urlscan.io logo urlscan.io
SecurityTrails logo

www.payless.qa Open in urlscan Pro
23.227.38.74  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.payless.qa/
Effective URL: https://www.payless.qa/password
Submission: On January 09 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 4 countries across 8 domains to perform 23 HTTP transactions. The main IP is 23.227.38.74, located in Canada and belongs to CLOUDFLARENET, US. The main domain is www.payless.qa.
TLS certificate: Issued by R3 on January 9th 2021. Valid for: 3 months.
This is the only time www.payless.qa was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 23.227.38.74 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 151.101.65.195 54113 (FASTLY)
1 104.18.58.86 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
4 35.185.69.233 15169 (GOOGLE)
1 52.200.98.31 14618 (AMAZON-AES)
23 8
2    23.227.38.74 (Canada)

ASN13335 (CLOUDFLARENET, US)
www.payless.qa
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2a02:26f0:6c00:285::2e0b (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
cdn.shopify.com
1    151.101.65.195 (United States)

ASN54113 (FASTLY, US)
freeshippingbar.apps.avada.io
1    104.18.58.86 (United States)

ASN13335 (CLOUDFLARENET, US)
appdevelopergroup.co
1    2600:9000:20eb:de00:1:28b3:b280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.weglot.com
4    35.185.69.233 (United States)

ASN15169 (GOOGLE, US)
PTR: 233.69.185.35.bc.googleusercontent.com
monorail-edge.shopifysvc.com
1    52.200.98.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-98-31.compute-1.amazonaws.com
app-smartbadge.herokuapp.com
Domain Requested by
13 cdn.shopify.com www.payless.qa
cdn.shopify.com
4 monorail-edge.shopifysvc.com cdn.shopify.com
2 www.payless.qa 1 redirects
1 app-smartbadge.herokuapp.com cdn.shopify.com
1 cdn.weglot.com www.payless.qa
1 appdevelopergroup.co www.payless.qa
1 freeshippingbar.apps.avada.io www.payless.qa
1 fonts.googleapis.com www.payless.qa
23 8

This site contains no links.

Subject Issuer Validity Valid
www.payless.qa
R3		 2021-01-09 -
2021-04-09		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
cdn.shopify.com
Let's Encrypt Authority X3		 2020-11-12 -
2021-02-10		 3 months crt.sh
thecakewalk.in
GTS CA 1D2		 2020-12-13 -
2021-03-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-06 -
2021-07-06		 a year crt.sh
*.weglot.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-06 -
2022-01-25		 2 years crt.sh
monorail-edge.shopifysvc.com
R3		 2020-12-13 -
2021-03-13		 3 months crt.sh
*.herokuapp.com
DigiCert SHA2 High Assurance Server CA		 2020-06-15 -
2021-07-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.payless.qa/password
Frame ID: 8183B86EA13DAB0757EEADAEF308CD4E
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.payless.qa/ HTTP 302
    https://www.payless.qa/password Page URL

Detected technologies

Overall confidence: 25%
Detected patterns
  • html /<link[^>]+=['"]\/\/cdn\.shopify\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.weglot\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

23
Requests

100 %
HTTPS

38 %
IPv6

8
Domains

8
Subdomains

8
IPs

4
Countries

276 kB
Transfer

815 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.payless.qa/ HTTP 302
    https://www.payless.qa/password Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request password
www.payless.qa/
Redirect Chain
  • https://www.payless.qa/
  • https://www.payless.qa/password
21 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
23.227.38.74 , Canada, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f64e86e21bd9d277155bc77b18669b1e79bb8d7c13b28c1d800a0584c434821
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.payless.qa
:scheme
https
:path
/password
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 21:59:28 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
192
x-sorting-hat-shopid
52844953793
x-storefront-renderer-rendered
1
set-cookie
secure_customer_sig=; path=/; expires=Sun, 09 Jan 2022 21:59:28 GMT; secure; HttpOnly _orig_referrer=; Expires=Sat, 23-Jan-21 21:59:28 GMT; Domain=payless.qa; Path=/; HttpOnly _landing_page=%2Fpassword; Expires=Sat, 23-Jan-21 21:59:28 GMT; Domain=payless.qa; Path=/; HttpOnly _y=032cbbc1-472d-4fb3-8645-639ba61fa478; Expires=Sun, 09-Jan-22 21:59:28 GMT; Domain=payless.qa; Path=/ _shopify_y=032cbbc1-472d-4fb3-8645-639ba61fa478; Expires=Sun, 09-Jan-22 21:59:28 GMT; Domain=payless.qa; Path=/ _s=498c28e8-a6a1-4ec7-97b7-b9c1f284aeda; Expires=Sat, 09-Jan-21 22:29:28 GMT; Domain=payless.qa; Path=/ _shopify_s=498c28e8-a6a1-4ec7-97b7-b9c1f284aeda; Expires=Sat, 09-Jan-21 22:29:28 GMT; Domain=payless.qa; Path=/ _shopify_fs=2021-01-09T21%3A59%3A28Z; Expires=Sun, 09-Jan-22 21:59:28 GMT; Domain=payless.qa; Path=/
x-robots-tag
nofollow
x-alternate-cache-key
cacheable:508cf8c534f92967a7042bddf7c79347
x-cache
hit, server
x-frame-options
DENY
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-security-policy-report-only
worker-src 'none'; report-uri /csp-report
strict-transport-security
max-age=7889238
x-shopid
52844953793
x-shardid
192
vary
Accept
content-language
en
x-shopify-stage
production
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-request-id
eb069158-bd1a-4f5d-8de2-7bbda175f6af
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
cf-cache-status
DYNAMIC
cf-request-id
078ac26a9b0000c853763f8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
60f16cf0fdf0c853-AMS
content-encoding
br

Redirect headers

date
Sat, 09 Jan 2021 21:59:28 GMT
content-type
text/html; charset=utf-8
x-sorting-hat-podid
192
x-sorting-hat-shopid
52844953793
x-storefront-renderer-rendered
1
x-cache
allow
location
https://www.payless.qa/password
x-frame-options
DENY
content-security-policy
block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
content-security-policy-report-only
worker-src 'none'; report-uri /csp-report
strict-transport-security
max-age=7889238
x-shopid
52844953793
x-shardid
192
vary
Accept
x-shopify-stage
production
x-dc
gcp-us-central1,gcp-us-central1,gcp-us-central1
x-request-id
2c3c71b9-8a09-49d7-bdc3-e89437757ebe
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-xss-protection
1; mode=block
nel
{"report_to":"network-errors","max_age":2592000,"success_fraction":0.0001}
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/shopify"}]}
cf-cache-status
DYNAMIC
cf-request-id
078ac269cf0000c8538e29e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
60f16cefbb3cc853-AMS
css
fonts.googleapis.com/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Avenir%C2%AE+Next:300italic,400italic,500italic,600italic,700italic,800italic,100,200,300,400,500,600,700,800&subset=cyrillic-ext,greek-ext,latin,latin-ext,cyrillic,greek,vietnamese
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers
password.css
cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/password.css?v=8770516823487531244
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
8e900acf55bc3d9663e69f37bb685083fb9f89a4e354f456a250691e437e9ab8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
7477
x-xss-protection
1; mode=block
x-request-id
804217a
surrogate-key
mime-text/css source-ShopAssetsBackend segment2-142 segment4-36600 revision-bd6125a8f2c1c44f03883c7300caf5e87db5fdbd cdn-shopify-com-s-files-1-0528-4495-3793-t-2-assets-password-css shop-52844953793
last-modified
Tue, 05 Jan 2021 13:27:20 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/password.css>; rel="canonical"
expires
Sun, 09 Jan 2022 21:59:22 GMT
rt.custom.scss.css
cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/ 		70 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/rt.custom.scss.css?v=716270700706115441
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
29217ee619499a51ee9c037af6eed5711512c50f456ae5d18eb33dcfe51c3a1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
10969
x-xss-protection
1; mode=block
x-request-id
e7979bb9
surrogate-key
mime-text/css source-ShopAssetsBackend segment2-217 segment4-55658 revision-bc8925c3acd16b49d707da737b4ebadcbd384e9d cdn-shopify-com-s-files-1-0528-4495-3793-t-2-assets-rt-custom-scss-css shop-52844953793
last-modified
Tue, 05 Jan 2021 13:58:53 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/rt.custom.scss.css>; rel="canonical"
expires
Wed, 05 Jan 2022 13:58:52 GMT
jquery-2.1.4.min.js
cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/jquery-2.1.4.min.js?v=313557106959907739
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
29807
x-xss-protection
1; mode=block
x-request-id
e797aa03
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-47 segment4-12088 revision-bc8925c3acd16b49d707da737b4ebadcbd384e9d cdn-shopify-com-s-files-1-0528-4495-3793-t-2-assets-jquery-2-1-4-min-js shop-52844953793
last-modified
Tue, 05 Jan 2021 13:25:26 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/jquery-2.1.4.min.js>; rel="canonical"
expires
Wed, 05 Jan 2022 13:58:54 GMT
load_feature-24ff1222c9aa13bb217653c0d3ea28c40a796a280e6da29ad421eec2a6075c86.js
cdn.shopify.com/shopifycloud/shopify/assets/storefront/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-24ff1222c9aa13bb217653c0d3ea28c40a796a280e6da29ad421eec2a6075c86.js
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
24ff1222c9aa13bb217653c0d3ea28c40a796a280e6da29ad421eec2a6075c86
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.payless.qa
Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-east1
content-length
3072
x-xss-protection
1; mode=block
x-request-id
19edc
surrogate-key
mime-application/javascript source-GcsBackend segment2-43 segment4-11090 revision-bc8925c3acd16b49d707da737b4ebadcbd384e9d cdn-shopify-com-shopifycloud-shopify-assets-storefront-load_feature-24ff1222c9aa13bb217653c0d3ea28c40a796a280e6da29ad421eec2a607
last-modified
Fri, 16 Oct 2020 15:31:32 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-24ff1222c9aa13bb217653c0d3ea28c40a796a280e6da29ad421eec2a6075c86.js>; rel="canonical"
expires
Tue, 04 Jan 2022 22:15:38 GMT
payless_logo_final.jpg
cdn.shopify.com/s/files/1/0528/4495/3793/files/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.shopify.com/s/files/1/0528/4495/3793/files/payless_logo_final.jpg?v=1610110162
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
58eb50e72ffffb563e7cc7d9dd8833dcf065dd6e9d4fcdac5399922ae901be3c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
x-image
generated
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
50892
x-xss-protection
1; mode=block
x-request-id
80427a4
surrogate-key
mime-image/webp source-ShopAssetsBackend segment2-73 segment4-18878 revision-bd6125a8f2c1c44f03883c7300caf5e87db5fdbd cdn-shopify-com-s-files-1-0528-4495-3793-files-payless_logo_final-jpg shop-52844953793
last-modified
Sat, 09 Jan 2021 21:59:23 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0528/4495/3793/files/payless_logo_final.jpg>; rel="canonical"
expires
Sun, 09 Jan 2022 21:59:23 GMT
api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js
cdn.shopify.com/shopifycloud/shopify/assets/themes_support/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-east1
content-length
1828
x-xss-protection
1; mode=block
x-request-id
5b418b3
surrogate-key
mime-application/javascript source-GcsBackend segment2-144 segment4-36993 revision-a820c281ea902648af89fe979034c486938295ed cdn-shopify-com-shopifycloud-shopify-assets-themes_support-api-jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301
last-modified
Fri, 16 Oct 2020 15:50:09 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/api.jquery-e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f.js>; rel="canonical"
expires
Fri, 31 Dec 2021 16:40:08 GMT
option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js
cdn.shopify.com/shopifycloud/shopify/assets/themes_support/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
3087
x-xss-protection
1; mode=block
x-request-id
5346f64b
surrogate-key
mime-application/javascript source-GcsBackend segment2-104 segment4-26755 revision-a820c281ea902648af89fe979034c486938295ed cdn-shopify-com-shopifycloud-shopify-assets-themes_support-option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0d
last-modified
Fri, 16 Oct 2020 15:50:09 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/themes_support/option_selection-fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f.js>; rel="canonical"
expires
Sat, 01 Jan 2022 09:37:22 GMT
rt.application.js
cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/ 		309 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/rt.application.js?v=14984084796799920768
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
bd01e6b1f3883818a7aeada0f639740d1a4554c61c9238f3d3970efb95f58758
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
92001
x-xss-protection
1; mode=block
x-request-id
e797b869
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-36 segment4-9338 revision-bc8925c3acd16b49d707da737b4ebadcbd384e9d cdn-shopify-com-s-files-1-0528-4495-3793-t-2-assets-rt-application-js shop-52844953793
last-modified
Tue, 05 Jan 2021 13:27:20 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/rt.application.js>; rel="canonical"
expires
Wed, 05 Jan 2022 13:58:56 GMT
password.js
cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/ 		657 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/password.js?v=15862593058950166242
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f1100fff6a81f7d945403adeda5a7c4fada018a29e57d5ff636d0a40feaccee0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
307
x-xss-protection
1; mode=block
x-request-id
804259a
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-110 segment4-28172 revision-bd6125a8f2c1c44f03883c7300caf5e87db5fdbd cdn-shopify-com-s-files-1-0528-4495-3793-t-2-assets-password-js shop-52844953793
last-modified
Tue, 05 Jan 2021 13:25:44 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
timing-allow-origin
*
link
<https://cdn.shopify.com/s/files/1/0528/4495/3793/t/2/assets/password.js>; rel="canonical"
expires
Sun, 09 Jan 2022 21:59:23 GMT
trekkie.storefront.3b995b76a9cba1a19760ed489f09098cd04caaab.min.js
cdn.shopify.com/s/ 		68 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/s/trekkie.storefront.3b995b76a9cba1a19760ed489f09098cd04caaab.min.js
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1badc2b82450444a175806afbc24feb6bc0bfdb1f6b36a2b737e80ff31a14b35
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
15474
x-xss-protection
1; mode=block
x-request-id
1fe8de6
surrogate-key
mime-application/javascript source-ShopAssetsBackend segment2-52 segment4-13418 revision-83ab3fb7c55800dc90152e400da849b17b366cfa cdn-shopify-com-s-trekkie-storefront-3b995b76a9cba1a19760ed489f09098cd04caaab-min-js
last-modified
Wed, 06 Jan 2021 16:41:26 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
link
<https://cdn.shopify.com/s/trekkie.storefront.3b995b76a9cba1a19760ed489f09098cd04caaab.min.js>; rel="canonical"
expires
Thu, 06 Jan 2022 16:41:54 GMT
shop_events_listener-68ba3f1321f00bf07cb78a03841621079812265e950cdccade3463749ea2705e.js
cdn.shopify.com/shopifycloud/shopify/assets/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-68ba3f1321f00bf07cb78a03841621079812265e950cdccade3463749ea2705e.js
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
68ba3f1321f00bf07cb78a03841621079812265e950cdccade3463749ea2705e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-east1
content-length
2670
x-xss-protection
1; mode=block
x-request-id
46cce08a
surrogate-key
mime-application/javascript source-GcsBackend segment2-97 segment4-24868 revision-89fc30ee103c40108efc6ccb7fbea0db739ee59c cdn-shopify-com-shopifycloud-shopify-assets-shop_events_listener-68ba3f1321f00bf07cb78a03841621079812265e950cdccade3463749ea2705
last-modified
Fri, 30 Oct 2020 14:01:21 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952, immutable
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-68ba3f1321f00bf07cb78a03841621079812265e950cdccade3463749ea2705e.js>; rel="canonical"
expires
Thu, 04 Nov 2021 00:31:23 GMT
consent-tracking-api.js
cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/storefront/load_feature-24ff1222c9aa13bb217653c0d3ea28c40a796a280e6da29ad421eec2a6075c86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
31cbd4e5807052d12f9852faa706f76e88084c5bfa743a4d25b926827c9480b3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.payless.qa
Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-east1
content-length
1578
x-xss-protection
1; mode=block
x-request-id
b961fdc
surrogate-key
mime-application/javascript; charset=utf-8 source-GcsBackend segment2-34 segment4-8870 revision-4e92ee9bb3b86435037dda9af6fc736df54d597b cdn-shopify-com-shopifycloud-consent-tracking-api-v0-1-consent-tracking-api-js
last-modified
Mon, 14 Dec 2020 17:11:27 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/consent-tracking-api/v0.1/consent-tracking-api.js>; rel="canonical"
expires
Fri, 08 Jan 2021 19:49:23 GMT
avada-fsb.min.js
freeshippingbar.apps.avada.io/scripttag/ 		41 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freeshippingbar.apps.avada.io/scripttag/avada-fsb.min.js?shop=payless-qatar.myshopify.com
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd0f7ca253cc2d7ef4de4b6f1ed21c813766583866ad39a8952c0e5f8b211af7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31556926
content-encoding
br
last-modified
Sat, 09 Jan 2021 16:21:50 GMT
x-timer
S1610229569.039467,VS0,VE330
etag
"93849abcf515df8e67818625ca3c8acad6915dc147951440d660829a3edd6428-br"
x-served-by
cache-hhn4053-HHN
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=3600
date
Sat, 09 Jan 2021 21:59:29 GMT
accept-ranges
bytes
content-length
11437
x-cache-hits
0
smartbadge.js
appdevelopergroup.co/apps/smartbadge/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appdevelopergroup.co/apps/smartbadge/js/smartbadge.js?shop=payless-qatar.myshopify.com
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.58.86 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8b1827bf2ae769acc359decdc855df92a277cd34f3383a8a4a6d11c5fa55f39
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 21:59:29 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Dec 2020 18:05:53 GMT
server
cloudflare
x-server-cache
false
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wu7GTeDsBF216L5Ys8rqpEil%2BTee78sShX69cMGakUvg3aKemNNZ7vZ%2FKhbdz%2B%2BW3qVL2yrhSx6Tju%2FkoXl30f2Ozfis%2BoMNfJllarCFDx6ZZNx%2FzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
content-security-policy
upgrade-insecure-requests;
cf-ray
60f16cf67b90fa5c-AMS
cf-request-id
078ac26e060000fa5c2286e000000001
weglot_script_tag.js
cdn.weglot.com/ 		0
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.weglot.com/weglot_script_tag.js?shop=payless-qatar.myshopify.com
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:de00:1:28b3:b280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 09 Jan 2021 13:31:58 GMT
via
1.1 d8328954e51c0912a8419c1a67cea1dc.cloudfront.net (CloudFront)
last-modified
Tue, 09 Jun 2020 10:38:01 GMT
server
AmazonS3
age
30451
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
x-amz-version-id
null
cache-control
max-age=172800
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
content-length
0
x-amz-cf-id
bcW87FkaZpcs1n_bIm24iDS0MZXhDZmaPxiqW6dPGBqqzJVQZh7qCg==
shopify-boomerang-1.0.0.min.js
cdn.shopify.com/shopifycloud/boomerang/ 		91 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Requested by
Host: www.payless.qa
URL: https://www.payless.qa/password
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:285::2e0b , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2d86e67ffbd13f30d2f9e82a34dccf5f6a3619d8cf254354da2a6c0125016565
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":600,"failure_fraction":1.0,"success_fraction":0.0}
x-dc
gcp-us-central1
content-length
26441
x-xss-protection
1; mode=block
x-request-id
c9185327
surrogate-key
mime-application/javascript source-GcsBackend segment2-96 segment4-24675 revision-4e92ee9bb3b86435037dda9af6fc736df54d597b cdn-shopify-com-shopifycloud-boomerang-shopify-boomerang-1-0-0-min-js
last-modified
Wed, 28 Oct 2020 16:07:03 GMT
date
Sat, 09 Jan 2021 21:59:28 GMT
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://monorail-edge.shopifycloud.com/v1/reports/nel/20190325/imagery"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=3600, must-revalidate
accept-ranges
bytes
timing-allow-origin
*
link
<https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js>; rel="canonical"
expires
Fri, 07 Jan 2022 22:18:05 GMT
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
474 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.3b995b76a9cba1a19760ed489f09098cd04caaab.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.69.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.69.185.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Jan 2021 21:59:29 GMT
x-dc
gcp-us-east1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.payless.qa
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
f9a4e7e8-3ae6-417b-98d0-5d3057d5b54f
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
472 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.3b995b76a9cba1a19760ed489f09098cd04caaab.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.69.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.69.185.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Jan 2021 21:59:29 GMT
x-dc
gcp-us-east1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.payless.qa
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
acf2abaa-2010-48e6-b424-9000ce9c79a7
produce_batch
monorail-edge.shopifysvc.com/unstable/ 		0
473 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/unstable/produce_batch
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/s/trekkie.storefront.3b995b76a9cba1a19760ed489f09098cd04caaab.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.69.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.69.185.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Jan 2021 21:59:29 GMT
x-dc
gcp-us-east1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.payless.qa
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
26228545-bfad-4d6a-9ef5-fa43febcc15c
produce
monorail-edge.shopifysvc.com/v1/ 		0
472 B 		Other
General
Check archive.org
Download Go to
Full URL
https://monorail-edge.shopifysvc.com/v1/produce
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/boomerang/shopify-boomerang-1.0.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.185.69.233 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
233.69.185.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 09 Jan 2021 21:59:29 GMT
x-dc
gcp-us-east1
access-control-max-age
86400
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://www.payless.qa
access-control-allow-credentials
true
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-headers
User-Agent,Accept,Content-Type,X-Monorail-Edge-Event-Created-At-Ms,X-Monorail-Edge-Event-Sent-At-Ms,X-Monorail-Edge-Client-Message-Id,X-Monorail-Edge-Device-Install-Id,X-Monorail-Edge-Accept-Language,X-Monorail-Edge-Content-Language,X-Forwarded-For
content-length
0
x-request-id
b0ba741e-e220-4086-a18e-ea5ad34f8a6c
payless-qatar
app-smartbadge.herokuapp.com/getoptions/ 		16 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app-smartbadge.herokuapp.com/getoptions/payless-qatar
Requested by
Host: cdn.shopify.com
URL: https://cdn.shopify.com/shopifycloud/shopify/assets/shop_events_listener-68ba3f1321f00bf07cb78a03841621079812265e950cdccade3463749ea2705e.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.98.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-98-31.compute-1.amazonaws.com
Software
Cowboy / Express
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Referer
https://www.payless.qa/password
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 09 Jan 2021 21:59:30 GMT
Via
1.1 vegur
Server
Cowboy
X-Powered-By
Express
Etag
W/"10-H1fL0fGhztj2LTQkJAhBTA"
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Custom-Heade
Content-Length
16

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| Shopify object| __st boolean| ShopifyPaypalV4VisibilityTracking object| meta string| attr object| ShopifyAnalytics object| trekkie function| floatToString function| attributeToString undefined| aKeyValue undefined| aCouples object| Currency object| RoarCookie object| _0x2098 function| _0x4ff9 object| _0xfc47d6 object| $jscomp$this object| NProgress object| echo function| EventEmitter object| eventie function| imagesLoaded function| JQClass object| cookieStorage function| Blazy undefined| EasyZoom function| PhotoSwipe function| PhotoSwipeUI_Default function| anime function| _ object| _visit object| BOOMR function| SMBDG_finditems function| SMBDG_getAllproducts function| SMBDG_GonextStep function| SMBDG_checkbadge function| SMBDG_addbadge function| SMBDG_checkConditions function| SMBDG_hexToRgb function| SMBDG_start function| SMBDG_getreq function| SMBDG_getShopName function| SMBDG_Searcher object| _smbdg_badges string| _smbdg_shopid string| _smbdg_shopname object| _smbdg_css_ids string| _smbdg_pagetype object| _smbdg_global_handles object| _smbdg_global_products boolean| _smbdg_product_loads boolean| _smbdg_canactnow object| _smbdg_singleproductdata boolean| SMBDG_inited

8 Cookies

Domain/Path Name / Value
.payless.qa/ Name: _shopify_s
Value: 498c28e8-a6a1-4ec7-97b7-b9c1f284aeda
.payless.qa/ Name: _s
Value: 498c28e8-a6a1-4ec7-97b7-b9c1f284aeda
.payless.qa/ Name: _shopify_y
Value: 032cbbc1-472d-4fb3-8645-639ba61fa478
.payless.qa/ Name: _shopify_fs
Value: 2021-01-09T21%3A59%3A28Z
.payless.qa/ Name: _y
Value: 032cbbc1-472d-4fb3-8645-639ba61fa478
www.payless.qa/ Name: secure_customer_sig
Value:
.payless.qa/ Name: _orig_referrer
Value:
.payless.qa/ Name: _landing_page
Value: %2Fpassword

1 Console Messages

Source Level URL
Text
console-api log URL: https://freeshippingbar.apps.avada.io/scripttag/avada-fsb.min.js?shop=payless-qatar.myshopify.com(Line 9)
Message:
Avada FreeShipping Bar initialized

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-ancestors 'none'; upgrade-insecure-requests;
Strict-Transport-Security max-age=7889238
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-smartbadge.herokuapp.com
appdevelopergroup.co
cdn.shopify.com
cdn.weglot.com
fonts.googleapis.com
freeshippingbar.apps.avada.io
monorail-edge.shopifysvc.com
www.payless.qa
104.18.58.86
151.101.65.195
23.227.38.74
2600:9000:20eb:de00:1:28b3:b280:93a1
2a00:1450:4001:800::200a
2a02:26f0:6c00:285::2e0b
35.185.69.233
52.200.98.31
1badc2b82450444a175806afbc24feb6bc0bfdb1f6b36a2b737e80ff31a14b35
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
24ff1222c9aa13bb217653c0d3ea28c40a796a280e6da29ad421eec2a6075c86
29217ee619499a51ee9c037af6eed5711512c50f456ae5d18eb33dcfe51c3a1d
2d86e67ffbd13f30d2f9e82a34dccf5f6a3619d8cf254354da2a6c0125016565
31cbd4e5807052d12f9852faa706f76e88084c5bfa743a4d25b926827c9480b3
58eb50e72ffffb563e7cc7d9dd8833dcf065dd6e9d4fcdac5399922ae901be3c
68ba3f1321f00bf07cb78a03841621079812265e950cdccade3463749ea2705e
6f64e86e21bd9d277155bc77b18669b1e79bb8d7c13b28c1d800a0584c434821
8e900acf55bc3d9663e69f37bb685083fb9f89a4e354f456a250691e437e9ab8
a8b1827bf2ae769acc359decdc855df92a277cd34f3383a8a4a6d11c5fa55f39
bd01e6b1f3883818a7aeada0f639740d1a4554c61c9238f3d3970efb95f58758
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94e010e92e659b566dbc436fdfe5242764380e00398907a14955ba301a4749f
f1100fff6a81f7d945403adeda5a7c4fada018a29e57d5ff636d0a40feaccee0
fd0f7ca253cc2d7ef4de4b6f1ed21c813766583866ad39a8952c0e5f8b211af7
fe6b72c2bbdd3369ac0bfefe8648e3c889efca213baefd4cfb0dd9363563831f