primepay.com Open in urlscan Pro
2620:12a:8000::253 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www2.synchr.com/e3t/Ctc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-WJV7CgGkLW4xHBK18H2F...
Effective URL:
https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl...
Submission: On October 05 via api (October 5th 2022, 7:45:32 pm UTC) from US — Scanned from DE

Summary HTTP 88 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 42 IPs in 6 countries across 30 domains to perform 88 HTTP transactions. The main IP is 2620:12a:8000::253, located in United States and belongs to FASTLY, US. The main domain is primepay.com. The Cisco Umbrella rank of the primary domain is 667205.
TLS certificate: Issued by R3 on September 25th 2022. Valid for: 3 months.

This is the only time primepay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:671d	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
9	2620:12a:8000... 2620:12a:8000::253	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:b949	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.108.249.7 13.108.249.7	14340 (SALESFORCE) (SALESFORCE)
2	85.222.140.10 85.222.140.10	14340 (SALESFORCE) (SALESFORCE)
1	2a00:1450:400... 2a00:1450:400d:807::200a	15169 (GOOGLE) (GOOGLE)
1	162.159.152.17 162.159.152.17	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:a852	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.222.139.53 52.222.139.53	16509 (AMAZON-02) (AMAZON-02)
2	52.217.138.144 52.217.138.144	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:5705	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.234.135.87 34.234.135.87	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
3	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9973	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2 3	3.220.203.163 3.220.203.163	14618 (AMAZON-AES) (AMAZON-AES)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a02:26f0:11a... 2a02:26f0:11a::6867:4868	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
1	2606:4700:20:... 2606:4700:20::681a:6b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.108.249.135 13.108.249.135	14340 (SALESFORCE) (SALESFORCE)
1	143.204.215.118 143.204.215.118	16509 (AMAZON-02) (AMAZON-02)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1	13.110.40.53 13.110.40.53	14340 (SALESFORCE) (SALESFORCE)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
2	52.54.96.194 52.54.96.194	14618 (AMAZON-AES) (AMAZON-AES)
2	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
88	42

2 2606:2c40::c73c:671d (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

www2.synchr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2620:12a:8000::253 (United States)

ASN54113 (FASTLY, US)

primepay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b949 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.108.249.7 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ord.la1-c2-ord.salesforceliveagent.com

c.la1c1.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.222.140.10 (United States)

ASN14340 (SALESFORCE, US)
PTR: sledge2-fra.slb.sfdcsvc.net

support.primepay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.152.17 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

a.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a852 (United States)

ASN13335 (CLOUDFLARENET, US)

ws.zoominfo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-53.ams50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.217.138.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5705 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.234.135.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-135-87.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9973 (United States)

ASN13335 (CLOUDFLARENET, US)

tags.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.220.203.163 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-203-163.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:11a::6867:4868 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:6b4 (United States)

ASN13335 (CLOUDFLARENET, US)

browser-update.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

perf.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.108.249.135 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl4-ord.la1-c2-ord.salesforceliveagent.com

d.la1c1.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-118.fra53.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.110.40.53 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl9-ncg1-c6-iad5.la1-c1-ia5.salesforceliveagent.com

d.la1-c1-ia5.salesforceliveagent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.96.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-96-194.compute-1.amazonaws.com

pi.pardot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	gstatic.com fonts.gstatic.com www.gstatic.com	674 KB
11	primepay.com primepay.com — Cisco Umbrella Rank: 667205 support.primepay.com	840 KB
8	google.com www.google.com — Cisco Umbrella Rank: 19	90 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	4 KB
4	clickagy.com 2 redirects tags.clickagy.com — Cisco Umbrella Rank: 14469 aorta.clickagy.com — Cisco Umbrella Rank: 2758 hemsync.clickagy.com Failed	15 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2144	61 KB
3	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 8144 perf.hsforms.com — Cisco Umbrella Rank: 20192	2 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 874 script.hotjar.com — Cisco Umbrella Rank: 1166 vars.hotjar.com — Cisco Umbrella Rank: 1268	70 KB
3	salesforceliveagent.com c.la1c1.salesforceliveagent.com — Cisco Umbrella Rank: 789331 d.la1c1.salesforceliveagent.com — Cisco Umbrella Rank: 962661 d.la1-c1-ia5.salesforceliveagent.com — Cisco Umbrella Rank: 21860	43 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	162 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 393	1 KB
2	pardot.com pi.pardot.com — Cisco Umbrella Rank: 7745	4 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	222 B
2	google.de www.google.de — Cisco Umbrella Rank: 3460	565 B
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 596 id.rlcdn.com — Cisco Umbrella Rank: 900	196 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	2 KB
2	amazonaws.com s3.amazonaws.com	730 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	111 KB
2	quora.com a.quora.com — Cisco Umbrella Rank: 9340 q.quora.com — Cisco Umbrella Rank: 4287	15 KB
2	synchr.com 1 redirects www2.synchr.com	4 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 720	18 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 859	394 B
1	t.co t.co — Cisco Umbrella Rank: 550	375 B
1	browser-update.org browser-update.org — Cisco Umbrella Rank: 10091	4 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 967	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
1	zoominfo.com ws.zoominfo.com — Cisco Umbrella Rank: 11496	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	1 KB
1	hsforms.net js.hsforms.net — Cisco Umbrella Rank: 12611	147 KB
88	30

	Domain	Requested by
10	www.gstatic.com	primepay.com www.google.com www.gstatic.com
10	fonts.gstatic.com	fonts.googleapis.com www.google.com primepay.com
9	primepay.com	www2.synchr.com primepay.com
8	www.google.com	js.hsforms.net primepay.com www.google.com www.gstatic.com
3	aorta.clickagy.com	2 redirects primepay.com
3	www.google-analytics.com	primepay.com
3	www.googletagmanager.com	primepay.com
2	bam.nr-data.net	primepay.com
2	pi.pardot.com	primepay.com
2	px.ads.linkedin.com	2 redirects
2	www.facebook.com	primepay.com
2	www.google.de	primepay.com
2	forms.hsforms.com	primepay.com
2	s3.amazonaws.com	primepay.com
2	connect.facebook.net	primepay.com
2	support.primepay.com	primepay.com
2	www2.synchr.com	1 redirects
1	js-agent.newrelic.com	primepay.com
1	d.la1-c1-ia5.salesforceliveagent.com	primepay.com
1	analytics.twitter.com	primepay.com
1	t.co	primepay.com
1	px4.ads.linkedin.com	primepay.com
1	www.linkedin.com	1 redirects
1	vars.hotjar.com	primepay.com
1	d.la1c1.salesforceliveagent.com	primepay.com
1	perf.hsforms.com	primepay.com
1	browser-update.org	primepay.com
1	static.ads-twitter.com	primepay.com
1	snap.licdn.com	primepay.com
1	googleads.g.doubleclick.net	primepay.com
1	id.rlcdn.com	primepay.com
1	idsync.rlcdn.com	primepay.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	primepay.com
1	www.googleadservices.com	primepay.com
1	tags.clickagy.com	primepay.com
1	script.hotjar.com	primepay.com
1	q.quora.com	primepay.com
1	static.hotjar.com	primepay.com
1	ws.zoominfo.com	primepay.com
1	a.quora.com	primepay.com
1	fonts.googleapis.com	primepay.com
1	c.la1c1.salesforceliveagent.com	primepay.com
1	js.hsforms.net	primepay.com
0	hemsync.clickagy.com Failed	primepay.com
88	45

This site contains links to these domains. Also see Links.

Domain
www.profitkeeper.com
www.synchr.com
support.primepay.com
login.primepay.com
www.facebook.com
twitter.com
instagram.com
www.linkedin.com
transparency-in-coverage.uhc.com

Subject Issuer	Validity	Valid
www2.synchr.com Cloudflare Inc ECC CA-3	`2022-05-20` - `2023-05-20`	a year	crt.sh
blog.primepay.com R3	`2022-09-25` - `2022-12-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
la1-c2-ord.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-03` - `2023-02-01`	a year	crt.sh
support.primepay.com Network Solutions OV Server CA 2	`2022-04-04` - `2023-04-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
quora.com R3	`2022-09-11` - `2022-12-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-15` - `2022-10-13`	3 months	crt.sh
zoominfo.com Cloudflare Inc ECC CA-3	`2022-05-04` - `2023-05-04`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quora.com R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.clickagy.com Amazon	`2021-12-15` - `2023-01-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
la1-c1-ia5.salesforceliveagent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-01`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
pi.pardot.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-08` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Frame ID: F884EA467063F03859A21E1B273EFB2F
Requests: 67 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9wcmltZXBheS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&badge=inline&cb=jmriza4fzpdr
Frame ID: F5C54833AE1B381CF04C9DFEDD3E9981
Requests: 7 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: BC44590DF1D25249528895E9C229DF5F
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Frame ID: 1D87F74FDA362A333BCD1F521A964FC8
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Privacy Policy | PrimePay

Page URL History Show full URLs

https://www2.synchr.com/e3t/Ctc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-... Page URL
https://www2.synchr.com/events/public/v1/encoded/track/tc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5... HTTP 307
https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Page Statistics

88
Requests

95 %
HTTPS

52 %
IPv6

30
Domains

45
Subdomains

42
IPs

6
Countries

3031 kB
Transfer

6621 kB
Size

40
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.profitkeeper.com/
Title: Profitkeeper

Search URL Search Domain Scan URL

URL: https://www.synchr.com/
Title: SyncHR

Search URL Search Domain Scan URL

URL: https://www.synchr.com/product/mid-market
Title: 50-149 Employees

Search URL Search Domain Scan URL

URL: https://support.primepay.com/s/
Title: Service & Support

Search URL Search Domain Scan URL

URL: https://login.primepay.com/
Title: Client Login

Search URL Search Domain Scan URL

URL: https://www.facebook.com/primepayus
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/PrimePay
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/PrimePay
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/primepay
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://transparency-in-coverage.uhc.com/
Title: Transparency in Coverage

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www2.synchr.com/e3t/Ctc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-WJV7CgGkLW4xHBK18H2FLMW8s-cCd5Hcf-NW4-zcCv7tRvghW3MSRt92qySgDV1DgDH66Mb5LW1l78c64HlMq3W83J7bX5HWbNXN1rcSQFL1hRPN2ktZjQtyDCJW61M46V35jTGGW1QJfZC9bL8YTVxq3xj579YB0W2yTJh-51yNRwN5GksTLC5hj4W1p-w2T5SGk6TW2kKyqv7GB5lT2Ql1 Page URL
https://www2.synchr.com/events/public/v1/encoded/track/tc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-WJV7CgGkLW4xHBK18H2FLMW8s-cCd5Hcf-NW4-zcCv7tRvghW3MSRt92qySgDV1DgDH66Mb5LW1l78c64HlMq3W83J7bX5HWbNXN1rcSQFL1hRPN2ktZjQtyDCJW61M46V35jTGGW1QJfZC9bL8YTVxq3xj579YB0W2yTJh-51yNRwN5GksTLC5hj4W1p-w2T5SGk6TW2kKyqv7GB5lT2Ql1?_ud=4a427cf8-9a96-430f-b36d-d9e808653856&_jss=1&_fl=8&_pl=3&_hc=4&_lg=en-US,en&_plt=Win32&_scr=1600,1200 HTTP 307
https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:ae176ccf7fd3ba03be43689839492cbc

Request Chain 43

https://aorta.clickagy.com/liveramp_redir HTTP 302
https://id.rlcdn.com/711861.gif

Request Chain 60

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=74640&time=1664999125915&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D74640%26time%3D1664999125915%26url%3Dhttps%253A%252F%252Fprimepay.com%252Fprivacy-policy%253F_hsmi%253D228140772%2526_hsenc%253Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=74640&time=1664999125915&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=74640&time=1664999125915&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&liSync=true&e_ipv6=AQKbcKom1Le9IgAAAYOprnTxYlatk7b2fnsBMxwiV3giLAbANA-85xxRpkzc89tJIQ

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-WJV7CgGkLW4xHBK18H2FLMW8s-cCd5Hcf-NW4-zcCv7tRvghW3MSRt92qySgDV1DgDH66Mb5LW1l78c64HlMq3W83J7bX5HWbNXN1rcSQFL1hRPN2ktZjQtyDCJW61M46V35jTGGW1QJfZC9...
www2.synchr.com/e3t/Ctc/ZQ+113/cjJtr04/ 9 KB
4 KB 311ms
228ms Document
text/html 2606:2c40::c73c:671d
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://www2.synchr.com/e3t/Ctc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-WJV7CgGkLW4xHBK18H2FLMW8s-cCd5Hcf-NW4-zcCv7tRvghW3MSRt92qySgDV1DgDH66Mb5LW1l78c64HlMq3W83J7bX5HWbNXN1rcSQFL1hRPN2ktZjQtyDCJW61M46V35jTGGW1QJfZC9bL8YTVxq3xj579YB0W2yTJh-51yNRwN5GksTLC5hj4W1p-w2T5SGk6TW2kKyqv7GB5lT2Ql1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:2c40::c73c:671d , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 7558a8228b1b90a0-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Wed, 05 Oct 2022 19:45:17 GMT
last-modified: Wed, 05 Oct 2022 19:45:17 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ%2FdfEm%2BIBlPqmxVDfkBi1M3R9%2BOMHdAhCBj3Yq6VO1LZnip1h19y%2FjaMlhSBPE10kAqHbjZFbDPMX3UkTzFUCTUIJmbK0FjbPNHdmrBiRgTVr2t54PIEYUPoT4H9GgaBa%2Bj23RogtT%2F5f3i9g%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-hs-https-only: worker
x-hubspot-correlation-id: 1088036d-1ec5-46fa-93e7-c6e60f576aa9
x-robots-tag: none

GET
H2

200

Primary Request privacy-policy Show response
primepay.com/
Redirect Chain

https://www2.synchr.com/events/public/v1/encoded/track/tc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-WJV7CgGkLW4xHBK18H2FLMW8s-cCd5Hcf-NW4-zcCv7tRvghW3MSRt92qySgDV1DgDH66Mb...
https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570

85 KB
30 KB

1561ms
1030ms

Document
text/html

2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570

Requested by

Host: www2.synchr.com
URL: https://www2.synchr.com/e3t/Ctc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-WJV7CgGkLW4xHBK18H2FLMW8s-cCd5Hcf-NW4-zcCv7tRvghW3MSRt92qySgDV1DgDH66Mb5LW1l78c64HlMq3W83J7bX5HWbNXN1rcSQFL1hRPN2ktZjQtyDCJW61M46V35jTGGW1QJfZC9bL8YTVxq3xj579YB0W2yTJh-51yNRwN5GksTLC5hj4W1p-w2T5SGk6TW2kKyqv7GB5lT2Ql1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

832df64411d91f2244dbe5a4f7058540c217e745023f66784de5ef9345984544

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www2.synchr.com/e3t/Ctc/ZQ+113/cjJtr04/VX9sBW3jJM59W4d1HLy5XMp4qW5BVC1m4QLmlBN6pj1VV2ZXMfV1-WJV7CgGkLW4xHBK18H2FLMW8s-cCd5Hcf-NW4-zcCv7tRvghW3MSRt92qySgDV1DgDH66Mb5LW1l78c64HlMq3W83J7bX5HWbNXN1rcSQFL1hRPN2ktZjQtyDCJW61M46V35jTGGW1QJfZC9bL8YTVxq3xj579YB0W2yTJh-51yNRwN5GksTLC5hj4W1p-w2T5SGk6TW2kKyqv7GB5lT2Ql1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=900, public
content-encoding: gzip
content-language: en
content-length: 30456
content-type: text/html; charset=UTF-8
date: Wed, 05 Oct 2022 19:45:19 GMT
etag: W/"1664999119"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 05 Oct 2022 19:45:19 GMT
permissions-policy: interest-cohort=()
server: nginx
strict-transport-security: max-age=300
vary: Accept-Encoding, Cookie, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-drupal-cache: MISS
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN
x-generator: Drupal 9 (https://www.drupal.org)
x-pantheon-styx-hostname: styx-fe1-b-6c9cbcc684-nlfnz
x-served-by: cache-chi-kigq8000158-CHI, cache-maa10241-MAA
x-styx-req-id: 3e308a33-44e6-11ed-978d-869eca759fc7
x-timer: S1664999119.364185,VS0,VE553
x-ua-compatible: IE=edge

Redirect headers

access-control-allow-credentials: false
cf-cache-status: MISS
cf-ray: 7558a8242d2a90a0-FRA
date: Wed, 05 Oct 2022 19:45:18 GMT
link: <https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570>; rel="canonical"
location: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0%2Bvb3Epxy8%2Fl62K12jfoeOvk8r9R5ZgSBPnJacEj7X3BptRR0yYj6aO3i%2BKzeO3Vnm3AtjzTjLL6ofxra48grgkT2t18leMJc4T5HWWk2ciJhtwEu4qV%2BJYAL7FxAe97c%2BK0K1TkGc5hS3LYg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: origin, Accept-Encoding
x-hs-https-only: worker
x-hubspot-correlation-id: cc991fc0-a94b-4758-8899-a72b4a489b71
x-robots-tag: none

GET
H2 200 css_V_JBZxo9GBY8DvTMIsbUBZiV7I0b22RB2PwFQZ-oo0g.css
primepay.com/sites/default/files/css/ 23 KB
6 KB 187ms
185ms Stylesheet
text/css 2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://primepay.com/sites/default/files/css/css_V_JBZxo9GBY8DvTMIsbUBZiV7I0b22RB2PwFQZ-oo0g.css

Requested by

Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

57f241671a3d18163c0ef4cc22c6d4059895ec8d1bdb6441d8fc05419fa8a348

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Fri, 01 Sep 2023 15:01:39 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 05 Oct 2022 19:45:20 GMT
age: 3041021
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-kczhb
content-length: 5326
x-served-by: cache-chi-kigq8000169-CHI, cache-maa10241-MAA
last-modified: Mon, 22 Aug 2022 06:40:38 GMT
server: nginx
traceparent: 00-fbebc699a7054ea1811994af294caeb4-b56257c8487848f3-00
x-timer: S1664999120.405926,VS0,VE1
etag: W/"630324e6-5a37"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: d0ffdc22-293d-11ed-ad05-8ee4ac9e3e01
x-cloud-trace-context: fbebc699a7054ea1811994af294caeb4/13070105586303518963;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css
primepay.com/sites/default/files/css/ 730 KB
172 KB 339ms
337ms Stylesheet
text/css 2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c142f33783c1bac3d8a615b6a0b675c169336e3a068016a35b2c3ec3412e559d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Fri, 08 Sep 2023 12:43:36 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 05 Oct 2022 19:45:20 GMT
age: 2444504
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-jxqqv
content-length: 175472
x-served-by: cache-chi-klot8100078-CHI, cache-maa10241-MAA
last-modified: Mon, 22 Aug 2022 06:40:30 GMT
server: nginx
traceparent: 00-5a3fa4e9509a41f399669e1e37816afb-9869892808c18393-00
x-timer: S1664999120.406052,VS0,VE1
etag: W/"630324de-b6629"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: b11089ce-2eaa-11ed-b47e-c2b4f5f5ff05
x-cloud-trace-context: 5a3fa4e9509a41f399669e1e37816afb/10982459971358262163;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 css_3s9V1DTrCrKu8faZs6FkpG4ke7lzTTHnJj1N56Tn2Rs.css
primepay.com/sites/default/files/css/ 62 KB
12 KB 240ms
239ms Stylesheet
text/css 2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://primepay.com/sites/default/files/css/css_3s9V1DTrCrKu8faZs6FkpG4ke7lzTTHnJj1N56Tn2Rs.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

decf55d434eb0ab2aef1f699b3a164a46e247bb9734d31e7263d4de7a4e7d91b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Fri, 29 Sep 2023 15:39:31 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 05 Oct 2022 19:45:20 GMT
age: 619549
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-5998bdf468-75wdb
content-length: 11715
x-served-by: cache-chi-kigq8000052-CHI, cache-maa10241-MAA
last-modified: Wed, 28 Sep 2022 15:39:30 GMT
server: nginx
traceparent: 00-3d105c8a98624a4aa1bbe2786abd629c-e1f248ae660eba62-00
x-timer: S1664999120.406150,VS0,VE1
etag: W/"63346ab2-f709"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: bec7d280-3f43-11ed-809d-bee073a653bd
x-cloud-trace-context: 3d105c8a98624a4aa1bbe2786abd629c/16281155516771514978;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 135ms
47ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5439787-1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c9ac7ae79389fe6c7898845c5b31933b7aa152344cc1dff6328eefeb7b4f522

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 Oct 2022 19:45:22 GMT

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 585 KB
147 KB 76ms
40ms Script
application/javascript 2606:4700::6811:b949
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b949 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d046e4d678e786ce2b1b678831d922df3a4bbc9f09b3d62e86e4a4e59d2c1edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:20 GMT
x-amz-version-id: uMshbzZrXXg0lQJUXLSuqS6CmMiCACqg
via: 1.1 2b7c8ceb84f453714fcea5cf4f7202c8.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: IAD55-P4
age: 85
x-amz-server-side-encryption: AES256
content-encoding: br
x-cache: Hit from cloudfront
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 04 Oct 2022 08:44:35 UTC
server: cloudflare
etag: W/"dbfa791df9cd31037aab20a93b3d7562"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMZyvZ3erIN0mMkwyalCnW44gvWXiffJYI%2F0Wq9AtMVr26mg6xG002nOIGtr0KiBL11qjpJQKNb3tZ8fZ%2BKgSw46SJW%2B7vns5fXmQj9t2wsPHfatvdJ%2F5U5iNZ4B2yP732fkZQZbzH7A8%2FVP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-control: s-maxage=600, max-age=300
cf-ray: 7558a8362f1b9b88-FRA
x-amz-cf-id: 5-KhI9fWSH6WEAMSY0z8rfvhixqmXSmTy20ydAZvayX7kYG77WkBRQ==
x-hs-target-asset: FormsNext/static-5.539/bundles/project_with_deps.js

GET
H2 200 js_2rzVHroe9eH5smasmi9Q20AhBPIwsIYLQ1W9J_NLEC0.js Show response
primepay.com/sites/default/files/js/ 973 KB
311 KB 359ms
359ms Script
application/x-javascript 2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://primepay.com/sites/default/files/js/js_2rzVHroe9eH5smasmi9Q20AhBPIwsIYLQ1W9J_NLEC0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

dabcd51eba1ef5e1f9b266ac9a2f50db402104f230b0860b4355bd27f34b102d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Thu, 24 Aug 2023 10:42:40 GMT
strict-transport-security: max-age=300
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Wed, 05 Oct 2022 19:45:20 GMT
age: 3747760
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-ntzl7
content-length: 316530
x-served-by: cache-chi-klot8100044-CHI, cache-maa10241-MAA
last-modified: Mon, 22 Aug 2022 06:40:33 GMT
server: nginx
traceparent: 00-8d304a777dac4e228405979d57a979bb-d5be3b0a9bf73c48-00
x-timer: S1664999120.406215,VS0,VE1
etag: W/"630324e1-f350b"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 500d97bd-22d0-11ed-8217-228ff55ce2ca
x-cloud-trace-context: 8d304a777dac4e228405979d57a979bb/15401812692406058056;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H/1.1 200
OK deployment.js Show response
c.la1c1.salesforceliveagent.com/content/g/js/36.0/ 41 KB
41 KB 2161ms
216ms Script
application/javascript 13.108.249.7
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL: https://c.la1c1.salesforceliveagent.com/content/g/js/36.0/deployment.js
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.108.249.7 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS: dcl3-ord.la1-c2-ord.salesforceliveagent.com
Software: Jetty /
Resource Hash: d0bbcf00d1e8c2a4e64153889b7f18c469fda01d4e1ca23fdcbdb970c0cd2248

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 19:45:22 GMT
Cache-Control: max-age=60, must-revalidate
Last-Modified: Fri, 23 Sep 2022 16:52:54 GMT
Server: Jetty
Accept-Ranges: bytes
Content-Length: 42079
Content-Type: application/javascript

GET
H/1.1 200
OK ChatWithSalesImg
support.primepay.com/resource/1506613077000/ 5 KB
6 KB 424ms
117ms Image
image/png 85.222.140.10
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.primepay.com/resource/1506613077000/ChatWithSalesImg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.140.10 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

sledge2-fra.slb.sfdcsvc.net

Software

sfdcedge /

Resource Hash

4ad9b483fdca36e6c2d51668844c558227ce1b1519ec4a5280ed933b14c86d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 19:45:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Thu, 28 Sep 2017 19:24:39 GMT
Server: sfdcedge
X-SFDC-Request-Id: e43c8fbc437acf2cd62da065024e40bc
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Content-Type: image/png
Cache-Control: public,max-age=3888000
Connection: keep-alive
Content-Length: 5292
X-XSS-Protection: 0
Expires: Sat, 19 Nov 2022 19:45:22 GMT

GET
H/1.1 200
OK Offline
support.primepay.com/resource/1458056220000/ 1 KB
2 KB 421ms
114ms Image
image/png 85.222.140.10
SALESFORCE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://support.primepay.com/resource/1458056220000/Offline

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

85.222.140.10 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

sledge2-fra.slb.sfdcsvc.net

Software

sfdcedge /

Resource Hash

9ae974afe2f80fde68f38d27863c0352d95ffbaf068968731876c576c0fecad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 19:45:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains
Last-Modified: Tue, 15 Mar 2016 15:37:00 GMT
Server: sfdcedge
X-SFDC-Request-Id: 380801f1378e65138d2f78c2916c697a
X-FRAME-OPTIONS: SAMEORIGIN
P3P: CP="CUR OTR STA"
Content-Type: image/png
Cache-Control: public,max-age=3888000,immutable
Connection: keep-alive
Content-Length: 1171
X-XSS-Protection: 0
Expires: Sat, 19 Nov 2022 19:45:22 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 139ms
69ms Stylesheet
text/css 2a00:1450:400d:807::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Arimo:400,700|Titillium+Web:200,300,400,600,700,900

Requested by

Host: primepay.com
URL: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d98f6f4c2c47780f3c68c44b95e10ee51dd957bb852b206d18adbb3176268436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Oct 2022 19:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 19:45:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Oct 2022 19:45:21 GMT

GET
H2 200 qevents.js Show response
a.quora.com/ 40 KB
15 KB 80ms
40ms Script
text/plain 162.159.152.17
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.quora.com/qevents.js
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.152.17 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:21 GMT
x-amz-version-id: vyBstMTGyA6m5sV66zq8xsypUg.tAOk.
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: ABWFWAK2P6Z86ST7
age: 5412314
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Lo6V6sS9dollZm991E+r9QS5ilIWlcul705lMiga2oQnz8bnT95jaa4X7qyu2MPUU2YNcD20ek4=
last-modified: Fri, 18 Mar 2022 00:16:52 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1647562609/ctime:1647562609/gid:150037/gname:ezhang/md5:47078e63380c6b0cbbfb6d8508b25ee7/mode:33204/mtime:1647562609/uid:150037/uname:ezhang
etag: W/"47078e63380c6b0cbbfb6d8508b25ee7"
vary: Accept-Encoding
content-type: text/plain
cache-control: public, max-age=14400
cf-ray: 7558a8402ccc9a2f-FRA
expires: Wed, 05 Oct 2022 23:45:21 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 39ms
10ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Oct 2022 19:45:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: fM+rsD4WnjPWUe/7OJ9Uyid+XG/lwE+cTTzN4XcSY1xLmfSuGZ4jNlFiyPwKYmJ9VpWoWMBP1RdsNqWNMNbcfQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6176f0d908a9730012fc0a80 Show response
ws.zoominfo.com/pixel/ 3 KB
2 KB 195ms
175ms Script
text/javascript 2606:4700::6810:a852
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ws.zoominfo.com/pixel/6176f0d908a9730012fc0a80

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a852 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

4985c715646b5d49689b14acefc99c70611c701347a8a357359ea987678c8a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 google
server: cloudflare
x-powered-by: Express
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7558a8400d89bb3e-FRA
access-control-allow-headers: Content-Type,cf-ipcountry,service-version,x-appengine-user-ip,x-forwarded-for, x-ws-collect-type

GET
H2 200 hotjar-134689.js Show response
static.hotjar.com/c/ 7 KB
3 KB 113ms
66ms Script
application/javascript 52.222.139.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-134689.js?sv=6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-53.ams50.r.cloudfront.net

Software

Resource Hash

3cbe8d0853f4e76911700dce0e18c6246216f7c11c6192ae668a1123e4031cd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 32f32412600ac6ef6d3d418a75accb72.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
etag: W/007e53be75d772f091f8f365d46fdf30
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9wxB9RG__JUTWcD3tjh43hIHpAZzv9BT2mBHsG4ESzQcGyVm24RfuA==

GET
H/1.1 200
OK prime-pay-logo.svg
s3.amazonaws.com/assets.primepay.com/ 9 KB
10 KB 319ms
115ms Image
image/svg+xml 52.217.138.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.primepay.com/prime-pay-logo.svg
Requested by: Host: primepay.com
URL: https://primepay.com/sites/default/files/css/css_3s9V1DTrCrKu8faZs6FkpG4ke7lzTTHnJj1N56Tn2Rs.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.138.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 350d57045665da321d361c8168c0a2feaf8da636caa9e4f285627b1d3d7fc674

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 19:45:23 GMT
Last-Modified: Thu, 09 Sep 2021 04:10:03 GMT
Server: AmazonS3
x-amz-request-id: 91F5B2MJ2ZAEKJ48
ETag: "d5c3c446dfb2d03c7b42a1d7505e52e4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 9502
x-amz-id-2: e/56yeY34+IyLirDz+K5W2EJqXirqGpP8gK0C78ywm3+1FcOJMUTJwcPr6IxLjwiSY/aK6BDw7U=

GET
H2 200 P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v27/ 18 KB
18 KB 40ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/arimo/v27/P5sMzZCDf9_T_10ZxCE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Titillium+Web:200,300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primepay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 16:55:16 GMT
x-content-type-options: nosniff
age: 10205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18260
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:03:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 16:55:16 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
13 KB 38ms
12ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffGjEGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Titillium+Web:200,300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primepay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 20:19:33 GMT
x-content-type-options: nosniff
age: 602748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12384
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:10:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 20:19:33 GMT

GET
H2 200 fa-light-300.woff2
primepay.com/themes/prime2019/webfonts/ 153 KB
154 KB 216ms
215ms Font
font/woff2 2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://primepay.com/themes/prime2019/webfonts/fa-light-300.woff2

Requested by

Host: primepay.com
URL: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

082425ce63442064f2acd182fcdac79ecbebdbfe2e392493ac9b1dc71a5c1842

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css
Origin: https://primepay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Mon, 28 Aug 2023 11:17:46 GMT
strict-transport-security: max-age=300
date: Wed, 05 Oct 2022 19:45:22 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-kdwpn
age: 3400055
x-cache: HIT, HIT
content-length: 156892
x-served-by: cache-chi-klot8100094-CHI, cache-maa10241-MAA
last-modified: Sat, 27 Aug 2022 07:09:58 GMT
server: nginx
traceparent: 00-e514d744b2574b0fb68136cb10360ff6-f6f82bf5203070cb-00
x-timer: S1664999122.025299,VS0,VE1
etag: "6309c346-264dc"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: e0e2fe0c-25f9-11ed-ae23-e23acb64d0f8
x-cloud-trace-context: e514d744b2574b0fb68136cb10360ff6/17796022259361542347;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 11

GET
H3 200 json Show response
forms.hsforms.com/embed/v3/form/2628689/fcc39c4d-eb4e-4973-8195-37e98502a649/ 5 KB
2 KB 157ms
144ms XHR
application/json 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2628689/fcc39c4d-eb4e-4973-8195-37e98502a649/json?hutk=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbced257021163ba26235bb2e6037ce019672312e31e68660d140f39efda7332

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/javascript
Referer: https://primepay.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-origin-hublet: na1
date: Wed, 05 Oct 2022 19:45:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 60a0e816-1193-42ec-bf9b-76db43972ab7
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
x-trace: 2BEDF2CD254F2F7A99F461B7DC0A8A718F1BF3A191000000000000000000
vary: origin
access-control-allow-methods: OPTIONS, GET
content-type: application/json;charset=utf-8
access-control-allow-origin: https://primepay.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
access-control-allow-credentials: false
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
access-control-allow-headers: *
cf-ray: 7558a8417c4d9118-FRA

OPTIONS
H2 200 json
forms.hsforms.com/embed/v3/form/2628689/fcc39c4d-eb4e-4973-8195-37e98502a649/ Frame 0
0 182ms
142ms Preflight
text/plain 2606:4700::6810:5705
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2628689/fcc39c4d-eb4e-4973-8195-37e98502a649/json?hutk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5705 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://primepay.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: x-requested-with
access-control-allow-methods: OPTIONS, GET
access-control-allow-origin: https://primepay.com
access-control-expose-headers: X-Origin-Hublet
access-control-max-age: 180
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7558a8407c10bb43-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 05 Oct 2022 19:45:22 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: origin
x-hubspot-correlation-id: 485c8eda-a640-4040-bfb8-27e32398bae0
x-robots-tag: none
x-trace: 2B76C77345A8806E8D420060FBADE812030DA4C94B000000000000000000

GET
H/1.1 200
OK homepage-bottom-meeting.jpg
s3.amazonaws.com/assets.primepay.com/ 720 KB
720 KB 312ms
121ms Image
image/jpeg 52.217.138.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/assets.primepay.com/homepage-bottom-meeting.jpg
Requested by: Host: primepay.com
URL: https://primepay.com/sites/default/files/css/css_3s9V1DTrCrKu8faZs6FkpG4ke7lzTTHnJj1N56Tn2Rs.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.138.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 832a92299fed490f297d7f046046348bbb3c44a9e1195b14fc394999b2ffe21b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 19:45:23 GMT
Last-Modified: Wed, 01 Sep 2021 06:01:43 GMT
Server: AmazonS3
x-amz-request-id: 91F3N3SGX16TKBQW
ETag: "f0c28d9da565f4c8dcee818285bcfc9d"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 737028
x-amz-id-2: BbBJycIFvABkYZukfsojlJmCVlvmWjR/s72q/KPxGZgZ4OTSbPKvzinryN7p1rSEXhyxQ9BSdAg=

GET
H2 200 pp-sprite-social-icons.png
primepay.com/themes/prime2019/images/ 4 KB
5 KB 192ms
192ms Image
image/png 2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://primepay.com/themes/prime2019/images/pp-sprite-social-icons.png

Requested by

Host: primepay.com
URL: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

34b49227fd47078426b973237180342ee50770552e0f60593269419c9bc6eb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Fri, 01 Sep 2023 17:47:34 GMT
strict-transport-security: max-age=300
date: Wed, 05 Oct 2022 19:45:22 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-p8892
age: 3031068
x-cache: HIT, HIT
content-length: 4469
x-served-by: cache-chi-klot8100070-CHI, cache-maa10241-MAA
last-modified: Mon, 29 Aug 2022 19:51:29 GMT
server: nginx
traceparent: 00-26d8b148a5ae4ba59fdf6b8fa14fd14c-349f6ff37cee26c1-00
x-timer: S1664999122.060269,VS0,VE4
etag: "630d18c1-1175"
content-type: image/png
x-styx-req-id: fe71bfe4-2954-11ed-8da2-9a8d884eb7cf
x-cloud-trace-context: 26d8b148a5ae4ba59fdf6b8fa14fd14c/3791872502832965313;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 25ms
20ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffHjDGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Titillium+Web:200,300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primepay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:25:28 GMT
x-content-type-options: nosniff
age: 1193
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11796
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 19:25:28 GMT

GET
H2 200 NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 25ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Titillium+Web:200,300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primepay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:24:57 GMT
x-content-type-options: nosniff
age: 1224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12372
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 19:24:57 GMT

GET
H2 200 NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2
fonts.gstatic.com/s/titilliumweb/v15/ 12 KB
12 KB 26ms
21ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/titilliumweb/v15/NaPDcZTIAOhVxoMyOr9n_E7ffBzCGItzYw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arimo:400,700|Titillium+Web:200,300,400,600,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://primepay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:25:04 GMT
x-content-type-options: nosniff
age: 1217
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12136
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:39:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 19:25:04 GMT

GET
H2 200 fa-regular-400.woff2
primepay.com/themes/prime2019/webfonts/ 142 KB
142 KB 207ms
205ms Font
font/woff2 2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://primepay.com/themes/prime2019/webfonts/fa-regular-400.woff2

Requested by

Host: primepay.com
URL: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

aa77031e11b6841941ff3781380ee63cb3cfd1098dffbb4f86771020fd09bffd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css
Origin: https://primepay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Fri, 01 Sep 2023 11:33:29 GMT
strict-transport-security: max-age=300
date: Wed, 05 Oct 2022 19:45:22 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-tcnrv
age: 3053512
x-cache: HIT, HIT
content-length: 145088
x-served-by: cache-chi-kigq8000147-CHI, cache-maa10241-MAA
last-modified: Mon, 29 Aug 2022 19:51:29 GMT
server: nginx
traceparent: 00-7e51e1e2dec646898c1239323c13313e-9e28405b0e490cdf-00
x-timer: S1664999122.067460,VS0,VE1
etag: "630d18c1-236c0"
content-type: font/woff2
access-control-allow-origin: *
x-styx-req-id: bc872c4e-2920-11ed-b933-1a4caa934dec
x-cloud-trace-context: 7e51e1e2dec646898c1239323c13313e/11396429616886910175;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 1, 11

GET
H2 200 menu-expanded.png
primepay.com/core/misc/ 106 B
469 B 220ms
219ms Image
image/png 2620:12a:8000::253
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://primepay.com/core/misc/menu-expanded.png

Requested by

Host: primepay.com
URL: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:12a:8000::253 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

71044970e802b0cf12ff5cb2e20a5910192e473a2968385f99c2987d3a4d0231

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/sites/default/files/css/css_wULzN4PBusPYphW2oLZ1wWkzbjoGgBajWyw-w0EuVZ0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires: Thu, 14 Sep 2023 12:52:54 GMT
strict-transport-security: max-age=300
date: Wed, 05 Oct 2022 19:45:22 GMT
via: 1.1 varnish, 1.1 varnish
x-pantheon-styx-hostname: styx-fe1-b-784cd8578b-pjzmt
age: 1925548
x-cache: HIT, HIT
content-length: 106
x-served-by: cache-chi-klot8100109-CHI, cache-maa10241-MAA
last-modified: Tue, 13 Sep 2022 06:37:29 GMT
server: nginx
traceparent: 00-3aa9309a86c748d98026a876e0ec90e4-6303ec93740a13d3-00
x-timer: S1664999122.103994,VS0,VE5
etag: "63202529-6a"
content-type: image/png
x-styx-req-id: fbfd042b-3362-11ed-9e8c-e643061e0bf2
x-cloud-trace-context: 3aa9309a86c748d98026a876e0ec90e4/7134806352736162771;o=0
cache-control: max-age=31622400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H3 200 1374940309465673 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 183ms
170ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1374940309465673?v=2.9.84&r=stable

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

67770f61e95240c82a3da5477a96dbc35f9f264916d50b2aec2cbd5b54ea9ed1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 05 Oct 2022 19:45:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: IW6T3/1K0gkovohfAUwfac3dJKuQyBL+XymwUuC8cE0x64nl13XB6lvky2uM+lLC9lohjrA1EVxeLzmHUleEAQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/5b6e47474f3d49b7896fc0d84f814ef5/ 43 B
419 B 413ms
103ms Image
image/gif 34.234.135.87
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/5b6e47474f3d49b7896fc0d84f814ef5/pixel?j=1&u=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&tag=ViewContent&ts=1664999122035

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.234.135.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-234-135-87.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 19:45:22 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,1ad7b35a82e75bb60609028f89971f95,10.0.0.129,26426,81.95.5.35,,66404535853,1,1664999122.397,0.002,,.,0,0,0.000,0.000,-,0,0,197,237,118,10,34729,,,,,,-,
Content-Type: image/gif

GET
H2 200 modules.cbd9768ba80ba0be5b17.js Show response
script.hotjar.com/ 254 KB
65 KB 64ms
8ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.cbd9768ba80ba0be5b17.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 18:47:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 89896
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66229
last-modified: Tue, 04 Oct 2022 18:46:48 GMT
etag: "483a48bedf96c50163b542fb95446039"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: YnLUt5sTofqdsO69gOIhXmX3RoYhVIjf-qp5fC9wxhq0Hm5C4f2dng==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 97ms
55ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4EV1CJ5EPY&l=dataLayer&cx=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a7e77eb65a3e79f0c0424791af5b9974d3b7519c8f8f29ccf8633e6e69e34d19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75043
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 05 Oct 2022 19:45:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 46ms
9ms Script
text/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 05 Oct 2022 19:01:59 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2603
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 05 Oct 2022 21:01:59 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 116 KB
46 KB 93ms
53ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-982882557&l=dataLayer&cx=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

768b478c9a069287e6317f393cd0480a778cb88b530cbcbb5af6e2d03a170c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46685
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 19:45:22 GMT

GET
H2 200 data.js Show response
tags.clickagy.com/ 38 KB
14 KB 124ms
87ms Script
application/javascript 2606:4700:4400::ac40:9973
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.clickagy.com/data.js?rnd=62fe5c0e6ad95
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:9973 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b05f32b262a8ddfa4c0322b0b4b376258b7996177b98d5a1e2b4585d20cba27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
x-amz-version-id: voLTTawX.GcVEDQiIRYzY2txm8P5Ii8i
content-encoding: gzip
cf-cache-status: DYNAMIC
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 86307
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 16 Sep 2022 04:12:14 GMT
server: cloudflare
etag: W/"9d3ea74a65932cc93f95029e15978232"
vary: Accept-Encoding
content-type: application/javascript
cf-ray: 7558a8416dfa9a09-FRA
x-amz-cf-id: szHlldMWBlY9Jw7oZYDuL87W4w8deyXiWbHQcYJ-d3VntTYf-rBgyw==

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 104 KB
41 KB 39ms
22ms Script
application/javascript 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WL68JQC&t=gtag_UA_5439787_1&cid=1706736569.1664999122

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f467c39ffecfe9235f2afdd2d7dacd20491e37c5ebf94079136123ce0d0a74f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41636
x-xss-protection: 0
last-modified: Wed, 05 Oct 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Oct 2022 19:45:22 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 15ms
15ms XHR
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=719066217&t=pageview&_s=1&dl=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&ul=en-us&de=UTF-8&dt=Privacy%20Policy%20%7C%20PrimePay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUADQAAAACAAI~&jid=359517289&gjid=1300591711&cid=1706736569.1664999122&tid=UA-5439787-1&_gid=2064804499.1664999122&_r=1&gtm=2oua30&z=1025285406

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://primepay.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 19:45:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://primepay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 186ms
99ms Script
text/javascript 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 19:45:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
440 B 69ms
24ms XHR
text/plain 2a00:1450:4025:401::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5439787-1&cid=1706736569.1664999122&jid=359517289&gjid=1300591711&_gid=2064804499.1664999122&_u=6GBAAUACQAAAACAAI~&z=1137582646

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://primepay.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Oct 2022 19:45:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://primepay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
336 B 40ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-4EV1CJ5EPY&gtm=2oea30&_p=719066217&cid=1706736569.1664999122&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664999122&sct=1&seg=0&dl=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&dt=Privacy%20Policy%20%7C%20PrimePay&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4EV1CJ5EPY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 19:45:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://primepay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 data Show response
aorta.clickagy.com/ 57 B
504 B 303ms
99ms XHR
application/json 3.220.203.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://aorta.clickagy.com/data
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.220.203.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-203-163.compute-1.amazonaws.com
Software: Aorta/20220929.37e3bd418 /
Resource Hash: df0ef9ec2a2b0f389449d043c37d81f76d570aba2cb7231263a4c9fbfb462c39

Request headers

Referer: https://primepay.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: gzip
server: Aorta/20220929.37e3bd418
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: https://primepay.com
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 1e53603ab151
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 82

GET hasHashes
hemsync.clickagy.com/external/ 0
0

GET
H2

451

420246.gif
idsync.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/pixel.gif?clkgypv=jstag
https://idsync.rlcdn.com/420246.gif?partner_uid=c:ae176ccf7fd3ba03be43689839492cbc

0
98 B

49ms
18ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ae176ccf7fd3ba03be43689839492cbc
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 05 Oct 2022 19:45:22 GMT
server: Aorta/20220929.37e3bd418
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ae176ccf7fd3ba03be43689839492cbc
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 849ada712432
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2

451

711861.gif
id.rlcdn.com/
Redirect Chain

https://aorta.clickagy.com/liveramp_redir
https://id.rlcdn.com/711861.gif

0
98 B

73ms
20ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/711861.gif
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Wed, 05 Oct 2022 19:45:22 GMT
server: Aorta/20220929.37e3bd418
expect: 0
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
location: https://id.rlcdn.com/711861.gif
access-control-allow-origin
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-aorta-region: us-east-1
x-aorta-host: 7aa4fa7f7c47
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
content-length: 0

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 1008 B
1023 B 49ms
19ms Script
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

46bb9e35692679c2ef79cbecf203f57c4f787510a76e98994176cfdfd22b8299

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 611
x-xss-protection: 1; mode=block
expires: Wed, 05 Oct 2022 19:45:22 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 73ms
50ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5439787-1&cid=1706736569.1664999122&jid=359517289&_u=6GBAAUACQAAAACAAI~&z=2113807590

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 19:45:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 81ms
51ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-5439787-1&cid=1706736569.1664999122&jid=359517289&_u=6GBAAUACQAAAACAAI~&z=2113807590

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 19:45:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ 392 KB
157 KB 39ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://primepay.com/
Origin: https://primepay.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 19:40:53 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/982882557/ 3 KB
2 KB 52ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/982882557/?random=1664999122422&cv=9&fst=1664999122422&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa30&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&tiba=Privacy%20Policy%20%7C%20PrimePay&auid=1914886590.1664999122&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d26561d6428df13caa01d7b70eb9f006f721a1a81d5ad54a047fb9ceccdfcd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 19:45:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1173
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 43ms
12ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1374940309465673&ev=PageView&dl=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&rl=&if=false&ts=1664999122458&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664999122457.445344414&it=1664999122028&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Oct 2022 19:45:22 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/982882557/ 42 B
64 B 45ms
25ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/982882557/?random=1664999122422&cv=9&fst=1664996400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa30&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&tiba=Privacy%20Policy%20%7C%20PrimePay&async=1&fmt=3&is_vtc=1&random=1862129816&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 19:45:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/982882557/ 42 B
64 B 40ms
21ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/982882557/?random=1664999122422&cv=9&fst=1664996400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oaa30&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&tiba=Privacy%20Policy%20%7C%20PrimePay&async=1&fmt=3&is_vtc=1&random=1862129816&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Oct 2022 19:45:22 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 18ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1374940309465673&ev=Microdata&dl=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&rl=&if=false&ts=1664999123960&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Privacy%20Policy%20%7C%20PrimePay%22%2C%22meta%3Adescription%22%3A%22At%20PrimePay%20we%20appreciate%20your%20concerns%20about%20privacy%20and%20confidentiality.%20Our%20clients%20have%20trusted%20us%20with%20their%20payroll%20needs%20since%201986%2C%20and%20it%20is%20important%20for%20us%20to%20maintain%20a%20high%20level%20of%20integrity.%20We%20want%20you%20to%20understand%20how%20we%20protect%20your%20privacy%2C%20your%20personal%2C%20and%20your%20business%20information.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1664999122457.445344414&it=1664999122028&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 05 Oct 2022 19:45:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 69ms
14ms Script
application/x-javascript 2a02:26f0:11a::6867:4868
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:4868 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:25 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=68280
accept-ranges: bytes
content-length: 3063

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 38ms
7ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kiad7000104-IAD, cache-hhn11532-HHN

GET
H2 200 update.min.js Show response
browser-update.org/ 9 KB
4 KB 60ms
30ms Script
application/javascript 2606:4700:20::681a:6b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://browser-update.org/update.min.js
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:6b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e1057306fafbd70e971802f1e9694deb1742445b88834b8ba3abe9bd27e06cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 04 Sep 2022 12:12:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 90303
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSHWZ3d0OkAvs%2ByiQXt9PMdCh4e%2FFfJRN4gfjgYPEOwryn7xw2WdxcOUCazbcVAZobVgG0FVL6mf%2BKjAI%2F55fGwXcVLI5CtFnKmhR3fsjqVlAPq4n9KMcOYtFcQmjtxAlgY5%2F3JklCqI%2BwRax3YIRA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
content-disposition: inline; filename=update.min.js
cf-ray: 7558a858be0191ea-FRA
expires: Wed, 05 Oct 2022 18:40:22 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/enterprise/ Frame F5C5 43 KB
22 KB 37ms
36ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9wcmltZXBheS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&badge=inline&cb=jmriza4fzpdr

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

913c291eac272410952e0ed4bd73e30e007d6866aa1ffc1154de533f1cfc9120

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2soyz1guBhseYlHTHZzenQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://primepay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22849
content-security-policy: script-src 'report-sample' 'nonce-2soyz1guBhseYlHTHZzenQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 19:45:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 counters.gif
perf.hsforms.com/embed/v3/ 35 B
477 B 488ms
444ms Image
image/gif 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=2628689

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-hubspot-correlation-id: 036822dd-d33e-438e-a5d7-0fcf847d4fc5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
last-modified: Wed, 05 Oct 2022 19:45:26 GMT
server: cloudflare
x-trace: 2BB140A34562D2CAB14C38C635F71ED014A55A9FA8000000000000000000
vary: origin, Accept-Encoding
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none
cf-ray: 7558a8590d386904-FRA

GET
H/1.1 200
OK MultiNoun.jsonp Show response
d.la1c1.salesforceliveagent.com/chat/rest/System/ 226 B
592 B 443ms
111ms Script
text/javascript 13.108.249.135
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1c1.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573F000000001ws]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572F000000001dX&org_id=00DA0000000aQT5&version=36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.108.249.135 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl4-ord.la1-c2-ord.salesforceliveagent.com

Software

Resource Hash

96af449f94d4ca1f4acc07e12f5d7dfe721de55efebe3b06b3cda6d5cc663a0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

GET
H2 200 box-69edcc3187336f9b0a3fbb4c73be9fe6.html Show response
vars.hotjar.com/ Frame BC44 2 KB
1 KB 44ms
17ms Document
text/html 143.204.215.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.118 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-118.fra53.r.cloudfront.net

Software

Resource Hash

867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://primepay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 123437
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 04 Oct 2022 09:28:08 GMT
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Tue, 04 Oct 2022 07:09:34 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
x-amz-cf-id: RHVj98XyLVfmKhmoH2WhR7wojIpxM4EEO0e4ibVrFbrLw0p5Y8Nnsg==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=74640&time=1664999125915&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafc...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D74640%26time%3D1664999125915%26url%3Dhttps%253A%252F%252Fprimepay.com%252Fprivacy...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=74640&time=1664999125915&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafc...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=74640&time=1664999125915&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Naf...

0
268 B

391ms
113ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=74640&time=1664999125915&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&liSync=true&e_ipv6=AQKbcKom1Le9IgAAAYOprnTxYlatk7b2fnsBMxwiV3giLAbANA-85xxRpkzc89tJIQ
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:26 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 2D428C8F77A14892908AE0C44087B506 Ref B: DUS30EDGE0818 Ref C: 2022-10-05T19:45:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqTtF+lOTR+i+Cv/Sxdw==

Redirect headers

date: Wed, 05 Oct 2022 19:45:25 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: BC6350523AB7494D91F650F3F122C0D3 Ref B: FRAEDGE1218 Ref C: 2022-10-05T19:45:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=74640&time=1664999125915&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&liSync=true&e_ipv6=AQKbcKom1Le9IgAAAYOprnTxYlatk7b2fnsBMxwiV3giLAbANA-85xxRpkzc89tJIQ
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqTtF4qqY6CSGd9qEDCw==

GET
H2 200 adsct
t.co/i/ 43 B
375 B 132ms
110ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=538d159b-9c67-4537-8116-58376e141d85&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b7b06bd-629a-4e6c-aefd-2a3e5323bd70&tw_document_href=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw3bv&type=javascript&version=2.3.27

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 102
date: Wed, 05 Oct 2022 19:45:25 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: c3a85cee9a306ce6
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 909ee508ff364aab5ed11de70d9f6d8348c72313d58caea430aee07e836f0c6f
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 133ms
112ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=538d159b-9c67-4537-8116-58376e141d85&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=8b7b06bd-629a-4e6c-aefd-2a3e5323bd70&tw_document_href=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw3bv&type=javascript&version=2.3.27

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 104
date: Wed, 05 Oct 2022 19:45:25 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d3bc58d940af6914
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f7748a84d588a2e4e5819c1a351ae02e283a3a444614e2c7b13ce33e9a7d9ab5
content-length: 43

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame F5C5 52 KB
24 KB 25ms
9ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9wcmltZXBheS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&badge=inline&cb=jmriza4fzpdr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 17:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 17:40:30 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame F5C5 392 KB
156 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 19:40:53 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F5C5 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 518717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 06 Oct 2022 19:40:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5C5 15 KB
15 KB 30ms
30ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 95925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F5C5 15 KB
15 KB 23ms
23ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 163447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/enterprise/ Frame F5C5 102 B
134 B 17ms
17ms Other
text/javascript 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9wcmltZXBheS5jb206NDQz&hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&size=invisible&badge=inline&cb=jmriza4fzpdr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 05 Oct 2022 19:45:26 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/enterprise/ Frame 1D87 7 KB
1 KB 20ms
20ms Document
text/html 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca17b3b3c89ce3d17dfaa4c393cc5be3be943caa7bacf52f2ac0c51cdccf22db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bn3lMIp9wFFhJ67Swvd-tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://primepay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1117
content-security-policy: script-src 'report-sample' 'nonce-Bn3lMIp9wFFhJ67Swvd-tw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 05 Oct 2022 19:45:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 1D87 52 KB
24 KB 11ms
11ms Stylesheet
text/css 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 17:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 17:40:30 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/ Frame 1D87 392 KB
156 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160114
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 04:02:34 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 19:40:53 GMT

GET
H/1.1 200
OK MultiNoun.jsonp Show response
d.la1-c1-ia5.salesforceliveagent.com/chat/rest/System/ 236 B
606 B 794ms
95ms Script
text/javascript 13.110.40.53
SALESFORCE

General

Check archive.org

Show headers Download Go to

Full URL

https://d.la1-c1-ia5.salesforceliveagent.com/chat/rest/System/MultiNoun.jsonp?nouns=VisitorId,Settings&VisitorId.prefix=Visitor&Settings.prefix=Visitor&Settings.buttonIds=[573F000000001ws]&Settings.updateBreadcrumb=1&Settings.urlPrefix=undefined&callback=liveagent._.handlePing&deployment_id=572F000000001dX&org_id=00DA0000000aQT5&version=36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.110.40.53 , United States, ASN14340 (SALESFORCE, US),

Reverse DNS

dcl9-ncg1-c6-iad5.la1-c1-ia5.salesforceliveagent.com

Software

Resource Hash

ed7afeeafa716af81f64344f10b7a3d9e3a851bae34b18d3b38035652b98a4f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma: no-cache
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: close
Expires: -1

POST
H3 200 reload Show response
www.google.com/recaptcha/enterprise/ Frame 1D87 39 KB
24 KB 85ms
84ms XHR
application/json 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dac3b447453f173a51e68c181d9791bc626a045915e619e67a15f3a4a271ebef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 05 Oct 2022 19:45:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24242
x-xss-protection: 1; mode=block
expires: Wed, 05 Oct 2022 19:45:26 GMT

GET
H3 200 canonical_car.png
www.gstatic.com/recaptcha/api2/ Frame 1D87 11 KB
11 KB 13ms
13ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/canonical_car.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:20:30 GMT
x-content-type-options: nosniff
age: 163496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11174
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Mon, 10 Oct 2022 22:20:30 GMT

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1D87 600 B
624 B 16ms
15ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 09:45:36 GMT
x-content-type-options: nosniff
age: 35990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 12 Oct 2022 09:45:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1D87 530 B
554 B 15ms
14ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 21:24:07 GMT
x-content-type-options: nosniff
age: 166879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Mon, 10 Oct 2022 21:24:07 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 1D87 665 B
689 B 15ms
14ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/a9s0j4pCVT6gaTEkLiFbtZPH/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 2824
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 12 Oct 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1D87 15 KB
15 KB 12ms
11ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 95925
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 04 Oct 2023 17:06:41 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1D87 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:56:17 GMT
x-content-type-options: nosniff
age: 150549
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Oct 2023 01:56:17 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1D87 15 KB
15 KB 15ms
14ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Mon, 03 Oct 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 163447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 Oct 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/enterprise/ Frame 1D87 41 KB
41 KB 18ms
18ms Image
image/jpeg 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/enterprise/payload?p=06AIIukzirors88u4aZaFW98EEdwt_T-uQUmXjh6C1pryjY0yhlb0jvfgayZUNNbDDJQkKO_dbUVZiBoZQ51AtuYlHe35dAacwxAyR2Q5GntJzDIdiPLsntj_4BqWgYvB1PhnFHPDz_bTLzUBW9sU-fcFl_8WzwbOUwjjyz6CYI-cLldnPKOT3UQMY9Z9C7aWRmdq5kTgykSZSCVRFxHtZENzlcIOpJji5Tg&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a3cc47a05c4ecd4ee89877ddfaae37803ff224552759c4155f4c765d5ab6aa5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=de&v=a9s0j4pCVT6gaTEkLiFbtZPH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 19:45:26 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41854
x-xss-protection: 1; mode=block
expires: Wed, 05 Oct 2022 19:45:26 GMT

GET
H2 200 nr-spa-1216.min.js Show response
js-agent.newrelic.com/ 49 KB
18 KB 33ms
9ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id: UU.F5jvoumAjQChriwTQHbisCFw_OInU
content-encoding: gzip
via: 1.1 varnish
date: Wed, 05 Oct 2022 19:45:27 GMT
x-amz-request-id: RQFEDDEN8RCFBNYB
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 18216
x-amz-id-2: 1gVjA9Lmtdw+yipuHaVBT6WMBBPf7KJmW0Iq8Y9il/bkn70n51xOeJTmqvB1vsBoaR6mmQUU4rw=
x-served-by: cache-hhn4076-HHN
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1664999127.155737,VS0,VE0
etag: "63e2df852d15ab21d7ff8fc4363222e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9494

GET
H/1.1 200
OK pd.js Show response
pi.pardot.com/ 5 KB
2 KB 344ms
102ms Script
application/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pi.pardot.com/pd.js
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-96-194.compute-1.amazonaws.com
Software: PardotServer /
Resource Hash: 3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 19:45:27 GMT
content-encoding: gzip
X-Pardot-Route: 16b0ab393667a33fe86adedc3141e88c
last-modified: Wed, 05 Oct 2022 05:22:52 GMT
Server: PardotServer
etag: "1547-gzip"
vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
cache-control: max-age=63072000
Connection: keep-alive
accept-ranges: bytes
Content-Length: 1946
expires: Fri, 04 Oct 2024 19:45:27 GMT

GET
H/1.1 200
OK NRJS-095350dbe2a0c2f6c3a Show response
bam.nr-data.net/1/ 49 B
621 B 286ms
254ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-095350dbe2a0c2f6c3a?a=512365283&v=1216.487a282&to=Y1wHNRRVXkBYU0FYXFoWJAISXV9dFnRHRENVVTkPCVBVb3pfW0VBW1UJBBRoflxdVWNYVkN6Cg8SRl9fVVVHHA1CUAAW&rst=9706&ck=1&ref=https://primepay.com/privacy-policy&ap=272&be=2865&fe=9666&dc=8384&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1664999117465,%22n%22:0,%22f%22:1269,%22dn%22:1270,%22dne%22:1427,%22c%22:1427,%22s%22:1611,%22ce%22:1801,%22rq%22:1801,%22rp%22:2831,%22rpe%22:2834,%22dl%22:2837,%22di%22:8384,%22ds%22:8385,%22de%22:8426,%22dc%22:9666,%22l%22:9666,%22le%22:9667%7D,%22navigation%22:%7B%7D%7D&fp=4475&fcp=4761&at=TxsEQ1xPTU4%3D&jsonp=NREUM.setToken
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date: Wed, 05 Oct 2022 19:45:27 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7558a8610f7f9960-FRA

POST
H/1.1 200
OK NRJS-095350dbe2a0c2f6c3a Show response
bam.nr-data.net/resources/1/ 36 B
413 B 707ms
706ms XHR
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/resources/1/NRJS-095350dbe2a0c2f6c3a?a=512365283&v=1216.487a282&to=Y1wHNRRVXkBYU0FYXFoWJAISXV9dFnRHRENVVTkPCVBVb3pfW0VBW1UJBBRoflxdVWNYVkN6Cg8SRl9fVVVHHA1CUAAW&rst=9999&ck=1&ref=https://primepay.com/privacy-policy&st=1664999117465&at=TxsEQ1xPTU4%3D
Requested by: Host: primepay.com
URL: https://primepay.com/privacy-policy?_hsmi=228140772&_hsenc=p2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70262536d44f259b2a952b45b3723e2de78eb492d371e59e55c46de98d926912

Request headers

Referer: https://primepay.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
content-type: text/plain

Response headers

Date: Wed, 05 Oct 2022 19:45:28 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: https://primepay.com
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7558a862ab249960-FRA
Content-Length: 36

GET
H/1.1 200
OK analytics Show response
pi.pardot.com/ 258 B
2 KB 544ms
544ms Script
text/javascript 52.54.96.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://pi.pardot.com/analytics?ver=3&visitor_id=&visitor_id_sign=&pi_opt_in=&campaign_id=18441&account_id=288692&title=Privacy%20Policy%20%7C%20PrimePay&url=https%3A%2F%2Fprimepay.com%2Fprivacy-policy%3F_hsmi%3D228140772%26_hsenc%3Dp2ANqtz-_py_QKHXzKO_HskQ1EB18eGr404v-9Nafcrc9ZlLGuHY1LbWrl8O2VjD8K5g5V6c0fg8pHx4aZos1KLu801BdpDVUhEDifkD96EgPbB5Ca3U2R570&referrer=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.54.96.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-54-96-194.compute-1.amazonaws.com

Software

PardotServer /

Resource Hash

70c1ede642c6bcf8b7b3e9e2f40009cdb04a68e33555412574778177424effdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://primepay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
Date: Wed, 05 Oct 2022 19:45:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Pardot-Route: 9b06e8e2308c32c7bf9ba8adfb7be2e1
x-pardot-rsp: 0/0/1
Server: PardotServer
vary: Accept-Encoding,User-Agent
Content-Type: text/javascript; charset=utf-8
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT", policyref="/w3c/p3p.xml"
cache-control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 196
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: hemsync.clickagy.com
URL: https://hemsync.clickagy.com/external/hasHashes?clkgypv=jstag

Verdicts & Comments Add Verdict or Comment

120 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 10:49:11	Name: _GRECAPTCHA Value: 09ALeKQC-SM7ObBS0iCOI6foFnFR75_XHV2_6ken22kd2IltekCBf67zSNEql01X838nNkguxguylfsL8k2WhepVM
.www2.synchr.com/	1970-01-20 06:30:00	Name: __cf_bm Value: 4novP4wz6_aTFK6obBEzmbt6Xq38imMoZxOhvIQuAYA-1664999117-0-ARjvl22Ih6vqelSSyGlhbNjkwhNFYhbNHGu1ilUk1nnogziwZB2LQz0i0Ku0y32sFE+tvhkKo1+HSf52M70SSxk=
.www2.synchr.com/	1969-12-31 23:59:59	Name: __cfruid Value: 85b76c25c02cc00570b64726073380b774c5a7fb-1664999117
.quora.com/	1970-01-20 06:30:00	Name: __cf_bm Value: jnrHCOxhtIy2NvoftjRqB.OvYOBhBxgiMksm_Eu0pm4-1664999121-0-ATIxLSkP4qHEVfHfwis0nqZHiVisBOKEsWIfziq89zsrs3SscxLIEelYl1EwhMV18W2yjEnDmc20BvFX2pHxCls=
.ws.zoominfo.com/	1970-01-20 15:15:35	Name: visitorId Value: 31cd7057f5633764f3ca9e16a30c5532423e5bca3a36683197eec69a67c32881
.zoominfo.com/	1970-01-20 06:30:00	Name: __cf_bm Value: zvE7an9GfNiQgqKdcwSbJbWNJwrNBad.FneAWtrhWGc-1664999122-0-AZT8lEE5KV7laF5tqOwQz8gn6/2/YA3m1n73nr7gXh6OBtSKVIdi9umv8FABqFV6ZaE15FBCOKhVibicM+OARGk=
.primepay.com/	1970-01-20 06:31:25	Name: _gid Value: GA1.2.2064804499.1664999122
.primepay.com/	1970-01-20 06:29:59	Name: _gat_gtag_UA_5439787_1 Value: 1
.primepay.com/	1970-01-20 08:39:35	Name: _gcl_au Value: 1.1.1914886590.1664999122
.primepay.com/	1970-01-20 16:05:59	Name: _ga_4EV1CJ5EPY Value: GS1.1.1664999122.1.0.1664999122.0.0.0
.primepay.com/	1970-01-20 16:05:59	Name: _ga Value: GA1.1.1706736569.1664999122
support.primepay.com/	1970-01-20 15:15:35	Name: CookieConsentPolicy Value: 0:1
support.primepay.com/	1970-01-20 15:15:35	Name: LSKey-c$CookieConsentPolicy Value: 0:1
.primepay.com/	1970-01-20 08:39:35	Name: _fbp Value: fb.1.1664999122457.445344414
.doubleclick.net/	1970-01-20 06:30:00	Name: test_cookie Value: CheckForPermission
primepay.com/	1970-01-20 15:15:35	Name: liveagent_oref Value:
.primepay.com/	1970-01-20 15:15:35	Name: _hjSessionUser_134689 Value: eyJpZCI6ImYzZTVmZGEwLWJlYmUtNWU1My04NmY3LTg1ZGI0ZTk2MmIxNiIsImNyZWF0ZWQiOjE2NjQ5OTkxMjIxMzksImV4aXN0aW5nIjpmYWxzZX0=
.primepay.com/	1970-01-20 06:30:00	Name: _hjFirstSeen Value: 1
primepay.com/	1970-01-20 06:29:59	Name: _hjIncludedInSessionSample Value: 0
.primepay.com/	1970-01-20 06:30:00	Name: _hjSession_134689 Value: eyJpZCI6ImE4MDZkZDUxLWE0ZmUtNGIzOS05NjU0LTU2NGUyYjk0ODM1ZiIsImNyZWF0ZWQiOjE2NjQ5OTkxMjU5NjcsImluU2FtcGxlIjpmYWxzZX0=
.primepay.com/	1970-01-20 06:30:00	Name: _hjAbsoluteSessionInProgress Value: 0
.linkedin.com/	1970-01-20 07:13:11	Name: UserMatchHistory Value: AQKTeiplPhMgqgAAAYOprnPoWDNPSpX_yNonqwrnMyG26L_om-7MoOKAQv_L3jbYRKGlod1rDW1lsA
.linkedin.com/	1970-01-20 07:13:11	Name: AnalyticsSyncHistory Value: AQI_Du9UqAHFfwAAAYOprnPoh5zBqY6nkQXzr7BC4HVahReBUCWZuYP7_AYOgSOxm1YkSe2nQM7U3n6DwcXYpA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:15:35	Name: bcookie Value: "v=2&81fa3584-9542-461f-8bb2-dd984dc869bb"
.linkedin.com/	1970-01-20 06:31:25	Name: lidc Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2597:u=1:x=1:i=1664999125:t=1665085525:v=2:sig=AQEI4V5ZfvcwM9CNywNiCrYMVX88I1Km"
.t.co/	1970-01-20 16:05:59	Name: muc_ads Value: 903a8ec4-ecee-4f0a-8ff3-1e2ed2982c55
.twitter.com/	1970-01-20 16:05:59	Name: personalization_id Value: "v1_yZblXLm8h5fW7Dslvph40A=="
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:15:35	Name: bscookie Value: "v=1&202210051945263059657a-3ebe-460b-8ae6-458fccafdfa1AQE_6PmemT1GHwP4l93-6-TDu_OYhsX5"
.linkedin.com/	1970-01-20 10:49:11	Name: li_gc Value: MTswOzE2NjQ5OTkxMjY7MjswMjFZBJlTN6rctty1Lku3c00k3W7t2eyGMTecFsng4bad1g==
primepay.com/	1970-01-20 15:15:35	Name: liveagent_ptid Value: d8fccc35-091f-4076-8ea2-b66bc3d6ab6e
primepay.com/	1969-12-31 23:59:59	Name: liveagent_sid Value: 4b510e75-7bb3-45dc-b483-e96029b3c429
primepay.com/	1970-01-20 15:15:35	Name: liveagent_vc Value: 3
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 25152de2474d69fb
.pardot.com/	1970-01-20 16:05:59	Name: visitor_id287692 Value: 445180744
.pardot.com/	1970-01-20 16:05:59	Name: visitor_id287692-hash Value: 98b1e76cf35921f94b37854cfd5632408316053df041c2f629d019704bdb863438d4f789535877eddf05bb765f8d4bea2860f5ad
pi.pardot.com/	1970-01-20 06:30:00	Name: lpv287692 Value: aHR0cHM6Ly9wcmltZXBheS5jb20vcHJpdmFjeS1wb2xpY3k%2FX2hzbWk9MjI4MTQwNzcyJl9oc2VuYz1wMkFOcXR6LV9weV9RS0hYektPX0hza1ExRUIxOGVHcjQwNHYtOU5hZmNyYzlabExHdUhZMUxiV3JsOE8yVmpEOEs1ZzVWNmMwZmc4cEh4NGFab3MxS0x1ODAxQmRwRFZVaEVEaWZrRDk2RWdQYkI1Q2EzVTJSNTcw
primepay.com/	1970-01-20 16:05:59	Name: visitor_id287692 Value: 445180744
primepay.com/	1970-01-20 16:05:59	Name: visitor_id287692-hash Value: 98b1e76cf35921f94b37854cfd5632408316053df041c2f629d019704bdb863438d4f789535877eddf05bb765f8d4bea2860f5ad

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:ae176ccf7fd3ba03be43689839492cbc Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/711861.gif Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.quora.com
analytics.twitter.com
aorta.clickagy.com
bam.nr-data.net
browser-update.org
c.la1c1.salesforceliveagent.com
connect.facebook.net
d.la1-c1-ia5.salesforceliveagent.com
d.la1c1.salesforceliveagent.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads.g.doubleclick.net
hemsync.clickagy.com
id.rlcdn.com
idsync.rlcdn.com
js-agent.newrelic.com
js.hsforms.net
perf.hsforms.com
pi.pardot.com
primepay.com
px.ads.linkedin.com
px4.ads.linkedin.com
q.quora.com
region1.google-analytics.com
s3.amazonaws.com
script.hotjar.com
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
support.primepay.com
t.co
tags.clickagy.com
vars.hotjar.com
ws.zoominfo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www2.synchr.com
hemsync.clickagy.com
104.244.42.67
104.244.42.69
13.107.42.14
13.108.249.135
13.108.249.7
13.110.40.53
13.32.27.21
142.251.39.34
143.204.215.118
151.101.130.137
162.159.152.17
162.247.241.14
199.232.136.157
2001:4860:4802:32::178
2001:4860:4802:34::36
2606:2c40::c73c:671d
2606:4700:20::681a:6b4
2606:4700:4400::ac40:9973
2606:4700::6810:5605
2606:4700::6810:5705
2606:4700::6810:a852
2606:4700::6811:b949
2620:12a:8000::253
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:808::2002
2a00:1450:4001:830::2003
2a00:1450:400d:807::200a
2a00:1450:400d:80e::2008
2a00:1450:4025:401::9d
2a02:26f0:11a::6867:4868
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.220.203.163
34.234.135.87
35.244.174.68
52.217.138.144
52.222.139.53
52.54.96.194
85.222.140.10
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
082425ce63442064f2acd182fcdac79ecbebdbfe2e392493ac9b1dc71a5c1842
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ff84f1e03eb15dedc4668f0817372b734934076bc936e12c5c0bd3944dab0c0
34b49227fd47078426b973237180342ee50770552e0f60593269419c9bc6eb52
350d57045665da321d361c8168c0a2feaf8da636caa9e4f285627b1d3d7fc674
380c41380ef43ac49c23949ead8c0f90133a93c49ec6527f7065ab4ee9c2ee44
3b91e6a4b14493d67f9660e6d4a2e27c1eea54d97ccb7c30acf3b89998b3be99
3cbe8d0853f4e76911700dce0e18c6246216f7c11c6192ae668a1123e4031cd6
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
46bb9e35692679c2ef79cbecf203f57c4f787510a76e98994176cfdfd22b8299
4985c715646b5d49689b14acefc99c70611c701347a8a357359ea987678c8a15
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4ad9b483fdca36e6c2d51668844c558227ce1b1519ec4a5280ed933b14c86d43
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57f241671a3d18163c0ef4cc22c6d4059895ec8d1bdb6441d8fc05419fa8a348
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b3c6e212cbb3b9f4f28b09cfdc53990e809792192d7d8639d3311f0551c2010
67770f61e95240c82a3da5477a96dbc35f9f264916d50b2aec2cbd5b54ea9ed1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6fe11aff0ae158a9a4a91fe408daf8ecddf648ed069942e11efb1e023b83eee1
70262536d44f259b2a952b45b3723e2de78eb492d371e59e55c46de98d926912
70c1ede642c6bcf8b7b3e9e2f40009cdb04a68e33555412574778177424effdd
71044970e802b0cf12ff5cb2e20a5910192e473a2968385f99c2987d3a4d0231
768b478c9a069287e6317f393cd0480a778cb88b530cbcbb5af6e2d03a170c87
832a92299fed490f297d7f046046348bbb3c44a9e1195b14fc394999b2ffe21b
832df64411d91f2244dbe5a4f7058540c217e745023f66784de5ef9345984544
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a3cc47a05c4ecd4ee89877ddfaae37803ff224552759c4155f4c765d5ab6aa5
8d26561d6428df13caa01d7b70eb9f006f721a1a81d5ad54a047fb9ceccdfcd5
8e1057306fafbd70e971802f1e9694deb1742445b88834b8ba3abe9bd27e06cb
913c291eac272410952e0ed4bd73e30e007d6866aa1ffc1154de533f1cfc9120
96af449f94d4ca1f4acc07e12f5d7dfe721de55efebe3b06b3cda6d5cc663a0a
9ae974afe2f80fde68f38d27863c0352d95ffbaf068968731876c576c0fecad2
9b05f32b262a8ddfa4c0322b0b4b376258b7996177b98d5a1e2b4585d20cba27
9c9ac7ae79389fe6c7898845c5b31933b7aa152344cc1dff6328eefeb7b4f522
a15bef5551f730c8269a1cba57c370099d559defd996193c80a477c411081ca2
a7e77eb65a3e79f0c0424791af5b9974d3b7519c8f8f29ccf8633e6e69e34d19
a83848cf5c3d96caefe490c19e41659609b3691dd4c531cf925016c084d8e1b0
aa77031e11b6841941ff3781380ee63cb3cfd1098dffbb4f86771020fd09bffd
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
c142f33783c1bac3d8a615b6a0b675c169336e3a068016a35b2c3ec3412e559d
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c9685b413894b0647b42edf9cac1fc0b2ed044c1fe238d843b9ca3d29db1b805
ca17b3b3c89ce3d17dfaa4c393cc5be3be943caa7bacf52f2ac0c51cdccf22db
d046e4d678e786ce2b1b678831d922df3a4bbc9f09b3d62e86e4a4e59d2c1edb
d0bbcf00d1e8c2a4e64153889b7f18c469fda01d4e1ca23fdcbdb970c0cd2248
d14d732f8caf915919ff661157edc3456a85f408b7a3c5ee1e21357e7df07e1a
d5c1172f24f4f49f780c65cf5be897527fd08f3662a2ba8db0cfe0057d92e367
d98f6f4c2c47780f3c68c44b95e10ee51dd957bb852b206d18adbb3176268436
dabcd51eba1ef5e1f9b266ac9a2f50db402104f230b0860b4355bd27f34b102d
dac3b447453f173a51e68c181d9791bc626a045915e619e67a15f3a4a271ebef
dbced257021163ba26235bb2e6037ce019672312e31e68660d140f39efda7332
dd870101ad4e95d687a2eb734707b0dd7c20808f76d7be77a71a5d13cf99401c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
decf55d434eb0ab2aef1f699b3a164a46e247bb9734d31e7263d4de7a4e7d91b
df0ef9ec2a2b0f389449d043c37d81f76d570aba2cb7231263a4c9fbfb462c39
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed7afeeafa716af81f64344f10b7a3d9e3a851bae34b18d3b38035652b98a4f2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f467c39ffecfe9235f2afdd2d7dacd20491e37c5ebf94079136123ce0d0a74f3

primepay.com Open in urlscan Pro 2620:12a:8000::253 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

95 %HTTPS

52 %IPv6

30 Domains

45 Subdomains

42 IPs

6 Countries

3031 kBTransfer

6621 kBSize

40 Cookies

10 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

primepay.com Open in urlscan Pro
2620:12a:8000::253 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

95 %
HTTPS

52 %
IPv6

30
Domains

45
Subdomains

42
IPs

6
Countries

3031 kB
Transfer

6621 kB
Size

40
Cookies

88 HTTP transactions
0 data transactions