urlscan.io logo urlscan.io
SecurityTrails logo

lopay.safelanding.marketing Open in urlscan Pro
3.10.163.40  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.lopay.safelanding.marketing/
Effective URL: https://lopay.safelanding.marketing/
Submission: On January 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 25 HTTP transactions. The main IP is 3.10.163.40, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is lopay.safelanding.marketing.
TLS certificate: Issued by R3 on December 2nd 2023. Valid for: 3 months.
This is the only time lopay.safelanding.marketing was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

9    3.10.163.40 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: esther.servers.webworksdesign.co.uk
www.lopay.safelanding.marketing
lopay.safelanding.marketing
www.webworksdesign.co.uk
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
4    2607:f8b0:4004:c1d::68 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4004:c0b::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2607:f8b0:4004:c19::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2607:f8b0:4004:c1d::65 (Washington, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4004:c07::5e (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
7 safelanding.marketing
www.lopay.safelanding.marketing
lopay.safelanding.marketing
218 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
460 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
33 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
153 KB
2 webworksdesign.co.uk
www.webworksdesign.co.uk
4 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
185 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
262 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
5 KB
25 9
Domain Requested by
6 lopay.safelanding.marketing lopay.safelanding.marketing
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com lopay.safelanding.marketing
www.gstatic.com
www.google.com
2 fonts.gstatic.com www.google.com
2 connect.facebook.net lopay.safelanding.marketing
connect.facebook.net
2 www.googletagmanager.com lopay.safelanding.marketing
www.googletagmanager.com
2 www.webworksdesign.co.uk lopay.safelanding.marketing
1 www.facebook.com lopay.safelanding.marketing
1 www.google-analytics.com www.googletagmanager.com
1 cdn.jsdelivr.net lopay.safelanding.marketing
1 www.lopay.safelanding.marketing 1 redirects
25 11

This site contains no links.

Subject Issuer Validity Valid
mail.safelanding.marketing
R3		 2023-12-02 -
2024-03-01		 3 months crt.sh
www.webworksdesign.co.uk
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-10-11 -
2024-01-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://lopay.safelanding.marketing/
Frame ID: 952CD1017993C3A7D95504E6E3A2DC29
Requests: 17 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
Frame ID: FFC607496AB4FFBF87FADA1E30BBB163
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home

Page URL History Show full URLs

  1. https://www.lopay.safelanding.marketing/ HTTP 301
    https://lopay.safelanding.marketing/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <[^>]+class="[^"]*(?:uk-container|uk-section)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

25
Requests

100 %
HTTPS

89 %
IPv6

9
Domains

11
Subdomains

9
IPs

2
Countries

961 kB
Transfer

2726 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.lopay.safelanding.marketing/ HTTP 301
    https://lopay.safelanding.marketing/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lopay.safelanding.marketing/
Redirect Chain
  • https://www.lopay.safelanding.marketing/
  • https://lopay.safelanding.marketing/
19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.163.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
esther.servers.webworksdesign.co.uk
Software
LiteSpeed /
Resource Hash
d7566f280852fb6ac9f8b60b8279be356042f52cd46dfbd2d8e4bd52a99929a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 Jan 2024 22:42:47 GMT
link
<https://lopay.safelanding.marketing/wp-json/>; rel="https://api.w.org/" <https://lopay.safelanding.marketing/wp-json/wp/v2/pages/76>; rel="alternate"; type="application/json" <https://lopay.safelanding.marketing/>; rel=shortlink
referrer-policy
unsafe-url
server
LiteSpeed
strict-transport-security
max-age=31536000
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 01 Jan 2024 22:42:46 GMT
location
https://lopay.safelanding.marketing/
referrer-policy
unsafe-url
server
LiteSpeed
strict-transport-security
max-age=31536000
x-redirect-by
WordPress
86b51753548d8df94abba0cfda374bc3.css
lopay.safelanding.marketing/wp-content/cache/jch-optimize/css/ 		103 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lopay.safelanding.marketing/wp-content/cache/jch-optimize/css/86b51753548d8df94abba0cfda374bc3.css
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.163.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
esther.servers.webworksdesign.co.uk
Software
LiteSpeed /
Resource Hash
c3379f6666a7b82fc27c10049588c7070d9d0cc1373f19788c7a957f9f39dd08
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none';
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:47 GMT
content-encoding
br
referrer-policy
unsafe-url
strict-transport-security
max-age=31536000
last-modified
Mon, 01 Jan 2024 22:39:20 GMT
server
LiteSpeed
content-security-policy
default-src 'self'; script-src 'none';
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
13089
expires
Mon, 08 Jan 2024 22:42:47 GMT
94acc3a1a1b8ea8c2feb55731fb89b2c.css
lopay.safelanding.marketing/wp-content/cache/jch-optimize/css/ 		296 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lopay.safelanding.marketing/wp-content/cache/jch-optimize/css/94acc3a1a1b8ea8c2feb55731fb89b2c.css
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.163.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
esther.servers.webworksdesign.co.uk
Software
LiteSpeed /
Resource Hash
8cf1f66c7353d71bc32a58be2315a408790cb1e85879052db780c7d0a055e8b0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none';
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:47 GMT
content-encoding
br
referrer-policy
unsafe-url
strict-transport-security
max-age=31536000
last-modified
Mon, 01 Jan 2024 22:39:20 GMT
server
LiteSpeed
content-security-policy
default-src 'self'; script-src 'none';
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
31880
expires
Mon, 08 Jan 2024 22:42:47 GMT
2d946001f14a677e87b3b3c8f46ccff2.js
lopay.safelanding.marketing/wp-content/cache/jch-optimize/js/ 		293 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lopay.safelanding.marketing/wp-content/cache/jch-optimize/js/2d946001f14a677e87b3b3c8f46ccff2.js
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.163.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
esther.servers.webworksdesign.co.uk
Software
LiteSpeed /
Resource Hash
d03c24953567f3f682309ada297d61881d32a5f260da43dd833b819e73128b21
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none';
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:47 GMT
content-encoding
br
referrer-policy
unsafe-url
strict-transport-security
max-age=31536000
last-modified
Mon, 01 Jan 2024 22:42:47 GMT
server
LiteSpeed
content-security-policy
default-src 'self'; script-src 'none';
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 08 Jan 2024 22:42:47 GMT
lite-yt-embed.css
www.webworksdesign.co.uk/templates/yootheme_webworks/src/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.webworksdesign.co.uk/templates/yootheme_webworks/src/lite-yt-embed.css
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.163.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
esther.servers.webworksdesign.co.uk
Software
LiteSpeed /
Resource Hash
f7d3e00d99f3ce33badc4c8c4597f020803e8be392db00f1ea4fbd128ec90caa
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none';
strict-transport-security
max-age=31536000
x-cached-by
JCH Optimize v8.0.4
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1144
referrer-policy
same-origin
last-modified
Tue, 25 Jan 2022 14:07:16 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public
accept-ranges
bytes
expires
Tue, 31 Dec 2024 22:42:47 GMT
lite-vimeo.js
cdn.jsdelivr.net/npm/@slightlyoff/lite-vimeo@0.1.1/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@slightlyoff/lite-vimeo@0.1.1/lite-vimeo.js
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b7d07820d3ac889ca281420fced0e702f1d92755528c607cd1ea776009a00e94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lopay.safelanding.marketing/
Origin
https://lopay.safelanding.marketing
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 01 Jan 2024 22:42:47 GMT
x-content-type-options
nosniff
content-encoding
br
age
2904504
x-jsd-version
0.1.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4238
x-served-by
cache-fra-eddf8230084-FRA, cache-nyc-kteb1890021-NYC
x-jsd-version-type
version
etag
W/"3352-4UfbYHAUtplg5Vt5V4LptrYV3l0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
lite-yt-embed.js
www.webworksdesign.co.uk/templates/yootheme_webworks/src/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.webworksdesign.co.uk/templates/yootheme_webworks/src/lite-yt-embed.js
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.10.163.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
esther.servers.webworksdesign.co.uk
Software
LiteSpeed /
Resource Hash
c306257c4cd69c27f69c5948429b5f14a754981787e5ddc6ec2db7e7615da561
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none';
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-security-policy
default-src 'self'; script-src 'none';
last-modified
Tue, 25 Jan 2022 14:07:16 GMT
server
LiteSpeed
strict-transport-security
max-age=31536000
x-cached-by
JCH Optimize v8.0.4
referrer-policy
same-origin
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public
accept-ranges
bytes
content-length
2125
expires
Tue, 31 Dec 2024 22:42:47 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&ver=1.2.2
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e2cbdaa6b6617e187d1eab15c672891e83ba997313e28e8e4f094377c7edcce7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 2024 22:42:47 GMT
gtm.js
www.googletagmanager.com/ 		173 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGBD3WD5
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6933cdf5e7496c51b3d1881bb180b60ecc4344553284d2ae4e860e1c3bf097f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64008
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 21:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 01 Jan 2024 22:42:48 GMT
font-a99c8706.woff2
lopay.safelanding.marketing/wp-content/themes/yootheme/fonts/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://lopay.safelanding.marketing/wp-content/themes/yootheme/fonts/font-a99c8706.woff2
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/wp-content/cache/jch-optimize/css/94acc3a1a1b8ea8c2feb55731fb89b2c.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.10.163.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
esther.servers.webworksdesign.co.uk
Software
LiteSpeed /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none';
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://lopay.safelanding.marketing/wp-content/cache/jch-optimize/css/94acc3a1a1b8ea8c2feb55731fb89b2c.css
Origin
https://lopay.safelanding.marketing
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:47 GMT
strict-transport-security
max-age=31536000
referrer-policy
unsafe-url
content-security-policy
default-src 'self'; script-src 'none';
last-modified
Wed, 11 Oct 2023 14:15:00 GMT
server
LiteSpeed
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
7884
expires
Mon, 08 Jan 2024 22:42:47 GMT
Layer_1-2-850e7143.webp
lopay.safelanding.marketing/wp-content/themes/yootheme/cache/85/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lopay.safelanding.marketing/wp-content/themes/yootheme/cache/85/Layer_1-2-850e7143.webp
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.10.163.40 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
esther.servers.webworksdesign.co.uk
Software
LiteSpeed /
Resource Hash
823924fe66e84cf2ba6b0038a22e8cc990275b706d035be455cd3b75eccaa968
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'none';
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:47 GMT
strict-transport-security
max-age=31536000
referrer-policy
unsafe-url
content-security-policy
default-src 'self'; script-src 'none';
last-modified
Wed, 11 Oct 2023 14:20:39 GMT
server
LiteSpeed
content-type
image/webp
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
60942
expires
Wed, 31 Jan 2024 22:42:47 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ 		503 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&ver=1.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lopay.safelanding.marketing/
Origin
https://lopay.safelanding.marketing
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 06:43:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 06:43:06 GMT
js
www.googletagmanager.com/gtag/ 		269 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XD41KPBFF6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGBD3WD5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3fdab62a9287a4b763c439497be879961092988e74141dbb515774bbf43dc53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91850
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 2024 22:42:48 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Jan 2024 22:42:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
nfwG9V0Fd7E8qWql7CROAFYXM22zoebJMmK9I9B+6jCgrdFTJx/PgEyi1IZEl4ZzS7i9Vl/mARTeSQi03H2Cmg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame FFC6 		40 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ed07a3043a8f93d36556e8d82e147045f43d57119995cd58302c33ddd3ede110
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PbKIlYdJ9hQNu-R-52vJTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://lopay.safelanding.marketing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-PbKIlYdJ9hQNu-R-52vJTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jan 2024 22:42:48 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
www.google-analytics.com/g/ 		0
262 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-XD41KPBFF6&gtm=45je3bt0v893049187z89169312779&_p=1704148967898&gcd=11l1l1l1l1&dma=0&cid=929596805.1704148968&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704148968&sct=1&seg=0&dl=https%3A%2F%2Flopay.safelanding.marketing%2F&dt=Home&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2319
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XD41KPBFF6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::65 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 01 Jan 2024 22:42:48 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lopay.safelanding.marketing
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
544467437660210
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/544467437660210?v=2.9.138&r=stable&domain=lopay.safelanding.marketing
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23c2781e51651d885e846a7e6aabd0fc3ae5e895757cc4de83e3c24b722c7134
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 01 Jan 2024 22:42:48 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
HInhkqeteKd7mqPTbSXanNt0B76hwOb4GXDCxEchPcZhJq5dYBBWQTNaEVq5WFWVc8Mr6f8HanIQ7cHI3aBFiA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame FFC6 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 20:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 20:18:11 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/ Frame FFC6 		503 KB
201 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 06:43:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205927
x-xss-protection
0
last-modified
Mon, 11 Dec 2023 05:01:12 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 31 Dec 2024 06:43:06 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=544467437660210&ev=PageView&dl=https%3A%2F%2Flopay.safelanding.marketing%2F&rl=&if=false&ts=1704148968470&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1704148968469.140278055&ler=empty&it=1704148968340&coo=false&rqm=GET
Requested by
Host: lopay.safelanding.marketing
URL: https://lopay.safelanding.marketing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lopay.safelanding.marketing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 01 Jan 2024 22:42:48 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
www.google.com/js/bg/ Frame FFC6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/kn2owPU74JTsOwTGty0aoUlXRSKSJihCWxBMzE3aLQs.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 18:49:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
445970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6851
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 26 Dec 2024 18:49:58 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame FFC6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c19::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/u-xcq3POCWFlCr3x8_IPxgPu/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 30 Dec 2023 06:14:36 GMT
x-content-type-options
nosniff
age
232092
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Sat, 06 Jan 2024 06:14:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FFC6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 09:58:09 GMT
x-content-type-options
nosniff
age
564279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Dec 2024 09:58:09 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame FFC6 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 20:00:23 GMT
x-content-type-options
nosniff
age
441745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Dec 2024 20:00:23 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame FFC6 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1d::68 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdRrQEpAAAAABEnq_MFPwWfCl1c9r57imzTXY51&co=aHR0cHM6Ly9sb3BheS5zYWZlbGFuZGluZy5tYXJrZXRpbmc6NDQz&hl=en&v=u-xcq3POCWFlCr3x8_IPxgPu&size=invisible&cb=aynlj3wb1k1n
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Mon, 01 Jan 2024 22:42:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 2024 22:42:48 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture undefined| $ function| jQuery function| UIkit function| UIkitCreative_hub object| $theme object| yootheme object| dataLayer object| gforms_recaptcha_recaptcha_strings object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| recaptcha object| closure_lm_919986 function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Domain/Path Name / Value
.safelanding.marketing/ Name: _ga
Value: GA1.1.929596805.1704148968
.safelanding.marketing/ Name: _ga_XD41KPBFF6
Value: GS1.1.1704148968.1.0.1704148968.0.0.0
.safelanding.marketing/ Name: _fbp
Value: fb.1.1704148968469.140278055

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
connect.facebook.net
fonts.gstatic.com
lopay.safelanding.marketing
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.lopay.safelanding.marketing
www.webworksdesign.co.uk
2607:f8b0:4004:c07::5e
2607:f8b0:4004:c0b::61
2607:f8b0:4004:c19::5e
2607:f8b0:4004:c1d::65
2607:f8b0:4004:c1d::68
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
2a04:4e42:200::485
3.10.163.40
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
23c2781e51651d885e846a7e6aabd0fc3ae5e895757cc4de83e3c24b722c7134
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
55052d853a3f144505dc773ef237ac838af312c0180ff293f7cf1a3847345eab
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6933cdf5e7496c51b3d1881bb180b60ecc4344553284d2ae4e860e1c3bf097f4
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
823924fe66e84cf2ba6b0038a22e8cc990275b706d035be455cd3b75eccaa968
8cf1f66c7353d71bc32a58be2315a408790cb1e85879052db780c7d0a055e8b0
927da8c0f53be094ec3b04c6b72d1aa149574522922628425b104ccc4dda2d0b
b7d07820d3ac889ca281420fced0e702f1d92755528c607cd1ea776009a00e94
c306257c4cd69c27f69c5948429b5f14a754981787e5ddc6ec2db7e7615da561
c3379f6666a7b82fc27c10049588c7070d9d0cc1373f19788c7a957f9f39dd08
d03c24953567f3f682309ada297d61881d32a5f260da43dd833b819e73128b21
d7566f280852fb6ac9f8b60b8279be356042f52cd46dfbd2d8e4bd52a99929a3
daf20b4dbc2ee9cc700e99c7be570105ecaf649d9c044adb62a2098cf4662d24
e2cbdaa6b6617e187d1eab15c672891e83ba997313e28e8e4f094377c7edcce7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed07a3043a8f93d36556e8d82e147045f43d57119995cd58302c33ddd3ede110
f3fdab62a9287a4b763c439497be879961092988e74141dbb515774bbf43dc53
f7d3e00d99f3ce33badc4c8c4597f020803e8be392db00f1ea4fbd128ec90caa