paywhatyoucan.leadgeneration.com.au Open in urlscan Pro
2606:4700:3031::6818:60f8  Public Scan

URL: https://paywhatyoucan.leadgeneration.com.au/
Submission: On December 16 via automatic, source certstream-suspicious

Summary

This website contacted 36 IPs in 7 countries across 30 domains to perform 66 HTTP transactions. The main IP is 2606:4700:3031::6818:60f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is paywhatyoucan.leadgeneration.com.au.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2020. Valid for: a year.
This is the only time paywhatyoucan.leadgeneration.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 99.86.7.82 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
8 143.204.214.226 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.16.130 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 6 2.18.233.40 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 34.224.248.58 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 63.35.200.21 16509 (AMAZON-02)
14 17 52.18.82.238 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2 3.124.119.192 16509 (AMAZON-02)
1 2 18.156.0.31 16509 (AMAZON-02)
1 2 2.18.234.21 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 64.202.112.63 22075 (AS-OUTBRAIN)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 2a00:1288:f03... 10310 (YAHOO-1)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2 18.158.81.184 16509 (AMAZON-02)
1 2 3.126.158.103 16509 (AMAZON-02)
1 2 37.252.172.45 29990 (ASN-APPNEX)
1 34.120.207.148 15169 (GOOGLE)
1 2 34.98.64.218 15169 (GOOGLE)
66 36
Apex Domain
Subdomains
Transfer
23 adroll.com
s.adroll.com
d.adroll.com
30 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
158 KB
10 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
97 KB
3 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
2 KB
3 google.de
www.google.de
398 B
3 doubleclick.net
stats.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
2 KB
3 crazyegg.com
script.crazyegg.com
35 KB
3 unbounce.com
builder-assets.unbounce.com
39 KB
2 openx.net
us-u.openx.net
478 B
2 adnxs.com
ib.adnxs.com
2 KB
2 bidswitch.net
x.bidswitch.net
1005 B
2 3lift.com
eb2.3lift.com
740 B
2 outbrain.com
sync.outbrain.com
832 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 advertising.com
pixel.advertising.com
817 B
2 facebook.com
www.facebook.com
403 B
2 google.com
www.google.com
196 B
2 googleadservices.com
www.googleadservices.com
12 KB
2 facebook.net
connect.facebook.net
92 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 googleapis.com
ajax.googleapis.com
fonts.googleapis.com
26 KB
1 rlcdn.com
idsync.rlcdn.com
42 B
1 taboola.com
sync.taboola.com
219 B
1 pubmatic.com
simage2.pubmatic.com
885 B
1 rubiconproject.com
pixel.rubiconproject.com
798 B
1 consensu.org
d.adroll.mgr.consensu.org
137 B
1 ub-analytics.com
events.ub-analytics.com
245 B
1 googletagmanager.com
www.googletagmanager.com
38 KB
1 cloudflare.com
ajax.cloudflare.com
5 KB
1 leadgeneration.com.au
paywhatyoucan.leadgeneration.com.au
11 KB
66 30
Domain Requested by
17 d.adroll.com 14 redirects
8 fonts.gstatic.com fonts.googleapis.com
8 d9hhrg4mnvzow.cloudfront.net paywhatyoucan.leadgeneration.com.au
6 s.adroll.com 1 redirects paywhatyoucan.leadgeneration.com.au
s.adroll.com
d.adroll.com
3 www.google.de
3 script.crazyegg.com ajax.cloudflare.com
script.crazyegg.com
3 builder-assets.unbounce.com paywhatyoucan.leadgeneration.com.au
ajax.cloudflare.com
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.outbrain.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 pixel.advertising.com 2 redirects
2 www.facebook.com
2 www.google.com
2 www.gstatic.com www.googletagmanager.com
www.gstatic.com
2 www.googleadservices.com 1 redirects www.googletagmanager.com
2 connect.facebook.net paywhatyoucan.leadgeneration.com.au
connect.facebook.net
2 www.google-analytics.com paywhatyoucan.leadgeneration.com.au
www.google-analytics.com
2 d34qb8suadcc4g.cloudfront.net ajax.cloudflare.com
d34qb8suadcc4g.cloudfront.net
1 cm.g.doubleclick.net 1 redirects
1 idsync.rlcdn.com
1 sync.taboola.com
1 ads.yahoo.com 1 redirects
1 simage2.pubmatic.com
1 pixel.rubiconproject.com
1 d.adroll.mgr.consensu.org 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 events.ub-analytics.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 ajax.googleapis.com ajax.cloudflare.com
1 www.googletagmanager.com ajax.cloudflare.com
1 ajax.cloudflare.com paywhatyoucan.leadgeneration.com.au
1 paywhatyoucan.leadgeneration.com.au
66 37

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-07-09 -
2021-07-09
a year crt.sh
*.unbounce.com
Amazon
2020-04-08 -
2021-05-08
a year crt.sh
ajax.cloudflare.com
DigiCert ECC Secure Server CA
2020-08-11 -
2022-08-16
2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-11-02 -
2021-01-30
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA
2020-01-29 -
2021-04-29
a year crt.sh
*.ub-analytics.com
Amazon
2020-06-08 -
2021-07-08
a year crt.sh
www.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.de
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
*.google.com
GTS CA 1O1
2020-11-10 -
2021-02-02
3 months crt.sh
adroll.mgr.consensu.org
Amazon
2020-10-08 -
2021-11-07
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2020-10-24 -
2021-04-20
6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2020-03-02 -
2021-04-01
a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA
2019-01-10 -
2021-01-14
2 years crt.sh
*.outbrain.com
Thawte RSA CA 2018
2019-10-29 -
2021-11-23
2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA
2019-02-22 -
2021-02-21
2 years crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.3lift.com
Amazon
2020-07-04 -
2021-08-05
a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2020-04-23 -
2022-05-04
2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA
2019-01-23 -
2021-03-08
2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2020-04-14 -
2021-04-23
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2020-06-18 -
2021-08-17
a year crt.sh

This page contains 1 frames:

Primary Page: https://paywhatyoucan.leadgeneration.com.au/
Frame ID: F7BD7468C248DE4E0C4860C9B50BC437
Requests: 67 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

66
Requests

98 %
HTTPS

51 %
IPv6

30
Domains

37
Subdomains

36
IPs

7
Countries

562 kB
Transfer

1335 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://www.googleadservices.com/pagead/conversion/795091741/wcm?cc=ZZ&dn=1300532339&cl=zrn4CMTVi8wBEJ3GkPsC&ct_eid=2 HTTP 302
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=1300532339&cl=zrn4CMTVi8wBEJ3GkPsC
Request Chain 45
  • https://s.adroll.com/j/exp/WAP5A6HUS5GETA7YGSP4T6/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 47
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/WAP5A6HUS5GETA7YGSP4T6?_s=9a5f555b3a2ab4291143b6fd132e6ae2&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/WAP5A6HUS5GETA7YGSP4T6/?_s=9a5f555b3a2ab4291143b6fd132e6ae2&_b=2
Request Chain 50
  • https://d.adroll.com/pixel/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&pv=2430598275.105478&cookie=&adroll_s_ref=&keyw= HTTP 302
  • https://s.adroll.com/pixel/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS/2WJLAA3XEJEILHCT5VZAJ3.js
Request Chain 53
  • https://d.adroll.com/cm/aol/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPa748d0fd-3ff0-11eb-9c98-06f938124ce8 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPa748d0fd-3ff0-11eb-9c98-06f938124ce8&verify=true
Request Chain 54
  • https://d.adroll.com/cm/index/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expiration=1639694839 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expiration=1639694839&C=1
Request Chain 55
  • https://d.adroll.com/cm/n/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expires=365
Request Chain 56
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&rdrctExp=true
Request Chain 57
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 58
  • https://d.adroll.com/cm/r/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 59
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
Request Chain 60
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 61
  • https://d.adroll.com/cm/b/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
Request Chain 62
  • https://d.adroll.com/cm/x/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
Request Chain 63
  • https://d.adroll.com/cm/l/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=21560fab182bad24e8622ca745a26b7f
Request Chain 64
  • https://d.adroll.com/cm/o/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=21560fab182bad24e8622ca745a26b7f HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=21560fab182bad24e8622ca745a26b7f
Request Chain 65
  • https://d.adroll.com/cm/g/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=IVYPqxgrrSToYiynRaJrfw HTTP 302
  • https://d.adroll.com/cm/g/in

66 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
paywhatyoucan.leadgeneration.com.au/
87 KB
11 KB
Document
General
Full URL
https://paywhatyoucan.leadgeneration.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:60f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c0b6ee7e6952962b33ddb3310db12e86efdbbc4987ba3cc878684e1c5ee1a63

Request headers

:method
GET
:authority
paywhatyoucan.leadgeneration.com.au
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:18 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d2fa74c60422b4ba4065ce20fe6ab5d141608158838; expires=Fri, 15-Jan-21 22:47:18 GMT; path=/; domain=.leadgeneration.com.au; HttpOnly; SameSite=Lax; Secure ubpv=d%2C26d62ad1-5042-4155-9a03-18a55d3e9b64; Max-Age=15897600; Expires=Fri, 18 Jun 2021 22:47:18 GMT; Path=/; SameSite=Lax ubrs=weighted; Path=/; SameSite=Lax ubvs=162.158.94.2311609555894068051; Max-Age=15552000; Expires=Mon, 14 Jun 2021 22:47:18 GMT; Path=/; SameSite=Lax ubvt=162.158.94.2311609555894068051; Max-Age=259200; Expires=Sat, 19 Dec 2020 22:47:18 GMT; Path=/; Domain=leadgeneration.com.au; SameSite=Lax
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
26d62ad1-5042-4155-9a03-18a55d3e9b64
content-location
https://paywhatyoucan.leadgeneration.com.au/
x-unbounce-visitorid
162.158.94.2311609555894068051
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
x-unbounce-variant
d
link
<https://paywhatyoucan.leadgeneration.com.au/>; rel="canonical"
x-proxy-backend
page-server
cf-cache-status
DYNAMIC
cf-request-id
070f5595100000973c11361000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fo3ZbaMix3fJ5rrXx1dlVINE67kn69%2B1KgoAJHgqRugfKVk6xcOO6KEjzTbwLd63i8V6OYGUlK7l0qycSrpUmju1NTwsXbI1I6xSzIBh2%2BVZxnpUBmWbm40JjNDgFVTKTGc7KtXRRVJoOTTzMkCPqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
602bf201bafa973c-FRA
content-encoding
br
main-7b78720.z.css
builder-assets.unbounce.com/published-css/
15 KB
3 KB
Stylesheet
General
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: paywhatyoucan.leadgeneration.com.au
URL: https://paywhatyoucan.leadgeneration.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-82.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 24 Nov 2020 03:11:27 GMT
content-encoding
gzip
last-modified
Tue, 13 Oct 2020 18:07:31 GMT
server
AmazonS3
age
1971352
etag
"28fa98fe25303c5ad925ec69772dc187"
x-cache
Hit from cloudfront
x-amz-version-id
4VmJ1x7od43SnXCa..jwUNq42n6sY1UH
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
VB54s7fHXYAP5xWAAS6wTdgxCmDbGmOWvHGMVw_9vcDPPlYTyY79xg==
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
rocket-loader.min.js
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/
12 KB
5 KB
Script
General
Full URL
https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Requested by
Host: paywhatyoucan.leadgeneration.com.au
URL: https://paywhatyoucan.leadgeneration.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
cf-request-id
070f55955500001f3df9a53000000001
last-modified
Mon, 14 Dec 2020 18:08:54 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"5fd7aa36-3016"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fg5EIK0WotdDUEYjgJHsdlNnBpsJXyzXN4tbUrCKsEwZDxxKY8nIgZcLg9eah%2Bs9G1IKATzFDluNQdQTFNPKIYNRAGQUPbyR5uWu%2BJpKsduoN6V3enZzCBPgapiLL%2BXD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
602bf2022d8f1f3d-FRA
expires
Fri, 18 Dec 2020 22:47:18 GMT
main.bundle-5c6e41c.z.js
builder-assets.unbounce.com/published-js/
104 KB
33 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-82.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 03:28:57 GMT
content-encoding
gzip
last-modified
Tue, 13 Oct 2020 18:07:24 GMT
server
AmazonS3
age
1365502
etag
"8f54ee429acc92c4ec90173c4494c176"
x-cache
Hit from cloudfront
x-amz-version-id
3Tf5CLt4Hplptlwy2gR6SrQuS3YM4exc
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33645
x-amz-cf-id
56cgHeRBTyukZdh5pML_0c3qdUwD_5vclJS9OVA0XUKOZ6Q2tURjlw==
ub.js
d34qb8suadcc4g.cloudfront.net/
5 KB
2 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:da00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 19:15:47 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 18:45:36 GMT
server
AmazonS3
age
2863892
etag
"91086183e2039359e4bf5622dfb57722"
x-cache
Hit from cloudfront
x-amz-version-id
D6xyQ1UlRnHjPycouA5Yb4DYOQiJWBkd
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
1992
x-amz-cf-id
FuPTCicLgZrJdLfJwFFUYdyqDjvNOlecjat8xIVAL_qF9To9brkihw==
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-795091741
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ca2da106d383d2260732063be3532db7bfd861b3fcc55e61bf741ba4cfb1be6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38970
x-xss-protection
0
last-modified
Wed, 16 Dec 2020 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 16 Dec 2020 22:47:18 GMT
1259.js
script.crazyegg.com/pages/scripts/0068/
3 KB
1 KB
Script
General
Full URL
https://script.crazyegg.com/pages/scripts/0068/1259.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a5f3100e624ac83f6be30523b214b74b51ab5f47a27d8a5dba74a5b1df42d3f

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:18 GMT
content-encoding
gzip
cf-cache-status
MISS
ce-version
11.1.181
content-length
1211
cf-request-id
070f55956b00001f393a01d000000001
last-modified
Wed, 16 Dec 2020 22:47:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
602bf2024aa61f39-FRA
jquery-shims.bundle-0983003.z.js
builder-assets.unbounce.com/published-js/
6 KB
2 KB
Script
General
Full URL
https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-0983003.z.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.7.82 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-82.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 29 Nov 2020 01:58:43 GMT
content-encoding
gzip
last-modified
Tue, 13 Oct 2020 18:07:24 GMT
server
AmazonS3
age
1543716
etag
"d2a192590a76ade095caec7cb83bb5e3"
x-cache
Hit from cloudfront
x-amz-version-id
wCBS76d9D6FOnvl8xXmd742tpe3Qctzy
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-type
application/javascript
content-length
1993
x-amz-cf-id
UxYCQ1bCqLO-UYKuUJtHzdoZ5PQdUssek3EJYAR_i0A2ObAxpfHQjg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.4.2/
70 KB
25 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
Requested by
Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 20:15:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
268326
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24715
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Dec 2021 20:15:12 GMT
33627ecf-background-1_11hc0qh000000000000028.png
d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/
12 KB
13 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/33627ecf-background-1_11hc0qh000000000000028.png
Requested by
Host: paywhatyoucan.leadgeneration.com.au
URL: https://paywhatyoucan.leadgeneration.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-226.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
209ff0877dff8193b0f2d1ad9d70d22967906668c52d0c5ea712d6df5e53e6fa

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:19 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"ff207978c0908b5ed09b723692f1cfa8"
x-cache
Miss from cloudfront
x-amz-version-id
NM_nEfB99F4EbNkCAfcuoaU0ghCsN6J8
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
12685
x-amz-cf-id
BnkkfwXzQMkvrM07bGQP1_P17g4pabLKyLtuq1ppZG-lrmOr2cGxIQ==
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: paywhatyoucan.leadgeneration.com.au
URL: https://paywhatyoucan.leadgeneration.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
2545
date
Wed, 16 Dec 2020 22:04:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Thu, 17 Dec 2020 00:04:53 GMT
fbevents.js
connect.facebook.net/en_US/
90 KB
23 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: paywhatyoucan.leadgeneration.com.au
URL: https://paywhatyoucan.leadgeneration.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23366
x-fb-rlafr
0
pragma
public
x-fb-debug
mYmjCi7uJvG/pcwY8KmSZ0wfwdrru1hTPgXqKhaWwpAH6aAhFLsgSnn+ti0w6zdTQHZMpSxrcJT/SE/pmqQRvQ==
x-fb-trip-id
436667874
x-frame-options
DENY
date
Wed, 16 Dec 2020 22:47:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
1259.json
script.crazyegg.com/pages/data-scripts/0068/
12 KB
2 KB
XHR
General
Full URL
https://script.crazyegg.com/pages/data-scripts/0068/1259.json?t=5360529
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/1259.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19f4bca45f0b65d04e7e833436bda2ffc929ecd65ee933c224821ad47f9f7006

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:19 GMT
content-encoding
gzip
cf-cache-status
MISS
ce-version
11.1.181
content-length
1417
cf-request-id
070f5597ae0000c2f952a92000000001
last-modified
Wed, 16 Dec 2020 22:47:19 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
602bf205e809c2f9-FRA
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/
98 KB
30 KB
Script
General
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1605293159
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:da00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 04 Nov 2020 01:36:06 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
3705073
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 ac0e9b19969df989a920e6d1b834d009.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
_D6veiaQiMIwaqhlVGUSGY5FSCRP3Z8jd8n6zwmFWVjcOZMjKrPOnw==
cc98767f-ac35-413c-a858-6005616375f1
https://paywhatyoucan.leadgeneration.com.au/
5 KB
0
Stylesheet
General
Full URL
blob:https://paywhatyoucan.leadgeneration.com.au/cc98767f-ac35-413c-a858-6005616375f1
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/
9 KB
976 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-5c6e41c.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2b003845723f5e906f9477a9e2f5f32a353d2dcc68d1ef1dcaee176696f527d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Dec 2020 22:47:18 GMT
server
ESF
date
Wed, 16 Dec 2020 22:47:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Dec 2020 22:47:18 GMT
6035d035-down-arrow-1_1016016015016000000028.png
d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/
646 B
1 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/6035d035-down-arrow-1_1016016015016000000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-226.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98c404d9d6d0bad707bb6852aa1242550bc15293eade1d22b0462f92e9c9de2b

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:20 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"837fde01dbe417023741135e8a0d251a"
x-cache
Miss from cloudfront
x-amz-version-id
DbAGZKaVk.Dl1gMx1UblkbTARH7Zzrr2
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
646
x-amz-cf-id
AsvAPD6j1OoDXtdAC6269ig6IcG1YWPVclhblI-bQboqurypTV2Vlg==
5db36e1a-managing-sales_10dw0b5000000000000028.png
d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/
22 KB
22 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/5db36e1a-managing-sales_10dw0b5000000000000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-226.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c029df55c408aa332bf1a15aec9154ebc90b17b68901d16a6e688de06e4f6e6

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:20 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"eccde61999f288b9cd492de7757df2f0"
x-cache
Miss from cloudfront
x-amz-version-id
w_ivKXUMoyq_HTijrM0UzX.Tq948Oxeo
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
22477
x-amz-cf-id
UUDfU5oLvHnCE5H0FLEVTrQ28vqznN8cT6x_mHLSBqGVb2TNy5ZIQg==
53da470c-leadexpress-blue_1037014000000000000028.png
d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/
2 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/53da470c-leadexpress-blue_1037014000000000000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-226.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e218fd32aa001ecf43ab42bcb78ecf2e65a3092e2126d9fc9d08bd38a133fa26

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:20 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"5847d6ad949afb63efe96992af8ef68a"
x-cache
Miss from cloudfront
x-amz-version-id
O6VxdNRtjlTAb7omAP4DlgQFCFtxckdq
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
1769
x-amz-cf-id
ZTQdCZ6eExbgMJvIjwuqgfZMKCGCDeyoicHbi42V5bxt9NI_udK2uw==
f54e8b6e-leadexpress-white_102y011000000000000028.png
d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/
1 KB
2 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/f54e8b6e-leadexpress-white_102y011000000000000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-226.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c983018bce6a6174b8d664ee6fa43c09a871d0872148acd020b52082231cdd9

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:20 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"5df4c0eb397899f3491fe1c2797a32c2"
x-cache
Miss from cloudfront
x-amz-version-id
ATmIz3HYiC2dYunE2k74OdpV0s4Dz3_3
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
1433
x-amz-cf-id
UIJyJ4WJCaiUIBIkNRymxa0SmcqdZtAmm0sZAXgw92tjHhN7MZFAvw==
cb941b35-asset-4-3x_102h00f000000000000028.png
d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/
589 B
971 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/cb941b35-asset-4-3x_102h00f000000000000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-226.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a868f14c442cd0733d25c3a6da275ece604d092368bba216f34ab1ee86f7ee7f

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:20 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"945093fd00200e3d947399477cfe2ae8"
x-cache
Miss from cloudfront
x-amz-version-id
Az2zSDQp601rnTqcKykWQK6SlwoANB82
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
589
x-amz-cf-id
P0PcqG1pXmqWiRPMEK-1VJN0MVMO-IxxzAq9_y0bD888O6V8vhy7Gg==
57b11382-asset-3-3x_101v01i000000000000028.png
d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/
409 B
789 B
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/57b11382-asset-3-3x_101v01i000000000000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-226.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b985e45fe6e2705eb388e08a247418ba2e381704efbfb154c06a4e730ba10ad0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:20 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"a832ddf075208a1c54db40f6752c6c89"
x-cache
Miss from cloudfront
x-amz-version-id
rq_Lwd6Z3iBJuYGor9rDLKegfubo8Df8
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
409
x-amz-cf-id
TbgAY22VcwF708zpBL811rfelal7VBdU-xckSdvqRH-HC76eDJLlNg==
11e3ee84-other-industries-img_10e70b6000000000000028.png
d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/
22 KB
22 KB
Image
General
Full URL
https://d9hhrg4mnvzow.cloudfront.net/paywhatyoucan.leadgeneration.com.au/11e3ee84-other-industries-img_10e70b6000000000000028.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.226 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-226.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
db1d9acaa6467cad25c5f17c21f7618379f2711c7f604b6faf6396155b095567

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:20 GMT
via
1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront)
last-modified
Thu, 04 Jun 2020 04:15:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
etag
"99213d3edc7e4feaff3c509b7d68b6cb"
x-cache
Miss from cloudfront
x-amz-version-id
tTDtEvM7dn0rCEaLwr9B6ZmUWMzZs4_Q
cache-control
max-age=31557600
accept-ranges
bytes
content-type
image/png
content-length
22526
x-amz-cf-id
G4gimybV9gySUfPe5r8SI6UX_obi9YZ0P3fpotF0vswqmUag1gSePA==
conversion_async.js
www.googleadservices.com/pagead/
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-795091741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
4a5c6bbe25f10b8c56a9d58bb7a3a957992fc1800b633dd010df58b55f558dae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
12179
x-xss-protection
0
server
cafe
etag
494165680877134304
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 16 Dec 2020 22:47:18 GMT
loader.js
www.gstatic.com/wcm/
539 B
494 B
Script
General
Full URL
https://www.gstatic.com/wcm/loader.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-795091741
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:43:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 25 Jun 2020 00:15:00 GMT
server
sffe
age
255
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
366
x-xss-protection
0
expires
Wed, 16 Dec 2020 23:43:03 GMT
collect
www.google-analytics.com/j/
4 B
404 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1232801968&t=pageview&_s=1&dl=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&ul=en-us&de=UTF-8&dt=Lead%20Express%20%7C%20Pay%20What%20You%20Can&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=207761024&gjid=27022217&cid=1674623379.1608158839&tid=UA-1051594-1&_gid=1924175134.1608158839&_r=1&_slc=1&z=29176739
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://paywhatyoucan.leadgeneration.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
1856523201036937
connect.facebook.net/signals/config/
239 KB
69 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1856523201036937?v=2.9.30&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5006ba2d8351dcf9f5ff9e30a5f2ea38b646bd991608358eb5efbf03edf93994
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
/9dhYaaquuzgvzsgKfNK3kMNLjHtZjbL5M4Aqg0hKnsTXR2avSu5CYGWvQbOghF9Xhft5+TGRymd4IVGJn4w5g==
x-fb-trip-id
436667874
x-frame-options
DENY
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 16 Dec 2020 22:47:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-content-id
2024573146
expires
Sat, 01 Jan 2000 00:00:00 GMT
roundtrip.js
s.adroll.com/j/
40 KB
13 KB
Script
General
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: paywhatyoucan.leadgeneration.com.au
URL: https://paywhatyoucan.leadgeneration.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
eHeCFa11ZmebQv0hmrjMAs.eB.BPo.q4
Content-Encoding
gzip
ETag
"0aed5b94bc26ce0fe9e58d25dd314418"
x-amz-request-id
A153E367E4F64E44
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
12695
x-amz-id-2
1CcC1EKrieRTlAyvmM8I9czxbYiNWqUAlIg4XQoBWjKMxkmKs0MXuebcXJ5+1jv9UbHz74EL7Lo=
Last-Modified
Thu, 10 Dec 2020 18:09:34 GMT
Server
AmazonS3
Date
Wed, 16 Dec 2020 22:47:18 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paywhatyoucan.leadgeneration.com.au
Referer
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 12 Dec 2020 01:16:05 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:44 GMT
server
sffe
age
423073
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
expires
Sun, 12 Dec 2021 01:16:05 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paywhatyoucan.leadgeneration.com.au
Referer
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 00:12:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:49:47 GMT
server
sffe
age
340477
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Mon, 13 Dec 2021 00:12:41 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paywhatyoucan.leadgeneration.com.au
Referer
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 00:12:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:49:47 GMT
server
sffe
age
340477
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Mon, 13 Dec 2021 00:12:41 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paywhatyoucan.leadgeneration.com.au
Referer
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 06:19:46 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:52 GMT
server
sffe
age
59252
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11180
x-xss-protection
0
expires
Thu, 16 Dec 2021 06:19:46 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v15/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paywhatyoucan.leadgeneration.com.au
Referer
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:12:58 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:02:15 GMT
server
sffe
age
2060
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
expires
Thu, 16 Dec 2021 22:12:58 GMT
7Aujp_0qiz-afTfcIyoiGtm2P0wG089z4eqVxVqHrzJoAw.woff
fonts.gstatic.com/s/muli/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Aujp_0qiz-afTfcIyoiGtm2P0wG089z4eqVxVqHrzJoAw.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f54152ed7565e500db1572c42c69f23247f6eaeec8feb458d4af38d99cb5232
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paywhatyoucan.leadgeneration.com.au
Referer
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 15 Dec 2020 09:38:40 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:50:14 GMT
server
sffe
age
133718
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14012
x-xss-protection
0
expires
Wed, 15 Dec 2021 09:38:40 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paywhatyoucan.leadgeneration.com.au
Referer
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 00:12:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:49:47 GMT
server
sffe
age
340477
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Mon, 13 Dec 2021 00:12:41 GMT
7Auwp_0qiz-afTLGLQjUwkQ.woff2
fonts.gstatic.com/s/muli/v22/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQjUwkQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://paywhatyoucan.leadgeneration.com.au
Referer
https://fonts.googleapis.com/css?family=Muli:700,regular,800,900,300italic%7CPoppins:700,600%7CRoboto:300
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 13 Dec 2020 00:12:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 15 Jul 2020 20:49:47 GMT
server
sffe
age
340477
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24884
x-xss-protection
0
expires
Mon, 13 Dec 2021 00:12:41 GMT
i
events.ub-analytics.com/
43 B
245 B
Image
General
Full URL
https://events.ub-analytics.com/i?stm=1608158838809&e=pv&url=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&page=Lead%20Express%20%7C%20Pay%20What%20You%20Can&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=cb2c95b8-ab0f-463c-8789-7245bb87e622&dtm=1608158838807&vp=1600x1200&ds=1600x2792&vid=1&sid=a77dc3fc-6d7b-44ba-bf9f-7b6630c2d1d9&duid=f43cb3cc-2287-4946-b727-063206f888bc&uid=162.158.94.2311609555894068051&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiMjZkNjJhZDEtNTA0Mi00MTU1LTlhMDMtMThhNTVkM2U5YjY0IiwidmFyaWFudElkIjoiZCIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.224.248.58 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-224-248-58.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 16 Dec 2020 22:47:19 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
collect
stats.g.doubleclick.net/j/
4 B
102 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-1051594-1&cid=1674623379.1608158839&jid=207761024&gjid=27022217&_gid=1924175134.1608158839&_u=IEBAAEAAAAAAAC~&z=564105817
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 16 Dec 2020 22:47:18 GMT
content-type
text/plain
access-control-allow-origin
https://paywhatyoucan.leadgeneration.com.au
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
call-tracking_2.js
www.gstatic.com/call-tracking/
51 KB
20 KB
Script
General
Full URL
https://www.gstatic.com/call-tracking/call-tracking_2.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 09:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 23 Apr 2020 17:15:00 GMT
server
sffe
age
47104
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19708
x-xss-protection
0
expires
Thu, 16 Dec 2021 09:42:14 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/795091741/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/795091741/?random=1608158838839&cv=9&fst=1608158838839&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&tiba=Lead%20Express%20%7C%20Pay%20What%20You%20Can&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b68798e4ad5688db34db46583bb151e5c191cf8cb5431b9cdb8d8a2f1cf60ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1049
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-1051594-1&cid=1674623379.1608158839&jid=207761024&_u=IEBAAEAAAAAAAC~&z=762884891
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-1051594-1&cid=1674623379.1608158839&jid=207761024&_u=IEBAAEAAAAAAAC~&z=762884891
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wcm
www.google.de/pagead/attribution/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/795091741/wcm?cc=ZZ&dn=1300532339&cl=zrn4CMTVi8wBEJ3GkPsC&ct_eid=2
  • https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=1300532339&cl=zrn4CMTVi8wBEJ3GkPsC
80 B
202 B
XHR
General
Full URL
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=1300532339&cl=zrn4CMTVi8wBEJ3GkPsC
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
application/json; charset=UTF-8
access-control-allow-origin
null
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87
x-xss-protection
0

Redirect headers

timing-allow-origin
*
date
Wed, 16 Dec 2020 22:47:18 GMT
x-content-type-options
nosniff
server
cafe
location
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=1300532339&cl=zrn4CMTVi8wBEJ3GkPsC
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
https://paywhatyoucan.leadgeneration.com.au
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/795091741/
42 B
89 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/795091741/?random=1608158838839&cv=9&fst=1608156000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&tiba=Lead%20Express%20%7C%20Pay%20What%20You%20Can&async=1&fmt=3&is_vtc=1&random=2328858277&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/795091741/
42 B
89 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/795091741/?random=1608158838839&cv=9&fst=1608156000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oabu0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&tiba=Lead%20Express%20%7C%20Pay%20What%20You%20Can&async=1&fmt=3&is_vtc=1&random=2328858277&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/WAP5A6HUS5GETA7YGSP4T6/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B
Script
General
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
NRd5BJy3mTVGILCcmBdUI4KKHh2sq935
Content-Encoding
gzip
ETag
"5816cced8568d223aa09d889f300692b"
x-amz-request-id
7W9WAWDN1PDJ9K6T
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
48
x-amz-id-2
NBvratIHE//44TPOypShMaCv/9QzRoRblXgrQhIlv+9B2ymzS7rKcZPf7Q+NJ4aV6oOIl9m1JcE=
Last-Modified
Wed, 02 Dec 2020 20:19:48 GMT
Server
AmazonS3
Date
Wed, 16 Dec 2020 22:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Wed, 16 Dec 2020 22:47:19 GMT
Server
AkamaiGHost
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS/
1 KB
1 KB
Script
General
Full URL
https://s.adroll.com/j/pre/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
AKqmUKoXOmC8u.Jtk5Cr.8lAKHe3kfJA
Content-Encoding
gzip
ETag
"3996d65282dd996ee0d7d4c90c139158"
x-amz-request-id
A4745898584F3BE9
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
635
x-amz-id-2
r76zeTyLVdvt2IrmSLXk/O6910Pp318my8BAjB9XWD+8gqUvRuQWHgHeZl+mC6gJV4Muh4VPHF4=
Last-Modified
Wed, 16 Dec 2020 00:48:22 GMT
Server
AmazonS3
Date
Wed, 16 Dec 2020 22:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/WAP5A6HUS5GETA7YGSP4T6/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/WAP5A6HUS5GETA7YGSP4T6?_s=9a5f555b3a2ab4291143b6fd132e6ae2&_b=2
  • https://d.adroll.com/consent/check/WAP5A6HUS5GETA7YGSP4T6/?_s=9a5f555b3a2ab4291143b6fd132e6ae2&_b=2
386 B
854 B
Script
General
Full URL
https://d.adroll.com/consent/check/WAP5A6HUS5GETA7YGSP4T6/?_s=9a5f555b3a2ab4291143b6fd132e6ae2&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.82.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-82-238.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e77f8d3e6dd4623d2044fee9a03f5807b45ef98d8eca70ffdf4029eeb8538337

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.18.0
content-type
application/javascript
content-length
386
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

location
https://d.adroll.com/consent/check/WAP5A6HUS5GETA7YGSP4T6/?_s=9a5f555b3a2ab4291143b6fd132e6ae2&_b=2
date
Wed, 16 Dec 2020 22:47:19 GMT
server
nginx/1.18.0
content-length
105
/
www.facebook.com/tr/
44 B
257 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1856523201036937&ev=PageView&dl=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&rl=&if=false&ts=1608158838919&sw=1600&sh=1200&v=2.9.30&r=stable&ec=0&o=30&fbp=fb.2.1608158838917.1592776096&it=1608158838755&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:18 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 16 Dec 2020 22:47:18 GMT
11.1.181.js
script.crazyegg.com/pages/versioned/common-scripts/
101 KB
33 KB
Script
General
Full URL
https://script.crazyegg.com/pages/versioned/common-scripts/11.1.181.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0068/1259.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b609f2c83c9509566e6d1177b9fe62733aaf0a9861945fb9a0f6bb930691430

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 16 Dec 2020 19:42:25 GMT
server
cloudflare
age
10676
cf-polished
origSize=107388
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
cf-ray
602bf2088e3f1f39-FRA
cf-request-id
070f55995600001f394daa6000000001
cf-bgj
minify
2WJLAA3XEJEILHCT5VZAJ3.js
s.adroll.com/pixel/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS/
Redirect Chain
  • https://d.adroll.com/pixel/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch...
  • https://s.adroll.com/pixel/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS/2WJLAA3XEJEILHCT5VZAJ3.js
4 KB
2 KB
Script
General
Full URL
https://s.adroll.com/pixel/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS/2WJLAA3XEJEILHCT5VZAJ3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
778b3b42db6282bcdcfefa31be80b454cf6cab2d19bde75fe6e8ae836dd4e7b7

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
OfIcJ8KYJLwCSX_AAOW9ddY2Fw5bBwzB
Content-Encoding
gzip
ETag
"ee442727ee6462de80d199851718b2fd"
x-amz-request-id
CQ6T0SCQ6Q2V3V1W
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
1584
x-amz-id-2
r5XYkBWUYAa/l3tmHy1FcGVR+80lgXCWDdQcUIbdpup87s7kWJxuMdG/l8FmQyAQDR6hMOYvU3Q=
Last-Modified
Tue, 08 Dec 2020 23:41:17 GMT
Server
AmazonS3
Date
Wed, 16 Dec 2020 22:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
x-conversion-value
0.00
server
nginx/1.18.0
x-rule
*leadgeneration.com.au/*
date
Wed, 16 Dec 2020 22:47:19 GMT
x-segment-eid
2WJLAA3XEJEILHCT5VZAJ3
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://s.adroll.com/pixel/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS/2WJLAA3XEJEILHCT5VZAJ3.js
cache-control
no-store, no-cache, must-revalidate
x-segment-display-name
LGCO-All-Web-pages
x-pixel-eid
LCUS7WBMZVAFLO4YUQMTPS
x-segment-name
6f7b7a3c
x-advertisable-eid
WAP5A6HUS5GETA7YGSP4T6
content-length
0
x-conversion-currency
/
www.facebook.com/tr/
44 B
146 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1856523201036937&ev=Microdata&dl=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&rl=&if=false&ts=1608158839421&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Lead%20Express%20%7C%20Pay%20What%20You%20Can%22%2C%22meta%3Akeywords%22%3A%22Appointment%20setting%20company%20for%20B2B%2C%20Melbourne%20lead%20generation%2C%20Melbourne%20Appointment%20Setting%22%2C%22meta%3Adescription%22%3A%22Outsourced%20B2B%20appointment%20setting%20and%20lead%20generation%20in%20Melbourne%20.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Lead%20Express%20%7C%20Pay%20What%20You%20Can%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.30&r=stable&ec=1&o=30&fbp=fb.2.1608158838917.1592776096&it=1608158838755&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:19 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 16 Dec 2020 22:47:19 GMT
sendrolling.js
s.adroll.com/j/
9 KB
3 KB
Script
General
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: d.adroll.com
URL: https://d.adroll.com/pixel/WAP5A6HUS5GETA7YGSP4T6/LCUS7WBMZVAFLO4YUQMTPS?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&pv=2430598275.105478&cookie=&adroll_s_ref=&keyw=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding
gzip
ETag
"15441b08d0c4f93b1dd5f533cd361cd8"
x-amz-request-id
75B93B99450D9821
x-amz-server-side-encryption
AES256
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
2039
x-amz-id-2
LLXPK6WOd/JkL78v3IWpxVYE6WLY0eyso2S9SGWA5fuDVP/IFReKscAk0ef5FiAsTnpUaCbbaQA=
Last-Modified
Mon, 03 Feb 2020 20:32:06 GMT
Server
AmazonS3
Date
Wed, 16 Dec 2020 22:47:19 GMT
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://pixel.advertising.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPa748d0fd-3ff0-11eb-9c98-06...
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPa748d0fd-3ff0-11eb-9c98-06...
0
964 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPa748d0fd-3ff0-11eb-9c98-06f938124ce8&verify=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Dec 2020 22:47:19 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Date
Wed, 16 Dec 2020 22:47:19 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&_origin=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UPa748d0fd-3ff0-11eb-9c98-06f938124ce8&verify=true
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expiration=1639694839
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expiration=1639694839&C=1
43 B
1 KB
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expiration=1639694839&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Dec 2020 22:47:19 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Wed, 16 Dec 2020 22:47:19 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Dec 2020 22:47:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expiration=1639694839&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Wed, 16 Dec 2020 22:47:19 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expires=365
42 B
798 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&expires=365
pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.18.0
content-length
124
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&rdrctExp=true
0
477 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&rdrctExp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Wed, 16 Dec 2020 22:47:20 GMT
Cache-Control
no-cache
X-TraceId
4f7aab97cc1672d0d7e3e76dae3cdd49
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&rdrctExp=true
Date
Wed, 16 Dec 2020 22:47:19 GMT
X-TraceId
ebf62ab39e31bc0d0d26eea8f876386f
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
885 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection
close
Pragma
no-cache
Date
Wed, 16 Dec 2020 22:47:19 GMT
X-lat
Pug22012:0:488
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&gdpr=0&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.18.0
content-length
220
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
in
d.adroll.com/cm/r/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
519 B
Image
General
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.82.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-82-238.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.18.0
content-type
image/gif
content-length
42
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"

Redirect headers

date
Wed, 16 Dec 2020 22:47:19 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=0&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rtb-h
sync.taboola.com/sg/adroll-network/1/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
0
219 B
Image
General
Full URL
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

tbl-x-upstream
10.40.0.117:10213
date
Wed, 16 Dec 2020 22:47:19 GMT
server
nginx
x-fastly-to-nlb-rtt
18413

Redirect headers

location
https://sync.taboola.com/sg/adroll-network/1/rtb-h?taboola_hm=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.18.0
content-length
111
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGS...
  • https://eb2.3lift.com/xuid?mid=4714&xuid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
353 B
Image
General
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.81.184 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-81-184.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=4714&xuid=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
43 B
411 B
Image
General
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.126.158.103 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-158-103.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
bounce
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://ib.adnxs.com/setuid?entity=172&code=MjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 16 Dec 2020 22:47:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.147:80
AN-X-Request-Uuid
9f24c186-516c-4b8f-8b90-b3bcdd41c213
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 16 Dec 2020 22:47:19 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.41:80
AN-X-Request-Uuid
7cffdf06-d8cb-47c9-93a7-3e4e6cc531e7
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D172%26code%3DMjE1NjBmYWIxODJiYWQyNGU4NjIyY2E3NDVhMjZiN2Y
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://idsync.rlcdn.com/377928.gif?partner_uid=21560fab182bad24e8622ca745a26b7f
0
42 B
Image
General
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=21560fab182bad24e8622ca745a26b7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
148.207.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 16 Dec 2020 22:47:19 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

location
https://idsync.rlcdn.com/377928.gif?partner_uid=21560fab182bad24e8622ca745a26b7f
pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
cache-control
no-store, no-cache, must-revalidate
server
nginx/1.18.0
content-length
86
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=21560fab182bad24e8622ca745a26b7f
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=21560fab182bad24e8622ca745a26b7f
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=21560fab182bad24e8622ca745a26b7f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.199.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
via
1.1 google
server
OXGW/16.199.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=21560fab182bad24e8622ca745a26b7f
date
Wed, 16 Dec 2020 22:47:19 GMT
via
1.1 google
server
OXGW/16.199.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=0e5884bd463e87f5c01b448a7307c914-1608158839205&arrfrr=https%3A%2F%2Fpaywhatyoucan.leadgeneration.com.au%2F&xid_ch=f&advertisable=WAP5A6HUS5GETA7YGSP4T6&goog...
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=IVYPqxgrrSToYiynRaJrfw
  • https://d.adroll.com/cm/g/in
42 B
536 B
Image
General
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.82.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-82-238.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://paywhatyoucan.leadgeneration.com.au/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
server
nginx/1.18.0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Wed, 16 Dec 2020 22:47:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://d.adroll.com/cm/g/in
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| __cfQR function| $ function| jQuery object| lp object| ub object| module string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| gtag object| dataLayer string| boxToAppend string| headerOrFooter object| backgroundCSS object| colorOverlayCSS object| childrenCSS object| boxParent object| boxClone string| adroll_adv_id string| adroll_pix_id boolean| __cfRLUnblockHandlers boolean| __adroll_loaded object| CE2 string| CE_USER_DATA_URL object| google_tag_manager object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| google_tag_data function| _googWcmImpl string| _googWcmAk object| gaplugins object| gaGlobal object| gaData function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| google_js_reporting_queue number| google_srt function| _googWccDebug function| _googCallTrackingImpl function| _gaPhoneImpl string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback object| adroll_exp_list object| CE2BH function| __cmp boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars string| adroll_seg_eid

5 Cookies

Domain/Path Name / Value
.leadgeneration.com.au/ Name: ubvt
Value: 162.158.94.2311609555894068051
paywhatyoucan.leadgeneration.com.au/ Name: ubvs
Value: 162.158.94.2311609555894068051
paywhatyoucan.leadgeneration.com.au/ Name: ubrs
Value: weighted
paywhatyoucan.leadgeneration.com.au/ Name: ubpv
Value: d%2C26d62ad1-5042-4155-9a03-18a55d3e9b64
.leadgeneration.com.au/ Name: __cfduid
Value: d2fa74c60422b4ba4065ce20fe6ab5d141608158838

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
ajax.cloudflare.com
ajax.googleapis.com
builder-assets.unbounce.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
dsum-sec.casalemedia.com
eb2.3lift.com
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
paywhatyoucan.leadgeneration.com.au
pixel.advertising.com
pixel.rubiconproject.com
s.adroll.com
script.crazyegg.com
simage2.pubmatic.com
stats.g.doubleclick.net
sync.outbrain.com
sync.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
141.226.228.48
143.204.214.226
172.217.16.130
18.156.0.31
18.158.81.184
185.64.189.110
2.18.233.40
2.18.234.21
2600:9000:21f3:da00:1d:11cf:5800:93a1
2606:4700:3031::6818:60f8
2606:4700::6810:a723
2606:4700::6813:9308
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2003
2a00:1450:4001:802::200a
2a00:1450:4001:806::2004
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2004
2a00:1450:4001:817::2003
2a00:1450:4001:81b::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c06::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.124.119.192
3.126.158.103
34.120.207.148
34.224.248.58
34.98.64.218
37.252.172.45
52.18.82.238
63.35.200.21
64.202.112.63
69.173.144.165
99.86.7.82
0983003c2827bd0b24985d096cb40456780a70afc96c5913bf1217529c18254b
0a5f3100e624ac83f6be30523b214b74b51ab5f47a27d8a5dba74a5b1df42d3f
0b68798e4ad5688db34db46583bb151e5c191cf8cb5431b9cdb8d8a2f1cf60ea
0c0b6ee7e6952962b33ddb3310db12e86efdbbc4987ba3cc878684e1c5ee1a63
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
146713f310842933dc62d2bed7f0eaaf8a9cf3cdf72fd37610ef51e58378c8dc
19f4bca45f0b65d04e7e833436bda2ffc929ecd65ee933c224821ad47f9f7006
1b609f2c83c9509566e6d1177b9fe62733aaf0a9861945fb9a0f6bb930691430
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
209ff0877dff8193b0f2d1ad9d70d22967906668c52d0c5ea712d6df5e53e6fa
2b003845723f5e906f9477a9e2f5f32a353d2dcc68d1ef1dcaee176696f527d2
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
4a5c6bbe25f10b8c56a9d58bb7a3a957992fc1800b633dd010df58b55f558dae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f54152ed7565e500db1572c42c69f23247f6eaeec8feb458d4af38d99cb5232
5006ba2d8351dcf9f5ff9e30a5f2ea38b646bd991608358eb5efbf03edf93994
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c6e41cab44d3fc8958df6b852e4e728360a81d7a5fc3079b36e677cc07f8edb
778b3b42db6282bcdcfefa31be80b454cf6cab2d19bde75fe6e8ae836dd4e7b7
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7e05da544a93b639782cb0974f5dacbfc36b60d40622f680e3383ec581243ca4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a71c8749cc0bb450f96766d4cab3b2b9c4d5a9b30c3683f3a5863d8d2ed9c9a
8c029df55c408aa332bf1a15aec9154ebc90b17b68901d16a6e688de06e4f6e6
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
98c404d9d6d0bad707bb6852aa1242550bc15293eade1d22b0462f92e9c9de2b
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9c983018bce6a6174b8d664ee6fa43c09a871d0872148acd020b52082231cdd9
a868f14c442cd0733d25c3a6da275ece604d092368bba216f34ab1ee86f7ee7f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
b985e45fe6e2705eb388e08a247418ba2e381704efbfb154c06a4e730ba10ad0
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2cb2cc5345c71f30b0ce56069cfe0bdf65eb061228333d27ba0e7388748636a
ca2da106d383d2260732063be3532db7bfd861b3fcc55e61bf741ba4cfb1be6c
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cbce85e96b7752208ce15a09ea4d5a58b792edc9e77f1c5ccf46c01935970f9d
d4762bbdf73408777dc886ffe61d98654a39456cc19284fcec395a56c54518e1
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
db1d9acaa6467cad25c5f17c21f7618379f2711c7f604b6faf6396155b095567
e218fd32aa001ecf43ab42bcb78ecf2e65a3092e2126d9fc9d08bd38a133fa26
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e77f8d3e6dd4623d2044fee9a03f5807b45ef98d8eca70ffdf4029eeb8538337
ee0af9cb821e3b90c73da380ca1ea46a9568f50635facf5e263d0044c9124c9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52