiEe%2Bzj"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 618e9d9d682bbef6-FRA
expires: Wed, 26 Jan 2022 15:46:07 GMT

GET
H2 200 jquery.flexslider-min.js Show response
cdnjs.cloudflare.com/ajax/libs/flexslider/2.7.2/ 23 KB
6 KB 14ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flexslider/2.7.2/jquery.flexslider-min.js?ver=2.7.2

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1a3fc0ee5a71ce8585a3464a579461e0dc853ce9073beb88297babe8d2b701

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1306119
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5869
cf-request-id: 07ed00d6630000c27233bc4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5e-5a31"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LVdA2tQN%2BlMtFrj%2BmS8JhHYq3IM1GCEGD6OEjBdtUIXNQRjW8VBRsprTqK7NETf7NjIFKmRwjlQQIlyRyj1%2BjIbqwNKTDoIxGV0NkKB%2BBlKUqt%2B4HpENzz4Hx6%2BY7OxeGQ%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 618e9d9d6f78c272-FRA
expires: Tue, 18 Jan 2022 23:50:26 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.payetteforward.com/wp-includes/js/jquery/ 11 KB
4 KB 31ms
30ms Script
application/javascript 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d6630000bef689a11000000001
last-modified: Wed, 06 Jan 2021 23:05:44 GMT
server: cloudflare
etag: W/"5ff64248-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CK4f1GxDYGkMkYbmo5BMqOZTeLSkGzGrkvj9ybHZP5Q77TlMIJiBbKn7Cixgjhu4yMKfsUcp7pfCEADY0ESIzdGN6SICpl7iFGBueUEjPaczL2a2oXB%2FNDmbfj%2BlRJ3Kk2Ij"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 618e9d9d682cbef6-FRA
expires: Wed, 26 Jan 2022 15:46:08 GMT

GET
H2 200 jquery.min.js Show response
www.payetteforward.com/wp-includes/js/jquery/ 87 KB
30 KB 26ms
26ms Script
application/javascript 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.payetteforward.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201858
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d6630000bef67f250000000001
last-modified: Wed, 06 Jan 2021 23:05:44 GMT
server: cloudflare
etag: W/"5ff64248-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d2ii6AHP5qe5U9Famzq%2FtA4tk%2BMD7zVs%2B1jtYPUb4ncY1AuxuIG4UeeVn8ZpfRJKY%2BGGp5RdwB6wVVeQZJnQRM0yYcx55YfLnZFqEmgOMHh15mEGip9knvKraRzIXCFhdTM2"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 618e9d9d682dbef6-FRA
expires: Wed, 26 Jan 2022 15:46:08 GMT

GET
H2 200 embed.min.js Show response
app.termly.io/ 360 KB
82 KB 51ms
27ms Script
application/javascript 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7962d717e3c18fba92d54f3c980352ac06017d41e97ba6eedb5bbda4af3c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-xss-protection: 1; mode=block
age: 3064
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d68700002c365101f000000001
referrer-policy: no-referrer
last-modified: Wed, 20 Jan 2021 02:11:59 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6007916f-5a0fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cf-ray: 618e9d9da8932c36-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KD2DGX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2182
date: Thu, 28 Jan 2021 23:14:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 29 Jan 2021 01:14:04 GMT

GET
H3-Q050 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:53:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3393
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Thu, 28 Jan 2021 23:53:53 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
541 B 33ms
14ms XHR
application/json 2a00:1450:4001:818::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.payetteforward.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
470 B 32ms
14ms XHR
application/json 2a00:1450:4001:819::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.payetteforward.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
71 B 12ms
12ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=2130928282&t=pageview&_s=1&dl=https%3A%2F%2Fwww.payetteforward.com%2F&ul=en-us&de=UTF-8&dt=Payette%20Forward&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAAAjAAQCAC~&jid=682039137&gjid=958591453&cid=1595675454.1611877826&tid=UA-41913908-1&_gid=1841224341.1611877826&_r=1&gtm=2wg1k0KD2DGX&cd1=David%20Payette&cd3=frontpage&z=1843851443

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 28 Jan 2021 23:50:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.payetteforward.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
451 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-41913908-1&cid=1595675454.1611877826&jid=682039137&gjid=958591453&_gid=1841224341.1611877826&_u=aGBAAAAiAAQCAC~&z=547206242

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 28 Jan 2021 23:50:26 GMT
content-type: text/plain
access-control-allow-origin: https://www.payetteforward.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-41913908-1&cid=1595675454.1611877826&jid=682039137&_u=aGBAAAAiAAQCAC~&z=182472743

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jan 2021 23:50:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 35ms
16ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-41913908-1&cid=1595675454.1611877826&jid=682039137&_u=aGBAAAAiAAQCAC~&z=182472743

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jan 2021 23:50:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 a180398f-793b-4288-ac64-758e7b38d67c
app.termly.io/api/v1/snippets/websites/ Frame 0
0 176ms
155ms Other 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c

Protocol

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.payetteforward.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-length: 0
status: 200 OK
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 07ed00d73b000097c6b1285000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 618e9d9ec89597c6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 a180398f-793b-4288-ac64-758e7b38d67c Show response
app.termly.io/api/v1/snippets/websites/ 4 KB
1 KB 181ms
180ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5154771a8970a7534a6ca9f55f6d4c075166dc03056db0b68e2ee0d8e88ec978

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
status: 200 OK
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d7d9000097c6c403d000000001
x-request-id: 6ae3a177-5e48-454b-9d60-ca18f1f843fb
x-runtime: 0.006452
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5154771a8970a7534a6ca9f55f6d4c07"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=60
cf-ray: 618e9d9fc8e397c6-FRA

GET
H2 200 ip Show response
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ 120 B
257 B 158ms
157ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ip?random-uuid=47e41eeb-0952-6d03-da65-f6c939b3921b

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6d01ec98c7803b37e801273c65f6764911bd79a88b983196ac76dea0561ecb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200 OK
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00d8ed000097c6f608c000000001
x-request-id: dfb603b1-53cc-4a8a-81ce-90e556da4d00
x-runtime: 0.006338
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cf6d01ec98c7803b37e801273c65f676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 618e9da1793c97c6-FRA

OPTIONS
H2 200 ip
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ Frame 0
0 452ms
432ms Other 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ip?random-uuid=47e41eeb-0952-6d03-da65-f6c939b3921b

Protocol

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.payetteforward.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-length: 0
status: 200 OK
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 07ed00d73c000097c6daa35000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 618e9d9ec89697c6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 udm-r3_v2.6.13.js Show response
bid.underdog.media/ 467 KB
144 KB 30ms
6ms Script
application/javascript 2600:9000:21f3:200:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/udm-r3_v2.6.13.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15839;tid=1;dt=6;
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:200:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87cb837f2649470e7a8c36be1577793df454875b3d4ffc1e8cc13ecf7df47880

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 22:22:20 GMT
content-encoding: gzip
last-modified: Thu, 21 Jan 2021 22:04:09 GMT
server: AmazonS3
age: 610087
etag: "c59856192f70e5e2f6eb86b693612c76"
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 146489
x-amz-cf-id: RwM9oRy1pjKDC8FqHDIt-TTF9Ajv5HacGTpeiiRevbI9XCVLtVRybA==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 27ms
9ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=15839;tid=1;dt=6;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:26 GMT
content-encoding: gzip
etag: "8q1rat7Mm9i+FVcOidF8/g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 04 Feb 2021 23:50:26 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fdt%253D1%253Bapnid%253D%2524UID
https://udmserve.net/udm/fetch.pix?dt=1;apnid=8457331651258229674

43 B
595 B

343ms
195ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;apnid=8457331651258229674
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 23:50:27 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 28 Jan 2021 23:50:27 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 623.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80
AN-X-Request-Uuid: a7ad5584-6bf0-423c-86c0-d3ced19715f6
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://udmserve.net/udm/fetch.pix?dt=1;apnid=8457331651258229674
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MURFNzgyQ0UtMTg5MS00NTkxLTg4NzktMTc5OTJCMUY3RTNF&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MURFNzgyQ0UtMTg5MS00NTkxLTg4NzktMTc5OTJCMUY3RTNF&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3D1DE782CE-1891-4591-8879-17992B1F7E3E
https://udmserve.net/udm/fetch.pix?pmid=1DE782CE-1891-4591-8879-17992B1F7E3E

43 B
611 B

195ms
194ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?pmid=1DE782CE-1891-4591-8879-17992B1F7E3E
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 23:50:28 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://udmserve.net/udm/fetch.pix?pmid=1DE782CE-1891-4591-8879-17992B1F7E3E
Date: Thu, 28 Jan 2021 23:50:27 GMT
X-Cnection: close
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length: 396
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://sync.1rx.io/usersync2/underdogmedia
https://udmserve.net/udm/fetch.pix?roid=OPTOUT

43 B
581 B

537ms
195ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?roid=OPTOUT
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 23:50:27 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 28 Jan 2021 23:50:27 GMT
Server: Tengine
ETag: OPTOUT
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://udmserve.net/udm/fetch.pix?roid=OPTOUT
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: 0

GET
H2 204 services
sync.technoratimedia.com/ 0
300 B 433ms
140ms Image
text/plain 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.technoratimedia.com/services?srv=cs&pid=54&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsncr%3D[USER_ID]
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.26.45 Seattle, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:27 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 256914200
access-control-allow-origin: https://www.payetteforward.com/
access-control-allow-credentials: true

GET
H/1.1 200
OK us
sync.go.sonobi.com/ 0
501 B 202ms
48ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bsono%3D%5BUID%5D%0A%0A

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 28 Jan 2021 23:50:27 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://inv-nets.admixer.net/adxcm.aspx?ssp=F74A1705-8854-4390-959E-C24FA4349F88&rurl=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Badmix%3D%24%24visitor_cookie%24%24
https://udmserve.net/udm/fetch.pix?dt=1;admix=08b9aa5d80714b9dbabf00ecdc119860

43 B
608 B

195ms
195ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;admix=08b9aa5d80714b9dbabf00ecdc119860
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 23:50:27 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Date: Thu, 28 Jan 2021 23:50:26 GMT
Server: nginx
Access-Control-Allow-Origin: *
P3p: CP="NID DSP ALL COR"
Location: https://udmserve.net/udm/fetch.pix?dt=1;admix=08b9aa5d80714b9dbabf00ecdc119860
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 0
X-Xss-Protection: 0

GET
H/1.1

200
OK

fetch.pix
udmserve.net/udm/
Redirect Chain

https://cs.admanmedia.com/sync/underdog?redir=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bacu%3D%7B%24UID%7D
https://udmserve.net/udm/fetch.pix?dt=1;acu=afe45f51e44afbaa5f020965df2f922c4084bd9d

43 B
614 B

391ms
194ms

Image
image/gif

68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udmserve.net/udm/fetch.pix?dt=1;acu=afe45f51e44afbaa5f020965df2f922c4084bd9d
Requested by: Host: www.payetteforward.com
URL: https://www.payetteforward.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 Atlanta, United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 28 Jan 2021 23:50:27 GMT
Cache-Control: max-age=43200
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://udmserve.net/udm/fetch.pix?dt=1;acu=afe45f51e44afbaa5f020965df2f922c4084bd9d
Date: Thu, 28 Jan 2021 23:50:27 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked

GET
H2 200 rules-p-effSsmMYCbAck.js Show response
rules.quantcount.com/ 3 B
348 B 24ms
6ms Script
application/x-javascript 2600:9000:20eb:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 13:16:22 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Sat, 04 Mar 2017 21:04:20 GMT
server: AmazonS3
age: 38045
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: ebBHpLMME-gJL6-vRWYQX2_7bpYI_rGKLSkJz954crWYlLJAmJm1aA==

GET
H2 200 rules-p-Pz67dCqdsHfxh.js Show response
rules.quantcount.com/ 3 B
356 B 126ms
109ms Script
application/x-javascript 2600:9000:20eb:ba00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:47:22 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 185
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Miss from cloudfront
content-type: application/x-javascript
cache-control: max-age=300
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: AoQDGO85ZOYPvqCH_xMo5e8SkG8etvMu5jJhYW4hGDsS3OyG1F3RTA==

GET
H2 200 bcv1.js Show response
bid.underdog.media/ 2 KB
1 KB 6ms
6ms Script
application/x-javascript 2600:9000:21f3:200:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/bcv1.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.13.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:200:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55041e1c17936c85084c47e692508a63f048cce5f71c5eff50d5bcacf0ebe5a9

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:46:33 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 23:30:03 GMT
server: AmazonS3
age: 234
etag: "b1143da5b2e45059cf976537ea92c107"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control: max-age=1800
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 1050
x-amz-cf-id: UZOcrbdK1TvrGTB680Na_wkvzVrDy7rMn09aer0aRzTGlX39q4gbcw==

OPTIONS
H2 200 statistics
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ Frame 0
0 140ms
140ms Other 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/statistics

Protocol

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.payetteforward.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 28 Jan 2021 23:50:27 GMT
content-length: 0
status: 200 OK
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: POST
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 07ed00d993000097c6e6a24000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 618e9da2896f97c6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H2 200 cookies
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/documents/b4f9fe89-1ed3-40dc-ab88-148f1afc5106/ Frame 0
0 138ms
137ms Other 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/documents/b4f9fe89-1ed3-40dc-ab88-148f1afc5106/cookies

Protocol

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.payetteforward.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 28 Jan 2021 23:50:27 GMT
content-length: 0
status: 200 OK
access-control-allow-origin: *
access-control-max-age: 600
access-control-allow-headers: content-type
access-control-allow-methods: GET
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 07ed00d993000097c6ae177000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 618e9da2897197c6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 201 statistics Show response
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/ 3 B
202 B 193ms
192ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/statistics

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Thu, 28 Jan 2021 23:50:27 GMT
vary: Origin
cf-cache-status: DYNAMIC
status: 201 Created
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00da21000097c6c3acb000000001
x-request-id: c54bed30-b66a-4331-a3aa-05bc018f106b
x-runtime: 0.012471
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"43974ed74066b207c30ffd0fed514676"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate
cf-ray: 618e9da369aa97c6-FRA

GET
H2 200 cookies Show response
app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/documents/b4f9fe89-1ed3-40dc-ab88-148f1afc5106/ 211 KB
37 KB 29ms
25ms XHR
application/json 2606:4700::6813:9059
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/a180398f-793b-4288-ac64-758e7b38d67c/documents/b4f9fe89-1ed3-40dc-ab88-148f1afc5106/cookies

Requested by

Host: app.termly.io
URL: https://app.termly.io/embed.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9059 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

375fc044a01c121777092eb9f1d3347a71c080b2e8137237c0d87cfc19bc4e44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

x-rack-cors: hit
date: Thu, 28 Jan 2021 23:50:27 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 58126
status: 200 OK
strict-transport-security: max-age=15552000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00da22000097c6b5b8b000000001
x-request-id: 77aefba7-85fe-434b-a0ee-e68e30433990
x-runtime: 0.059991
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"375fc044a01c121777092eb9f1d3347a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 600
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=600
cf-ray: 618e9da369ab97c6-FRA

GET
H2 200 pixel;r=1193009310;rf=0;uht=2;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.payetteforward.com%2F;fpan=1;fpa=P0-506797060-1611877827022;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=payett...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1193009310;rf=0;uht=2;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.payetteforward.com%2F;fpan=1;fpa=P0-506797060-1611877827022;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=payetteforward.com;je=0;sr=1600x1200x24;dst=1;et=1611877827022;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.Payette%20Forward%2Cdescription.Payette%20Forward%20helps%20people%20solve%20problems%20with%20their%20iPhones%252C%20Macs%252C%20and%20other%20%2Curl.https%3A%2F%2Fwww%252Epayetteforward%252Ecom%2F%2Csite_name.Payette%20Forward%2Cimage.https%3A%2F%2Fwww%252Epayetteforward%252Ecom%2Fwp-content%2Fuploads%2F2020%2F05%2FFacebook-Cover%252Ejpg%2Cimage%3Awidth.851%2Cimage%3Aheight.315

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jan 2021 23:50:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1911865169;labels=edge.1%2Csid.15839;rf=0;uht=2;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.payetteforward.com%2F;fpan=0;fpa=P0-506797060-1611877827022;ns=0;ce=1;qjs=1;qv=58f0669e-2020121019275...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1911865169;labels=edge.1%2Csid.15839;rf=0;uht=2;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.payetteforward.com%2F;fpan=0;fpa=P0-506797060-1611877827022;ns=0;ce=1;qjs=1;qv=58f0669e-20201210192756;cm=;gdpr=0;ref=;d=payetteforward.com;je=0;sr=1600x1200x24;dst=1;et=1611877827024;tzo=-60;ogl=locale.en_US%2Ctype.website%2Ctitle.Payette%20Forward%2Cdescription.Payette%20Forward%20helps%20people%20solve%20problems%20with%20their%20iPhones%252C%20Macs%252C%20and%20other%20%2Curl.https%3A%2F%2Fwww%252Epayetteforward%252Ecom%2F%2Csite_name.Payette%20Forward%2Cimage.https%3A%2F%2Fwww%252Epayetteforward%252Ecom%2Fwp-content%2Fuploads%2F2020%2F05%2FFacebook-Cover%252Ejpg%2Cimage%3Awidth.851%2Cimage%3Aheight.315

Requested by

Host: www.payetteforward.com
URL: https://www.payetteforward.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Jan 2021 23:50:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 rrv7.js Show response
bid.underdog.media/ 23 KB
10 KB 6ms
6ms Script
application/x-javascript 2600:9000:21f3:200:5:c4ab:c3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bid.underdog.media/rrv7.js
Requested by: Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.6.13.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:200:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 203501866a0e4de58844159eb8c711b8413359074deade1cd6aff271eb1f71a8

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 22:51:47 GMT
content-encoding: gzip
last-modified: Thu, 28 Jan 2021 22:30:04 GMT
server: AmazonS3
age: 3522
etag: "1663bcc8ce87c84aea8763e832d04697"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 9721
x-amz-cf-id: PJxi_BCocszOZlWu-ram_I35jBVeOECrMkSokhSsFkf5Xy9oG9qg1A==

GET
H2 200 Payette-Forward_Logo.svg
www.payetteforward.com/wp-content/uploads/2020/06/ 11 KB
4 KB 38ms
37ms Image
image/svg+xml 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/06/Payette-Forward_Logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 766a2e1984e6104f641176065f6806f1119a74a8703473c69658048146129997

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 201641
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07ed00de8a0000bef67f26d000000001
last-modified: Tue, 09 Jun 2020 14:33:57 GMT
server: cloudflare
etag: W/"5edf9dd5-2b36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fsqxi37dUT4BcJXEVrLwEFnIhc%2BEr4UgcCdmyQEqD6cgQgYQzKB7YPw4np4UG%2Bx6%2BjkwIJOGS9V58tAWR8qycN5F5HRvxpMUen7J8QQIF7MgxjNu%2Fix1uRLkx1uUDKm0pXuZ"}],"max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 618e9daa7a79bef6-FRA
expires: Thu, 25 Feb 2021 15:49:47 GMT

GET
H2 200 iPhone-Stuck-On-Update-Requested-heres-the-fix-351x185.jpg
www.payetteforward.com/wp-content/uploads/2018/04/ 3 KB
3 KB 22ms
20ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2018/04/iPhone-Stuck-On-Update-Requested-heres-the-fix-351x185.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8efb30117d0d9f9cb4eaa901bc09a53a584faea5ba509c58bfb2554f3620c533

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 155566
cf-polished: qual=85, origFmt=jpeg, origSize=5656
content-disposition: inline; filename="iPhone-Stuck-On-Update-Requested-heres-the-fix-351x185.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2792
cf-request-id: 07ed00deb50000bef68d2fc000000001
last-modified: Mon, 09 Apr 2018 13:53:06 GMT
server: cloudflare
etag: "5acb7042-1618"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JcP0xyf3uyxejrVUcF2GHQEEX0tnkQoo6RVAHH6nGSSlUy5bldlCKo0np1oN8VtKP8M27E0Xreovbv0m59e4kmOckyPxwNPsitEJe9kMWIzqCmdDZrmkDJFA5WppFHeg5E7W"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaba7fbef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Best-Apple-PDF-Reader-Apps-168x137.jpg
www.payetteforward.com/wp-content/uploads/2020/08/ 3 KB
4 KB 29ms
27ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/08/Best-Apple-PDF-Reader-Apps-168x137.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 308410331b45e12ebea3155e821d5832f784c4c119fc5cac37f743e91541ceee

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 155566
cf-polished: qual=85, origFmt=jpeg, origSize=6025
content-disposition: inline; filename="Best-Apple-PDF-Reader-Apps-168x137.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3462
cf-request-id: 07ed00deb50000bef6741a9000000001
last-modified: Thu, 01 Oct 2020 14:32:05 GMT
server: cloudflare
etag: "5f75e865-1789"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vN%2BI8j2qCgQYMFvFzJeFTUV7ueHSl3i6MCdmeBSCDB33vDlX2eqCY2bCuLgOm2N3L3gBLw7%2FPKgOf6sEO5YMSbiWPLYgPkq%2BGNqC6Z%2FGnC496W%2Brwz701RU%2Fr3hW0gzFacW4"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaba80bef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 iphone-call-failed-fix-168x137.jpg
www.payetteforward.com/wp-content/uploads/2020/10/ 2 KB
3 KB 34ms
32ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/10/iphone-call-failed-fix-168x137.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5580dab7e06e34a27113bebf37cb8dad80b9b55592b534b47dce3183ff810cd1

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 155566
cf-polished: qual=85, origFmt=jpeg, origSize=5344
content-disposition: inline; filename="iphone-call-failed-fix-168x137.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2250
cf-request-id: 07ed00deb50000bef685238000000001
last-modified: Tue, 17 Nov 2020 20:05:27 GMT
server: cloudflare
etag: "5fb42d07-14e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=iensgixQzqWOdAe8iyY1ObQToIE4lXHMadSnzINFoM5MbD9%2BuiO0YnnAq0brWOH9AXFnwLJ4teFjZCGiKfX1g2iORsQrL0u7EmUvTCbsMi0blN9pcvQM2rK%2B7cHJhSQZVc3A"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaba81bef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sim-not-support-on-iphone-fix-702x439.jpg
www.payetteforward.com/wp-content/uploads/2020/10/ 12 KB
12 KB 29ms
28ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/10/sim-not-support-on-iphone-fix-702x439.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a417ff0d6e16a7116569d5551a10f53c298bf0f4408076053ec260f5c403b1

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 155566
cf-polished: qual=85, origFmt=jpeg, origSize=24398
content-disposition: inline; filename="sim-not-support-on-iphone-fix-702x439.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12020
cf-request-id: 07ed00deb60000bef69d8a2000000001
last-modified: Tue, 10 Nov 2020 21:49:30 GMT
server: cloudflare
etag: "5fab0aea-5f4e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PmukSnh9GvmtFqzIP1nCi6yjXeoHp5q6%2F%2BCzQAPWPxK4iGcIvxabGDBfK5ocqtO%2FUh%2BeZI%2F9HiJ2zuEgdOqozaGoza%2BKrxBXUS7KySJXwq8sy1o15hQJD4QRWuBn%2F6zhbDAD"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaba82bef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 What-Do-To-If-Your-iPhone-Has-A-Gap-Between-The-Screen-and-Frame-110x96.jpg
www.payetteforward.com/wp-content/uploads/2020/11/ 2 KB
2 KB 31ms
29ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/11/What-Do-To-If-Your-iPhone-Has-A-Gap-Between-The-Screen-and-Frame-110x96.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eaba15de02175c109c542711ce604309f35a25269a8991e4c35b8a5ed65ec87c

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 64849
cf-polished: qual=85, origFmt=jpeg, origSize=2985
content-disposition: inline; filename="What-Do-To-If-Your-iPhone-Has-A-Gap-Between-The-Screen-and-Frame-110x96.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1602
cf-request-id: 07ed00deb60000bef6753d9000000001
last-modified: Wed, 25 Nov 2020 21:16:57 GMT
server: cloudflare
etag: "5fbec9c9-ba9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tsdI518ZMihWWUoRmTnKaIsfMEi7SrU7lu9lU%2FoXQByqMYP%2FDO%2Fx9OR6NTxUzZVsgSjysDcGeOVIcKXjJp2oRtp5nZaGQ7%2FXdedifLzSGYCUlLEIjRYEmeNrvr6O0z3yONhR"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaba83bef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 my-iphone-says-incorrect-password-for-wifi-fix-702x439.jpg
www.payetteforward.com/wp-content/uploads/2020/10/ 26 KB
27 KB 37ms
36ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/10/my-iphone-says-incorrect-password-for-wifi-fix-702x439.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44eb23ab3cc16db949fff5b556979d2c395f24ed501b459d78d15b578db55078

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 155566
cf-polished: qual=85, origFmt=jpeg, origSize=49614
content-disposition: inline; filename="my-iphone-says-incorrect-password-for-wifi-fix-702x439.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27126
cf-request-id: 07ed00deb60000bef6932f7000000001
last-modified: Tue, 17 Nov 2020 20:04:07 GMT
server: cloudflare
etag: "5fb42cb7-c1ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gL2d9bPE0XpT63XBqA8EEL5PeUKXpzGTCiUNK7L%2BYDu5hxZPyIpaEHJz2XBXJYT3gYcWp0SJAWTYMtvEJWDZI89TLYm9r%2BDgHhuJqYwDwM4xa3hHec7kloPb3jCLj6YnNKOG"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaba84bef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 apple-news-not-working-on-iphone-fix-110x96.jpg
www.payetteforward.com/wp-content/uploads/2020/11/ 3 KB
3 KB 40ms
39ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2020/11/apple-news-not-working-on-iphone-fix-110x96.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e33864b2e1239c7353bb8c51170ee5dbf280362578b26293337a77ed4020ef34

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 64849
cf-polished: qual=85, origFmt=jpeg, origSize=4698
content-disposition: inline; filename="apple-news-not-working-on-iphone-fix-110x96.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2782
cf-request-id: 07ed00deb70000bef67923e000000001
last-modified: Tue, 10 Nov 2020 16:05:11 GMT
server: cloudflare
etag: "5faaba37-125a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JdUV0h6yMwcUr4QbMWKzfzjE0LDAy9l5xsGH4aZJoXZZlpldaXV%2B55CP4%2BhHA53DkP6p237rmkQoRpoB6%2BgqXluemRAJxVQ8yNALfpL2HolKhLJg4DJIVDx0iVkPjoB8Yjp2"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaba86bef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 My-iPhone-Wont-Charge-Heres-The-Real-Fix.-702x336.jpg
www.payetteforward.com/wp-content/uploads/2018/01/ 6 KB
7 KB 31ms
30ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2018/01/My-iPhone-Wont-Charge-Heres-The-Real-Fix.-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54e1c3b691fad00b895d6ea8be4188c7d1253d56f4d1ae564e30e0de40cb5c1b

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 19826
cf-polished: qual=85, origFmt=jpeg, origSize=15115
content-disposition: inline; filename="My-iPhone-Wont-Charge-Heres-The-Real-Fix.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6588
cf-request-id: 07ed00debc0000bef6a5363000000001
last-modified: Fri, 14 Sep 2018 14:40:17 GMT
server: cloudflare
etag: "5b9bc851-3b0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=U%2BcL1HJZN7lYyNLiCMAu0cVG5lND0Xm%2B4%2BEzOmCH8kwFQfdJlJ8m4gqjDRbyga1e%2F%2FDEWLfIBwUEuhajy%2FVRxeubcc3FsgeKZzE3KTTYOAqxPttmcAi%2FHJOw%2FwfGRgb59WL5"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaca88bef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Why-Does-My-iPhone-Battery-Die-So-Fast-Heres-The-Real-Fix-702x336.jpg
www.payetteforward.com/wp-content/uploads/2017/10/ 10 KB
10 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2017/10/Why-Does-My-iPhone-Battery-Die-So-Fast-Heres-The-Real-Fix-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5a50538e93b491d1027591b0b6f06731e07fb29b284c71eb260219bdfc50b37

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 165246
cf-polished: qual=85, origFmt=jpeg, origSize=16705
content-disposition: inline; filename="Why-Does-My-iPhone-Battery-Die-So-Fast-Heres-The-Real-Fix-702x336.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10012
cf-request-id: 07ed00debc0000bef6a1838000000001
last-modified: Fri, 14 Sep 2018 14:35:20 GMT
server: cloudflare
etag: "5b9bc728-4141"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tQ4fTA2%2FfF8snj3oHTU%2FgFPGLLLGqcHCKcLLNY1w%2F%2F%2BaGEteO1uGV3FfvRDIjOW%2FJnE2TlhsEvnhAexTl%2B7q8kzJfNPwEeVDvnNmoUAxquFRoDIIt04ZVfjw6CD5JOmToPTw"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaca89bef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 What-Uses-Data-On-iPhone-Using-Too-Much-The-Fix-702x336.jpg
www.payetteforward.com/wp-content/uploads/2017/10/ 7 KB
8 KB 32ms
31ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2017/10/What-Uses-Data-On-iPhone-Using-Too-Much-The-Fix-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdf861d17ccfb5484653c6faa83194e3cdd22d77f8c184563350aef2fe6b24c4

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 165246
cf-polished: qual=85, origFmt=jpeg, origSize=16810
content-disposition: inline; filename="What-Uses-Data-On-iPhone-Using-Too-Much-The-Fix-702x336.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7594
cf-request-id: 07ed00debc0000bef673266000000001
last-modified: Fri, 14 Sep 2018 14:37:20 GMT
server: cloudflare
etag: "5b9bc7a0-41aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5rnUYuY2Y2THglL5hWz9%2FHsWj2Kq6qN1S9ycYBladU6XkuR41uGHmTi1lnIOJL5f3%2Fm1fgo18kYCkBTwzOmGKTmiVz28Yhz650xdcMPGRXMiHOABnY9NHxutX2LN2hYF1VBX"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaca8abef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Why-Does-My-iPhone-Get-Hot-My-Battery-Drains-Too-The-Fix.-702x336.jpg
www.payetteforward.com/wp-content/uploads/2017/08/ 7 KB
8 KB 27ms
26ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2017/08/Why-Does-My-iPhone-Get-Hot-My-Battery-Drains-Too-The-Fix.-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95f1d0b12bdd621288237765d687c18a07891fba5d3b8af5bf0417faebf89407

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 95943
cf-polished: qual=85, origFmt=jpeg, origSize=15355
content-disposition: inline; filename="Why-Does-My-iPhone-Get-Hot-My-Battery-Drains-Too-The-Fix.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7620
cf-request-id: 07ed00debd0000bef685239000000001
last-modified: Fri, 14 Sep 2018 14:45:24 GMT
server: cloudflare
etag: "5b9bc984-3bfb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kmKQGfu2pF%2BOrGq9itJ%2FJNORVUrq%2BGK6a8XBCRmLeXIdLjQZQ3GwpXCgMDJWPmNJo2wVG0dr%2FUbhiL7JgkPHgtttbGKyFSwQNF%2Fwk1vhK83xDfNvjaKTgdwZ1irToeOQSYSI"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaca8bbef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Why-Is-My-iPhone-So-Slow-Here%E2%80%99s-The-Fix-For-iPad-Too_featured-702x336.jpg
www.payetteforward.com/wp-content/uploads/2015/06/ 8 KB
8 KB 29ms
28ms Image
image/webp 2606:4700:20::681a:b95
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.payetteforward.com/wp-content/uploads/2015/06/Why-Is-My-iPhone-So-Slow-Here%E2%80%99s-The-Fix-For-iPad-Too_featured-702x336.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b95 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676d46a3278abf750deeeca4b4e6adb477f0dfb187f94848fd68d9622cfe41e3

Request headers

Referer: https://www.payetteforward.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 28 Jan 2021 23:50:28 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 200076
cf-polished: qual=85, origFmt=jpeg, origSize=13501
content-disposition: inline; filename="Why-Is-My-iPhone-So-Slow-Here%E2%80%99s-The-Fix-For-iPad-Too_featured-702x336.webp"
cf-bgj: imgq:85,h2pri
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7962
cf-request-id: 07ed00debd0000bef6ae342000000001
last-modified: Mon, 31 Jul 2017 13:14:18 GMT
server: cloudflare
etag: "597f2d2a-34bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QyjXG3Qn%2Fn26naSToKGzksbWIBNMMXsg%2FnekiRvOovuJRAiyku2lmcwM4Fpy%2Blb%2Fp96aJOdlgjgUpmtf%2BPtXkfCsiLo4h%2BtiP4S%2B%2FJzcbIbHhe8si0kLjkP5Si205xJ1IChx"}],"max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 618e9daaca8cbef6-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

98 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.payetteforward.com/	1970-01-19 16:27:49	Name: udmsrc Value: %7B%7D
.payetteforward.com/	1970-01-20 01:09:06	Name: __qca Value: P0-506797060-1611877827022
.payetteforward.com/	1970-01-19 15:46:04	Name: _gid Value: GA1.2.1841224341.1611877826
.payetteforward.com/	1970-01-20 09:15:49	Name: _ga Value: GA1.2.1595675454.1611877826
.payetteforward.com/	1970-01-19 15:44:41	Name: AMP_TOKEN Value: %24NOT_FOUND
.payetteforward.com/	1970-01-19 15:44:37	Name: _gat_UA-41913908-1 Value: 1
.payetteforward.com/	1970-01-19 16:27:49	Name: __cfduid Value: d68af178fb49ec51e90d00528b635c5381611877825

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.payetteforward.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.cloudflare.com
ampcid.google.com
ampcid.google.de
app.termly.io
bid.underdog.media
cdnjs.cloudflare.com
cm.g.doubleclick.net
cs.admanmedia.com
fonts.googleapis.com
fonts.gstatic.com
image2.pubmatic.com
image4.pubmatic.com
image8.pubmatic.com
inv-nets.admixer.net
pixel.quantserve.com
rules.quantcount.com
secure.adnxs.com
secure.quantserve.com
stats.g.doubleclick.net
sync.1rx.io
sync.go.sonobi.com
sync.technoratimedia.com
udmserve.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.payetteforward.com
142.250.185.226
146.0.227.110
150.136.26.45
178.162.133.149
185.33.220.145
185.64.189.216
185.64.190.80
185.64.190.81
213.19.147.150
2600:9000:20eb:ba00:6:44e3:f8c0:93a1
2600:9000:21f3:200:5:c4ab:c3c0:93a1
2606:4700:20::681a:b95
2606:4700::6810:125e
2606:4700::6810:a823
2606:4700::6813:9059
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::200e
2a00:1450:4001:819::200e
2a00:1450:4001:828::2003
2a00:1450:400c:c00::9c
68.71.249.118
88.214.206.142
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0c7962d717e3c18fba92d54f3c980352ac06017d41e97ba6eedb5bbda4af3c36
1c3c5400087c7a0933a14001c67987c69be79772724a3c6c1dcaac4119d976e3
1dd07d410cf12478e9fedd90262cc824b7e8143b578bea4fd47b4cd3f608bc47
203501866a0e4de58844159eb8c711b8413359074deade1cd6aff271eb1f71a8
2c9c000242ec31f3d772ddcf4ae871f8a8484a931ae01de7256fcd7227980799
308410331b45e12ebea3155e821d5832f784c4c119fc5cac37f743e91541ceee
375fc044a01c121777092eb9f1d3347a71c080b2e8137237c0d87cfc19bc4e44
437afd9de21717c919be3f40f686b33170f2447dc03ded0fc00ac0cc41839854
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
44eb23ab3cc16db949fff5b556979d2c395f24ed501b459d78d15b578db55078
4c6cf0709b8e52572cae1fb57128acd0a5a453c9ce99dc3712a1860ff90c6bf8
501ed6d7c49a3526af1f804fff30cc8b7b8608525b100f4140b7504cc5afd4bd
5154771a8970a7534a6ca9f55f6d4c075166dc03056db0b68e2ee0d8e88ec978
5268a8afa9325a8e0ea0c0039216ccc1c87cc59303ca5d0e7cef64469d9221aa
54e1c3b691fad00b895d6ea8be4188c7d1253d56f4d1ae564e30e0de40cb5c1b
55041e1c17936c85084c47e692508a63f048cce5f71c5eff50d5bcacf0ebe5a9
5580dab7e06e34a27113bebf37cb8dad80b9b55592b534b47dce3183ff810cd1
57f7117e895cffdd63c9588a8975b3842c00083c4cef4ccebadbfb55f4810607
5e1a3fc0ee5a71ce8585a3464a579461e0dc853ce9073beb88297babe8d2b701
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
646f54e64d230bf10e2d2c14236c4f59b18257b96938951d346613671ee450b9
676d46a3278abf750deeeca4b4e6adb477f0dfb187f94848fd68d9622cfe41e3
6a4dac260dffc284594d633859fb508b2fcfade38b61c8af9cd55eb23adf9e89
6dc665f3ade51319cb3df1ed00c2af977e87837208c8a1906c0d05359e5cce4b
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
766a2e1984e6104f641176065f6806f1119a74a8703473c69658048146129997
79a417ff0d6e16a7116569d5551a10f53c298bf0f4408076053ec260f5c403b1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87cb837f2649470e7a8c36be1577793df454875b3d4ffc1e8cc13ecf7df47880
8b40e66d9a36d9b7b0b99c883a712af50fce13d1cb360dafb4c818db3b346c42
8efb30117d0d9f9cb4eaa901bc09a53a584faea5ba509c58bfb2554f3620c533
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95f1d0b12bdd621288237765d687c18a07891fba5d3b8af5bf0417faebf89407
9756d0cb0bf229f18e41d174a6234f7e18095f8e0c817bfb7c72d9eebb5f80b2
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
af6be7b3a7dc23038ca85fd83573d48eed8ac9614472eb3b69e9039ba3aac229
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
bee02b09d9401a5ee7795a35f29afbc45a9c936e75350182c4840be0a01e33e5
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdf861d17ccfb5484653c6faa83194e3cdd22d77f8c184563350aef2fe6b24c4
cf6d01ec98c7803b37e801273c65f6764911bd79a88b983196ac76dea0561ecb
d44da8cb8d1fad9bc5999ce7e69b725b791d0abeab3b9ef837624ebf33b099ef
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e33864b2e1239c7353bb8c51170ee5dbf280362578b26293337a77ed4020ef34
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e64be9c7535deda51f0f11fa8210cdf025dbb3ebd12ee4dfa090965957069026
eaba15de02175c109c542711ce604309f35a25269a8991e4c35b8a5ed65ec87c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2131e0fea71e26cb304726f566fe16b68fae46e772be992ab18d30a651cc942
f3f2f99c81ceb76562cf44082d6f7be0f9add805cafa81989064606728d8120c
f5a50538e93b491d1027591b0b6f06731e07fb29b284c71eb260219bdfc50b37

www.payetteforward.com Open in urlscan Pro 2606:4700:20::681a:b95 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

66 Requests

100 %HTTPS

61 %IPv6

21 Domains

28 Subdomains

20 IPs

5 Countries

715 kBTransfer

2155 kBSize

7 Cookies

4 Outgoing links

Redirected requests

66 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.payetteforward.com Open in urlscan Pro
2606:4700:20::681a:b95 Public Scan

Screenshot
Live screenshot

Full Image

66
Requests

100 %
HTTPS

61 %
IPv6

21
Domains

28
Subdomains

20
IPs

5
Countries

715 kB
Transfer

2155 kB
Size

7
Cookies

66 HTTP transactions
6 data transactions