paylas.cc Open in urlscan Pro
2606:4700:3033::6815:10f8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.paylas.cc/
Effective URL:
https://paylas.cc/
Submission: On January 31 via automatic, source certstream-suspicious (January 31st 2021, 12:05:23 am UTC)

Summary HTTP 102 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 102 HTTP transactions. The main IP is 2606:4700:3033::6815:10f8, located in United States and belongs to CLOUDFLARENET, US. The main domain is paylas.cc.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 19th 2020. Valid for: a year.

This is the only time paylas.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:303... 2606:4700:3033::6815:10f8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
54	2606:4700:10:... 2606:4700:10::6816:475	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 21	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
102	13

17 2606:4700:3033::6815:10f8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.paylas.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
paylas.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 2606:4700:10::6816:475 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	statically.io cdn.statically.io	533 KB
17	paylas.cc 1 redirects www.paylas.cc paylas.cc	119 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	503 B
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	195 KB
4	google-analytics.com www.google-analytics.com	19 KB
1	googletagservices.com www.googletagservices.com	28 KB
1	google.com adservice.google.com	781 B
1	google.de adservice.google.de	781 B
1	googleadservices.com partner.googleadservices.com	616 B
1	gstatic.com fonts.gstatic.com	31 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	googleapis.com fonts.googleapis.com	992 B
102	12

	Domain	Requested by
54	cdn.statically.io	paylas.cc cdn.statically.io
16	paylas.cc	paylas.cc cdn.statically.io
11	googleads.g.doubleclick.net	1 redirects paylas.cc pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	paylas.cc pagead2.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com cdn.statically.io www.google-analytics.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	paylas.cc
1	fonts.googleapis.com	paylas.cc
1	www.paylas.cc	1 redirects
102	15

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-19` - `2021-06-19`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://paylas.cc/
Frame ID: 8D189EFB79B86BA283D655ED6C843A0E
Requests: 98 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html
Frame ID: 3B2FD2D6D04A5D0C4BDBB40DAAD00F9D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=3607668361&adf=823446599&pi=t.ma~as.2209261955&w=1132&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1132x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508368&bpp=14&bdt=4588&idt=80&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6013404952971&frm=20&pv=2&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ee9y2UFl3M&p=https%3A//paylas.cc&dtd=97
Frame ID: 852F55EC93D56FC128EE19D3FA52BAD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=1731778170&adk=1403243731&adf=410739056&pi=t.ma~as.1731778170&w=336&lmt=1612051508&psa=0&format=336x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508382&bpp=2&bdt=4602&idt=93&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4KU74WFCIy&p=https%3A//paylas.cc&dtd=97
Frame ID: 9BD779E436EFB3C8F71EFE275FDC4CEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=1731778170&adk=1403243731&adf=1353977248&pi=t.ma~as.1731778170&w=336&lmt=1612051508&psa=0&format=336x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508385&bpp=1&bdt=4605&idt=96&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gkV5AZept0&p=https%3A//paylas.cc&dtd=100
Frame ID: DCA709701B3531AD2027DC79DB51089D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=1167091871&adf=383669989&pi=t.ma~as.2209261955&w=1200&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508385&bpp=1&bdt=4605&idt=103&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HlWIldhgD1&p=https%3A//paylas.cc&dtd=106
Frame ID: AD14D3705EEC624CA8A88EFAC8578255
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=90&slotname=1570213802&adk=1407570446&adf=2318803929&pi=t.ma~as.1570213802&w=728&lmt=1612051508&psa=0&format=728x90&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508386&bpp=1&bdt=4606&idt=108&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Ka38TgJwnL&p=https%3A//paylas.cc&dtd=110
Frame ID: 94787E6392C73911D93EE936B0803491
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=919377124&adf=307756650&pi=t.ma~as.2209261955&w=1200&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508387&bpp=1&bdt=4607&idt=145&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280%2C728x90&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5FdqU10Zw&p=https%3A//paylas.cc&dtd=147
Frame ID: 249F3F9F8689546A22A9326CA24431B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&adk=1812271804&adf=3025194257&lmt=1612051508&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaylas.cc%2F&ea=0&flash=0&pra=7&wgl=1&dt=1612051508388&bpp=1&bdt=4608&idt=153&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280%2C728x90%2C1200x280&nras=1&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&dtd=158
Frame ID: 7DAE8A9225BF23F9F8F4E57CA4508F5F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: A517468594FD7A67F26B709D73433322
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1
Frame ID: C4040BA5752B4BEE783BC0E12FB889CE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.paylas.cc/ HTTP 301
https://paylas.cc/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

102
Requests

100 %
HTTPS

92 %
IPv6

12
Domains

15
Subdomains

13
IPs

3
Countries

967 kB
Transfer

2245 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.paylas.cc/ HTTP 301
https://paylas.cc/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

102 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
paylas.cc/
Redirect Chain

https://www.paylas.cc/
https://paylas.cc/

74 KB
11 KB

1239ms
1232ms

Document
text/html

2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: 423f99e6781c0eacc11765b0cd629ad2d5a0ec4edd9b57f6d9ee0d2ff3852a99

Request headers

:method: GET
:authority: paylas.cc
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d0d8add418bb94481c5e44bc7d0018b211612051501
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.9
set-cookie: PHPSESSID=d7b2659b627e19d4d631f5a701fdbc72; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
link: <https://paylas.cc/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding,User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 07f75aedd500001786e0aae000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BP9MRvTNfP%2BLF%2FfnzC9%2FshMJqg0YHIsqWcZXd7r4LV9q%2F4P0zC4TmtTA%2BYxwgu%2BnvVt2m2Z%2BUUfu16rrkUBsTCkTKWmvpetnM4H%2BUQ7l834hUE6qHvI%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 619f2dc2ef181786-FRA
content-encoding: br

Redirect headers

date: Sun, 31 Jan 2021 00:05:02 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d0d8add418bb94481c5e44bc7d0018b211612051501; expires=Tue, 02-Mar-21 00:05:01 GMT; path=/; domain=.paylas.cc; HttpOnly; SameSite=Lax PHPSESSID=1c3319689ba1b5e81e5f4ba3e6437d16; path=/; secure
x-powered-by: PHP/7.4.9
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-redirect-by: WordPress
location: https://paylas.cc/
vary: User-Agent,User-Agent
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 07f75ae9fd00001786d522c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TEy%2F1BsPG2L2v0p%2F7GykTuzbPmSPa8UiaiPYZDjr005xGTTkxlqIcSCpSb3hjBbLTMvmFUxO4cZpf8P1MwrabjAjeUb6WkLJbPNzt6jrzyCZrorLXAfRh0RH"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 619f2dbcca391786-FRA

GET
H2 200 eaa-styles.css
paylas.cc/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/css/ 763 B
801 B 18ms
13ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/css/eaa-styles.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c53a78aa78c129596570e6919f034004d73ae707a6c5955ab2b360e31afbb38

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101143
cf-polished: origSize=1006
cf-bgj: minify
cf-request-id: 07f75af2ae00001786299d7000000001
last-modified: Sun, 27 Dec 2020 19:16:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FkEYbP%2BCitB%2FHPdyQhnt645zvJyT4%2FqiZjfNE4DQl6Je4C9ayoEYVEKamC%2ByFNdYqF6xunu2F7vTtGby9LmACJhM0cbBZBKNTM1TYw%2FpU443BoPaAsw%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba321786-FRA
expires: Sun, 28 Feb 2021 19:59:21 GMT

GET
H2 200 blocks.style.build.css
paylas.cc/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 0
339 B 18ms
13ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101143
cf-polished: origSize=184
cf-bgj: minify
content-length: 0
cf-request-id: 07f75af2af000017860214d000000001
last-modified: Sun, 24 Jan 2021 19:09:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YqxjSs4c2Evvv%2BaHyY4c2zYZvElHkRV2qDW6hfVO6LV8GW%2FlNQW6i4KlPSJwh0Svt%2B2sLu3endQnN6BW%2BWc3pPzDUdCC%2BUd%2FyDmQ4yt4E3IZ9McTdsI%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 619f2dcaba341786-FRA
expires: Sun, 28 Feb 2021 19:59:21 GMT

GET
H2 200 style.min.css
paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/assets/css/ 5 KB
2 KB 219ms
215ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/assets/css/style.min.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dbbdfedbc6ce8ebad500036a3a93140213364f54dfd9b3348d714b9b4bd8447

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 31 Dec 2020 21:40:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TpQPvHAj6A9aiuZJE8J7tHYLJV%2BEKrbBIW1ywhyCJlvkuP%2BJbgiIz67rpQJQ15KQtQgTiE9vNdr3goAubFelfuZ6C4hQ2tQIcu9%2BnMpx2i4iba7pLvo%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba361786-FRA
cf-request-id: 07f75af2b000001786dc12c000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 shoppable-images-front.min.css
paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/assets/css/ 6 KB
1 KB 264ms
260ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/assets/css/shoppable-images-front.min.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 31 Dec 2020 21:40:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OS6RXLetrHhWtqMOz8h6kcFkVmmsjG%2Fhs3EnVtZZLpylTxwjVrviJYC2VnNbt0WohNFWnyljNfce1yg%2BVGaPQyegHU%2BZt2ipJQ8J82z98pRz0HpipqY%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba371786-FRA
cf-request-id: 07f75af2b200001786dc12d000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 frontend.css
paylas.cc/wp-content/plugins/download-monitor/assets/css/ 5 KB
2 KB 223ms
218ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/plugins/download-monitor/assets/css/frontend.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 12 Dec 2020 05:25:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lngl38NdK%2BV0ONTsuPz8Ii9mFsFz1NP1UMyWa%2BDSOfsPo8GTZwWmzfC8B81sEuEW0XtaZtXzArFmLTV8tbtX4x%2Fdhvh6Kzs%2B5CiWrgkDh5TKUvqq%2B8g%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba391786-FRA
cf-request-id: 07f75af2b000001786e881a000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 wpp.css
paylas.cc/wp-content/plugins/wordpress-popular-posts/assets/css/ 1 KB
779 B 233ms
229ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 13 Dec 2020 22:21:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Iekz579Gh7Xhi7%2F9NGdggTgvSRXB66X1qQ57XdzlxpqVwEr83RvQRadVV%2BQY8WJn%2BaHbWQDUlrSnbzuneMEJ1ovQi2p9PnPhSWWaEhG%2Frj9bUyVGy5w%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba3b1786-FRA
cf-request-id: 07f75af2b000001786de315000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 all-light.min.css
paylas.cc/wp-content/themes/bimber/css/8.6/styles/original-2018/ 202 KB
30 KB 397ms
393ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/themes/bimber/css/8.6/styles/original-2018/all-light.min.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a65a31267c9cb46c78918037f3bb7922a71b37163e8d1c7cc2154682888a0ca

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 Nov 2020 06:56:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h8cau89qwz6DC2M1Hry8Wl2mRYEpKV9kR7GTBa4c0ClNi%2FVmrHdg2PDzvcoPKanH%2F9fCrZ7Cp4f9NEpdA6OjMTErOFq3Lj0zc3sJCnAp5MP%2BNcpW%2FW4%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba3d1786-FRA
cf-request-id: 07f75af2b20000178650358000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
992 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CSpartan%3A400%2C300%2C600%2C700%2C800&subset=latin%2Clatin-ext&display=swap&ver=8.6

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a78e9bc9ef66efd4c9d5e5f5860952a1c191f05fe6435c97b14fb89fb7a453ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Jan 2021 23:31:04 GMT
server: ESF
date: Sun, 31 Jan 2021 00:05:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Jan 2021 00:05:03 GMT

GET
H2 200 dynamic-style-1609144318.css
paylas.cc/wp-content/uploads/ 26 KB
3 KB 20ms
17ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/uploads/dynamic-style-1609144318.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af6a6221e0f64c0ee6eb242ee1f4102c6cc7113c7fd822907e0e3fc5b38c134c

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101143
cf-polished: origSize=31494
cf-bgj: minify
cf-request-id: 07f75af2b20000178630286000000001
last-modified: Mon, 28 Dec 2020 08:31:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2ywDmg%2BR5arObhm%2BsgFv0qzRVmTI8I%2FyrmUFBX2VG7dmwA%2BIILqIrFJ%2BBLd0TMdMMQuBv2eFHmsnYo1xm1o%2Bieabjve4Lkhcxzy8pFI224WQDkYNF%2Fw%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba421786-FRA
expires: Sun, 28 Feb 2021 19:59:21 GMT

GET
H2 200 2566c291e59e185c12a331fef1e235f3.css
paylas.cc/wp-content/easysocialsharebuttons-assets/compiled/ 175 KB
18 KB 308ms
304ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/easysocialsharebuttons-assets/compiled/2566c291e59e185c12a331fef1e235f3.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 325e36bfd0f1d6dd2e8f06bf0ca02240ba139d6b7131d658cace3f22a48f383c

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 13 Dec 2020 22:32:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7VcYQgImCdH4pt95TR63c8mFqPW41qLqIIwzky8%2BE3nwBoPFnSIcnVakl6TC6LHhUVz15tAOF55%2BiBK34io1F64d%2FH5JF01UcpCMjsCBs1rGFXm50WE%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba431786-FRA
cf-request-id: 07f75af2b300001786eabd7000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 dlm-light.min.css
paylas.cc/wp-content/themes/bimber/css/8.6/styles/original-2018/ 564 B
500 B 256ms
253ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/themes/bimber/css/8.6/styles/original-2018/dlm-light.min.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c4acce3075a37daa739aa0b14a531001f95d4e713c6d0c32ced35e43e056741

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 Nov 2020 06:56:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AyAUl32WIv9%2FAlZ%2Bpb4TmrtED%2Bd21U8o2LlHaHVcV39QrfgEGYtXJRvz5CfMMXtZnuBBgAHj2iDLOY%2BEA9gjhgfxc%2FJHic7FzL15e6EeQilgcwTVcZI%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba461786-FRA
cf-request-id: 07f75af2b3000017860c160000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 essb-light.min.css
paylas.cc/wp-content/themes/bimber/css/8.6/styles/original-2018/ 3 KB
1 KB 240ms
237ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/themes/bimber/css/8.6/styles/original-2018/essb-light.min.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43f3fac46ba9fbab6916820bc2f32cbbe73696fdfb6b70feb015d91664927c37

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 Nov 2020 06:56:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FJRHf5FsVyLnfs5n%2BoHKmImzpTYeiLaTk0ujSFR4jYYNKZZ2lXLeNvrpMI5lHPRVX09cN8XarnO3FBZYL5uybzzTMkeieZiDymhXEunQPCpq1TNOTDc%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba491786-FRA
cf-request-id: 07f75af2b4000017865404c000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 mashshare-light.min.css
paylas.cc/wp-content/themes/bimber/css/8.6/styles/original-2018/ 8 KB
2 KB 241ms
238ms Stylesheet
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/themes/bimber/css/8.6/styles/original-2018/mashshare-light.min.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 196d444f28cc50fd900d9f761ac23efbb140c492b920921ff3e491326198eb48

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 19 Nov 2020 06:56:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0pHpaoHVWNMYPfH5dMbDPKyzC8cle1vM%2FNJ8uQRsGC2wXnQJl8yegmTs52iWFa5PJJsUrXU6e2s3ekBhg0gNuXI4dk%2BxPpqHeO8DKb0U3nQ55JCaWeQ%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
nel: {"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dcaba4c1786-FRA
cf-request-id: 07f75af2b400001786f3ad4000000001
expires: Tue, 02 Mar 2021 00:05:03 GMT

GET
H2 200 jquery.min.js Show response
cdn.statically.io/wp/c/5.6/wp-includes/js/jquery/ 87 KB
30 KB 38ms
18ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/wp/c/5.6/wp-includes/js/jquery/jquery.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3222799
x-cache: MISS, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c000004a5531282000000001
x-served-by: cache-fra19165-FRA, cache-fra19141-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"48863//tags/5.6/wp-includes/js/jquery/jquery.min.js"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcacd4a4a55-FRA
access-control-expose-headers: *

GET
H2 200 jquery-migrate.min.js Show response
cdn.statically.io/wp/c/5.6/wp-includes/js/jquery/ 11 KB
4 KB 35ms
14ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/wp/c/5.6/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2070897
x-cache: MISS, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c100004a55332dc000000001
x-served-by: cache-fra19174-FRA, cache-fra19149-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"49390//tags/5.6/wp-includes/js/jquery/jquery-migrate.min.js"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcacd4f4a55-FRA
access-control-expose-headers: *

GET
H2 200 eaa-scripts.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/js/ 679 B
345 B 46ms
26ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/easy-adsense-ads-scripts-manager/assets/js/eaa-scripts.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c421fa94220ecc78ab2044859a8b3bf54380a2dafded1a9f74fb84733b7921bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c100004a550ca11000000001
x-served-by: cache-fra19166-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"5a-Z/Bh2UpBlnXfr3aSR+1maXayWp8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcacd544a55-FRA
access-control-expose-headers: *

GET
H2 200 slideup.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/assets/js/ 1 KB
635 B 46ms
26ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/assets/js/slideup.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9328556f63942f9089a040bd722c33207fb02d13db175e06a780a98477a567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c200004a55232d8000000001
x-served-by: cache-sin18023-SIN, cache-fra19164-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"5d-388QzVIBI8gi/T/GRdlo62YxUJo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcacd554a55-FRA
access-control-expose-headers: *

GET
H2 200 shoppable-images-front.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/includes/shoppable-images/assets/js/ 1 KB
624 B 44ms
24ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/includes/shoppable-images/assets/js/shoppable-images-front.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e91c0cdaaf3c96c15bca3130b80c11456577bbc4b0a3178f73598052d8212018

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c200004a556393b000000001
x-served-by: cache-fra19155-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"86-VOg8NZYYsy4XZUpvJn7aXjiQprA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcacd564a55-FRA
access-control-expose-headers: *

GET
H2 200 coupons.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/assets/js/ 1 KB
588 B 42ms
22ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/8a1e9f44c711349aef7ab43acf4e6fc8-plugin/assets/js/coupons.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61860eb0af368075cd1201457d143552abf04c8841bf218653813317e9c3f11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c300004a5540a8d000000001
x-served-by: cache-fra19131-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"5d-4cqI9lIoiDT7GaeQASi+NGTgAeI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcacd5b4a55-FRA
access-control-expose-headers: *

GET
H2 200 wpp.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/wordpress-popular-posts/assets/js/ 3 KB
1 KB 207ms
187ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c200004a55590b8000000001
x-served-by: cache-sin18044-SIN, cache-fra19180-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"4d-ocEQyCn0rxgcQniighr1E+rYBvg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcacd584a55-FRA
access-control-expose-headers: *

GET
H2 200 modernizr-custom.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/modernizr/ 7 KB
3 KB 1398ms
1378ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/modernizr/modernizr-custom.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
cf-ray: 619f2dcacd5a4a55-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c300004a5534a64000000001
x-served-by: cache-sin18028-SIN, cache-fra19181-FRA
server: cloudflare
etag: W/"4b-mZnCCNzkJQaxUzkd5jc2HnGY9JY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
timing-allow-origin: *
access-control-expose-headers: *

GET
H2 200 Chart.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/coronavirus-spread-prediction-graphs/js/ 169 KB
50 KB 262ms
243ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/coronavirus-spread-prediction-graphs/js/Chart.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0da5259c785f10af603c11fce61e4ba3bf638637de20fe6f64aa0510cf7fbf6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af2c200004a554f919000000001
x-served-by: cache-fra19151-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"55-xzLtXEhVCL/HtC7gC82L2MnPtnk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcacd594a55-FRA
access-control-expose-headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 31ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108368586-5

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8c155dcec144583a390e6cdbe615024a30d88003f0131f4510159f80c602f4fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38896
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:05:05 GMT

GET
H2 200 paylas-2021.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/ 1 KB
1 KB 22ms
22ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/paylas-2021.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cd9f45985a0e7c5dad574f6229a0420eae084a7e0b8c4e27fd86bf5376593ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1267
cf-request-id: 07f75af83c00004a55652db000000001
x-served-by: cache-fra19148-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyE3H-DTvSPjqxGICw5daU5g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd39c904a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/12/paylas-2021.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 paylas-2021-beyaz.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/ 3 KB
3 KB 24ms
23ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/paylas-2021-beyaz.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

758990d012d05cedd7416c43e1491d82030640f727b01ca2678908a2ba41978f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2761
cf-request-id: 07f75af84600004a5520058000000001
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyNRXZYKlDolQWTBj9x1OUUA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd3acaa4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/12/paylas-2021-beyaz.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 wp-emoji-release.min.js Show response
cdn.statically.io/wp/c/5.6/wp-includes/js/ 14 KB
4 KB 14ms
14ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/wp/c/5.6/wp-includes/js/wp-emoji-release.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2047471
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af84600004a554f982000000001
x-served-by: cache-fra19134-FRA, cache-fra19180-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"49001//tags/5.6/wp-includes/js/wp-emoji-release.min.js"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd3acac4a55-FRA
access-control-expose-headers: *

GET
H2 200 ads.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/deblocker/js/ 126 B
213 B 32ms
32ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/deblocker/js/ads.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a08d51c4d3bb6e480a9d1c15eead0d989ecf10433c67cc5865dc546fc3c6ceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af43900004a555d964000000001
x-served-by: cache-fra19160-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"38-m3xo2p4yF5f1rG9zhuzh4V6lDAs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcd295d4a55-FRA
access-control-expose-headers: *

GET
H2 200 wp-afsydramjct.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/wp-yilod-jrvanse/ 20 KB
3 KB 130ms
130ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/wp-yilod-jrvanse/wp-afsydramjct.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5609fcce1905c2636b01c4213c8ca1060d06587244cf16d8a0aee56dcd82cc89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af45e00004a552730d000000001
x-served-by: cache-sin18035-SIN, cache-fra19162-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"43-63ztTjB85YxZi3s11ON2cdELeW0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcd69b44a55-FRA
access-control-expose-headers: *

GET
H2 200 stickyfill.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/stickyfill/ 6 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/stickyfill/stickyfill.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af4df00004a555d96f000000001
x-served-by: cache-sin18020-SIN, cache-fra19170-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"46-StgGsQLhVqFKe6i2swJYK3s/dVE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dce3af14a55-FRA
access-control-expose-headers: *

GET
H2 200 placeholders.jquery.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/jquery.placeholder/ 5 KB
3 KB 176ms
175ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/jquery.placeholder/placeholders.jquery.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af4f400004a55590de000000001
x-served-by: cache-sin18022-SIN, cache-fra19138-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"57-f22c48ZiMqRAQk4AwhjHbqWwfto"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dce5b2f4a55-FRA
access-control-expose-headers: *

GET
H2 200 jquery.timeago.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/jquery.timeago/ 5 KB
2 KB 23ms
23ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/jquery.timeago/jquery.timeago.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a71d75e9e83cd1be2fa6553ce689441a8be58574d9734eefbfeed29e9178ab5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af5a500004a5539254000000001
x-served-by: cache-sin18033-SIN, cache-fra19178-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"4a-FydzdsZDOP6/zUFm4T1xmvs27Zs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcf6d074a55-FRA
access-control-expose-headers: *

GET
H2 200 jquery.timeago.tr.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/jquery.timeago/locales/ 247 B
311 B 25ms
25ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/jquery.timeago/locales/jquery.timeago.tr.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f76aea67e899437122e8fc336e08e2df7cf6d386dc132fae727a417b92a4c005

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af5bd00004a55f4a88000000001
x-served-by: cache-sin18049-SIN, cache-fra19140-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"55-I4oqoAxdWPHpskH7HRFNZ2150tY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcf9d4b4a55-FRA
access-control-expose-headers: *

GET
H2 200 matchmedia.addlistener.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/matchmedia/ 1 KB
632 B 21ms
21ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/matchmedia/matchmedia.addlistener.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7be717bbc67636660bafd66159898f6be44728a4faa8f4e8ec49dd600936e8ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af5d800004a554399f000000001
x-served-by: cache-sin18025-SIN, cache-fra19147-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"4e-5qPrKvXS9qGYj7FU0IyCf4K97Kc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcfbd884a55-FRA
access-control-expose-headers: *

GET
H2 200 picturefill.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/picturefill/ 8 KB
3 KB 185ms
185ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/picturefill/picturefill.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af5ee00004a55162aa000000001
x-served-by: cache-sin18021-SIN, cache-fra19183-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"48-LROoW8Q4VYh70v+7TZzHp20h74I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dcfedc74a55-FRA
access-control-expose-headers: *

GET
H2 200 jquery.waypoints.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/jquery.waypoints/ 9 KB
3 KB 20ms
19ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/jquery.waypoints/jquery.waypoints.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af6a800004a551491a000000001
x-served-by: cache-sin18043-SIN, cache-fra19172-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"52-+ESUt7GPxVc+/6TokVVDqtVhkoI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd10fa54a55-FRA
access-control-expose-headers: *

GET
H2 200 enquire.min.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/enquire/ 2 KB
1 KB 182ms
182ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/enquire/enquire.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af6bd00004a555eb41000000001
x-served-by: cache-sin18020-SIN, cache-fra19124-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"40-mO6p15tpdnI/iHMVm1W5rjElm+k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd12fe64a55-FRA
access-control-expose-headers: *

GET
H2 200 global.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/ 24 KB
7 KB 22ms
21ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/global.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf1fc6ff953ad6ad61a388420fe3a33af0aae598c6fee873ab7a5036b1dbad15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af77500004a5546392000000001
x-served-by: cache-fra19133-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"33-Q3rBVwMgSLsP4tw/Hrq3XDbrOGI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd259cf4a55-FRA
access-control-expose-headers: *

GET
H2 200 functions.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/coronavirus-spread-prediction-graphs//js/ 2 KB
672 B 26ms
25ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/coronavirus-spread-prediction-graphs//js/functions.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bc0c050cebeb769623444bdb968199a9338d53ab2b9cf739fa2e5f41daf424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af78c00004a550e8c1000000001
x-served-by: cache-sin18023-SIN, cache-fra19179-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"56-zlaN7FJV30CepEGbiZffNBMRf+0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd27a0f4a55-FRA
access-control-expose-headers: *

GET
H2 200 wp-embed.min.js Show response
cdn.statically.io/wp/c/5.6/wp-includes/js/ 1 KB
849 B 12ms
12ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/wp/c/5.6/wp-includes/js/wp-embed.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3303381
x-cache: MISS, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af7a700004a55ed0c8000000001
x-served-by: cache-fra19169-FRA, cache-fra19137-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"46386//tags/5.6/wp-includes/js/wp-embed.min.js"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd2aa724a55-FRA
access-control-expose-headers: *

GET
H2 200 ads.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/quick-adsense-reloaded/assets/js/ 68 B
490 B 25ms
25ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

955c98325a7e06af12c0e9a93a342ce5abe84b545e181ca0bdf110a1b5331139

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af7b700004a554932d000000001
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"48-dR2aKeiLmYB+V8kI3BBoteMJO4k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd2baaa4a55-FRA
access-control-expose-headers: *

GET
H2 200 back-to-top.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/ 947 B
508 B 25ms
25ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/back-to-top.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80f6df81380466af12e411fe992318b338f4d4e661f03d0a4687198f059cd688

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af7cf00004a553b8ef000000001
x-served-by: cache-sin18049-SIN, cache-fra19149-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"38-O1jNqT8VupdDTw2z/eJc23uQZng"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd2eaed4a55-FRA
access-control-expose-headers: *

GET
H2 200 f3h.min.js Show response
cdn.statically.io/gh/taufik-nurrohman/f3h/v1.0.12/ 8 KB
3 KB 18ms
18ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/gh/taufik-nurrohman/f3h/v1.0.12/f3h.min.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08d76847bf78c620e7823f1eb92c1b7689ea5087cbfa4f8df8c49981f5839a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2047514
x-cache: MISS, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af7e900004a5526a96000000001
x-served-by: cache-fra19176-FRA, cache-fra19183-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"4e5914fc17ab99e2573daf7d99e3ca4f02f29d7b6dab171106699efe9c5c2080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd30b444a55-FRA
access-control-expose-headers: *

GET
H2 200 pagebooster.js Show response
cdn.statically.io/wp/p/statically/1.0.2/static/ 2 KB
851 B 14ms
13ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/wp/p/statically/1.0.2/static/pagebooster.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5abbc93d709aaa8506017e4b5ca786bf323ad2a1dd2205e78bf122ccb22d6ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2045575
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af7fe00004a552734d000000001
x-served-by: cache-fra19173-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"2444792//statically/tags/1.0.2/static/pagebooster.js"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd32b924a55-FRA
access-control-expose-headers: *

GET
H2 200 minimal-analytics.js Show response
cdn.statically.io/js/paylas.cc/wp-content/plugins/flying-analytics/js/ 1 KB
822 B 22ms
22ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/plugins/flying-analytics/js/minimal-analytics.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8a2e83955a77d82c9fd99a3a9595609f8fc55b956262bb10102982ccdc02305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af84600004a551882e000000001
x-served-by: cache-sin18032-SIN, cache-fra19141-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"49-SEcrHU99lr4RJErHgZfUVJairng"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd3acae4a55-FRA
access-control-expose-headers: *

GET
H2 200 2566c291e59e185c12a331fef1e235f3.js Show response
cdn.statically.io/js/paylas.cc/wp-content/easysocialsharebuttons-assets/compiled/ 51 KB
12 KB 32ms
31ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/easysocialsharebuttons-assets/compiled/2566c291e59e185c12a331fef1e235f3.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a98bc6280a9d7b76a94af5836805e6a503718b1f730b5b4d9f8d4a045d1426a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75af84600004a5540ae7000000001
x-served-by: cache-sin18038-SIN, cache-fra19143-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"63-OOclxUycosVB4wUWqsX8cU4E6EQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2dd3acb04a55-FRA
access-control-expose-headers: *

GET
DATA 200
OK truncated
/ 62 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e4fd4a7e8c3d71dc45afe3817f4a837bb6cb4f3a0e2f56778ea17feb9a85c1e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 422 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7eabc7f05a63848ca0cf3d821014400d89e413dd6d11de71620a36cb655f99b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bimber.woff
paylas.cc/wp-content/themes/bimber/css/8.6/bimber/fonts/ 10 KB
11 KB 211ms
211ms Font
font/woff 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/wp-content/themes/bimber/css/8.6/bimber/fonts/bimber.woff
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac7f11986f311aec18f6e8346a0c2448ed4a523a16761ecd652a9707792282fa

Request headers

Origin: https://paylas.cc
Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
content-length: 10268
cf-request-id: 07f75af84f000017862c906000000001
last-modified: Thu, 19 Nov 2020 06:56:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,User-Agent, Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VmLJDrcC6nZqtHRrq8%2FaA%2BlnPvCcrVE%2FbisExarmUmVU403rIbFi0eFVRdTupIAUu6LMW8qY4dWFNLzRTTKVBAWXS8ThsQ03EpXwMW4Nd3qDUyLBgHk%3D"}],"group":"cf-nel"}
content-type: font/woff
cache-control: public, max-age=172800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 619f2dd3bea31786-FRA
expires: Tue, 02 Feb 2021 00:05:04 GMT

GET
H2 200 l7gfbjR61M69yt8Z2QKtlAXJExs.woff2
fonts.gstatic.com/s/spartan/v3/ 31 KB
31 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/spartan/v3/l7gfbjR61M69yt8Z2QKtlAXJExs.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CSpartan%3A400%2C300%2C600%2C700%2C800&subset=latin%2Clatin-ext&display=swap&ver=8.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed6da3f7f04f8e892edcdf9006bee09231e427420e024f8636b7f0a7d3dd3f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://paylas.cc
Referer: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C500%2C600%2C700%2C900%7CSpartan%3A400%2C300%2C600%2C700%2C800&subset=latin%2Clatin-ext&display=swap&ver=8.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 04:09:34 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 23:22:16 GMT
server: sffe
age: 71731
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31816
x-xss-protection: 0
expires: Sun, 30 Jan 2022 04:09:34 GMT

GET
H2 200 personel-takip-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/ 7 KB
7 KB 26ms
26ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/personel-takip-364x205.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26fc542578cd8edf6c9779068bf4cd9d9d9e21270646568fc8401e584565f666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6867
cf-request-id: 07f75af88200004a5540aeb000000001
x-served-by: cache-fra19169-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyTC08Zh3zRV6Y4t_qs3YdAA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd40d644a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/12/personel-takip-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108368586-5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3061
date: Sat, 30 Jan 2021 23:14:04 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 31 Jan 2021 01:14:04 GMT

GET
H2 200 dynamic-style-1609144318.css
paylas.cc/wp-content/uploads/ 26 KB
26 KB 23ms
22ms Image
text/css 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paylas.cc/wp-content/uploads/dynamic-style-1609144318.css
Requested by: Host: paylas.cc
URL: https://paylas.cc/wp-content/uploads/dynamic-style-1609144318.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://paylas.cc/wp-content/uploads/dynamic-style-1609144318.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 101145
cf-polished: origSize=31494
cf-bgj: minify
cf-request-id: 07f75af89100001786d59ec000000001
last-modified: Mon, 28 Dec 2020 08:31:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T47OADRYfijNJzvlBQVeb3e0DHy7hlv5tiN8Lfs90uirSJFcajtlsvU0I9sEDLlCJyrVEvVzFnVJq3XMhEFLBn4NLMcOXXyzyUVI51lotAyBDc1sfeM%3D"}],"group":"cf-nel"}
content-type: text/css
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dd41f361786-FRA
expires: Sun, 28 Feb 2021 19:59:21 GMT

GET
H2 200 how-do-i-get-google-to-index-my-site-faster-510x287.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/11/ 14 KB
14 KB 20ms
18ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/11/how-do-i-get-google-to-index-my-site-faster-510x287.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef3b7340a92a945218d6136cbe704d801a91be64bf31d750c4a2cf68ea230264

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14302
cf-request-id: 07f75af89a00004a550e8d4000000001
x-served-by: cache-fra19120-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyQaqPGPG39tJ0dUDMP5wjqQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd42daa4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/11/how-do-i-get-google-to-index-my-site-faster-510x287.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 rank-math-seo-510x287.jpg
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/11/ 8 KB
8 KB 25ms
23ms Image
image/jpeg 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/11/rank-math-seo-510x287.jpg

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29227cef345d6a5b7194d86326bee3feb2f945c9f584a3a01d6d697aa287e22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8249
cf-request-id: 07f75af89a00004a556101c000000001
x-served-by: cache-fra19167-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyp6gRcZs30VC2vaMgZQeI6Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd42dac4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/11/rank-math-seo-510x287.jpg>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 ucretsiz-edu-backlink-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/10/ 10 KB
10 KB 29ms
27ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/10/ucretsiz-edu-backlink-364x205.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c21b72cdf0c1a6d07ad8122033cd6efc91442d69924f2d05f8e85009fb1d7e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10002
cf-request-id: 07f75af89b00004a55f1a80000000001
x-served-by: cache-fra19128-FRA
timing-allow-origin: *
server: cloudflare
etag: "stly0aCweYKj-n7_ZUSYcFyKFw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd42dae4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/10/ucretsiz-edu-backlink-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 cokersay-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/09/ 16 KB
16 KB 28ms
27ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/09/cokersay-364x205.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9147e058187507beec428be95c999f47f5a51a1df8d805ebbea8729a13cf8931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16290
cf-request-id: 07f75af89b00004a55162dd000000001
x-served-by: cache-fra19136-FRA
timing-allow-origin: *
server: cloudflare
etag: "stly-ochuFhHxPzBf7wL3fl5Cw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd42daf4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/09/cokersay-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 yillik-izin-takip-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/07/ 53 KB
53 KB 21ms
20ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/07/yillik-izin-takip-364x205.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b3839d1fd6a0f3cc33df554d9267e9e1ab2f7eeba46695e1bc9c411b8359cb2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54471
cf-request-id: 07f75af89b00004a5523333000000001
x-served-by: cache-fra19157-FRA
timing-allow-origin: *
server: cloudflare
etag: "stly6m1Zw1YdPm0qxmt0Ml9ZeA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd42db04a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/07/yillik-izin-takip-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 arac-tamir-bakim-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 18 KB
19 KB 28ms
28ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/arac-tamir-bakim-364x205.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8263a88fba85996d9b77d3098948f82b38da0655317680e0c6bbb59b9c0b03c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18779
cf-request-id: 07f75af89e00004a554b092000000001
x-served-by: cache-fra19142-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyG9MWmEzTGUZuDiHXVh3c8w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd43db94a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/arac-tamir-bakim-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 iki-tarih-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 15 KB
15 KB 26ms
25ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/iki-tarih-364x205.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a14793a7233c1e69ce5f779629a325271ecf78a05b782c6b1b0cab4e81904e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15268
cf-request-id: 07f75af8a500004a553b903000000001
x-served-by: cache-fra19157-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyj-n_oZSgWYUKSKBDT1EPHg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd43dca4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/iki-tarih-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 puantaj-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 8 KB
9 KB 21ms
21ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/puantaj-364x205.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d31316e0fe2f8234880b6c68ac7aafd9f0ea137a711d8052d05a2fd5f3ca500

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8526
cf-request-id: 07f75af8a500004a55f71cc000000001
x-served-by: cache-fra19160-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyblh27zjvd1I3392ZlY-27w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd43dc74a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/puantaj-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 cari-hesap-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 11 KB
12 KB 20ms
19ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/cari-hesap-364x205.png

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ebc4bb249121e853396a59bc235a0d33786cb2e8376a8b8249ca69a5a6ee295

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11487
cf-request-id: 07f75af8a500004a5549343000000001
x-served-by: cache-fra19179-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyC7RYfwYH_x6NAHjEdwyozw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2dd43dc84a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/cari-hesap-364x205.png>; rel="canonical"
access-control-expose-headers: *

POST
H3-Q050 200 collect
www.google-analytics.com/ 35 B
417 B 46ms
13ms Other
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: cdn.statically.io
URL: https://cdn.statically.io/js/paylas.cc/wp-content/plugins/flying-analytics/js/minimal-analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://paylas.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

HEAD
H3-Q050

200

id
googleads.g.doubleclick.net/pagead/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

0
0

65ms
52ms

Fetch
application/json

2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by: Host: paylas.cc
URL: https://paylas.cc/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-credentials: true

Redirect headers

pragma: no-cache
date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
paylas.cc/page/2/ 75 KB
11 KB 1217ms
1216ms XHR
text/html 2606:4700:3033::6815:10f8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paylas.cc/page/2/
Requested by: Host: cdn.statically.io
URL: https://cdn.statically.io/wp/c/5.6/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:10f8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.9
Resource Hash: 08ae724b050fc30cf882578f9ad3fdfe8a1487fac9a385c3883634916cf2d881

Request headers

Accept: */*
Referer: https://paylas.cc/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.9
cf-request-id: 07f75af8c00000178611b85000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent,User-Agent
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XPIAC8vk4ssnOWZA0U0M8W%2FhDD5buFqLEHiZ2hfsdLoSNUWtfgVJTIsMm7tWsrdtpDaQtrcqSHFIRboh0PZOq3qjd33%2B7eRi4WQ01BfWyOkqJPwoQYs%3D"}],"group":"cf-nel"}
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 619f2dd46f9f1786-FRA
link: <https://paylas.cc/wp-json/>; rel="https://api.w.org/"
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
35 B 13ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=679171235&t=pageview&_s=1&dl=https%3A%2F%2Fpaylas.cc%2F&ul=en-us&de=UTF-8&dt=Paylas.cc%20-%20.xls%2C%20.psd%2C%20.eps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=2054822370&gjid=396132235&cid=1456197807.1612051505&tid=UA-108368586-5&_gid=796395185.1612051505&_r=1&gtm=2ou1k0&z=1022039770

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jan 2021 00:05:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paylas.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
80 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-108368586-5&cid=1456197807.1612051505&jid=2054822370&gjid=396132235&_gid=796395185.1612051505&_u=IEBAAUAAAAAAAC~&z=2072900140

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 31 Jan 2021 00:05:05 GMT
content-type: text/plain
access-control-allow-origin: https://paylas.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 paylas-2021.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/ 1 KB
1 KB 20ms
18ms Image
image/webp 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/paylas-2021.png

Requested by

Host: cdn.statically.io
URL: https://cdn.statically.io/wp/c/5.6/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea1546779b8210e51e58f95dfcc8fea3cc18dff2aa2520b51a219fb3621d2f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
cf-polished: origFmt=png, origSize=1267
x-cache: HIT
content-disposition: inline; filename="paylas-2021.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1070
cf-request-id: 07f75afd8800004a55f1ad5000000001
x-served-by: cache-fra19148-FRA
timing-allow-origin: *
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "stlyE3H-DTvSPjqxGICw5daU5g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddc0ad44a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/12/paylas-2021.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 paylas-2021-beyaz.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/ 1 KB
2 KB 20ms
19ms Image
image/webp 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/12/paylas-2021-beyaz.png

Requested by

Host: cdn.statically.io
URL: https://cdn.statically.io/wp/c/5.6/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8878852b14429128f5348d48c739e235a57d6eee4eea22a87645e0cba6dc4085

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
cf-polished: origFmt=png, origSize=2761
x-cache: HIT
content-disposition: inline; filename="paylas-2021-beyaz.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1382
cf-request-id: 07f75afd8800004a556533d000000001
x-served-by: cache-fra19140-FRA
timing-allow-origin: *
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "stlyNRXZYKlDolQWTBj9x1OUUA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddc0ad64a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/12/paylas-2021-beyaz.png>; rel="canonical"
access-control-expose-headers: *

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
29 B 13ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=679171235&t=pageview&_s=1&dl=https%3A%2F%2Fpaylas.cc%2Fpage%2F2%2F&ul=en-us&de=UTF-8&dt=Paylas.cc%20-%20.xls%2C%20.psd%2C%20.eps&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAAUABAAAAAC~&jid=1926105645&gjid=1610122085&cid=1456197807.1612051505&tid=UA-108368586-5&_gid=796395185.1612051505&_r=1&_slc=1&z=915325560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paylas.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mineral-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 67 KB
67 KB 62ms
59ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/mineral-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a2009602b1e5cea444e155c37372a40699d25a4f126a5b20f6717beb64e33c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 68455
cf-request-id: 07f75afdab00004a55ed135000000001
x-served-by: cache-fra19167-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyj_BWNPxf6fi8FFTKOwYC2g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddc4b254a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/mineral-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 yeni-tip-kasa-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 18 KB
18 KB 63ms
60ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/yeni-tip-kasa-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c76ad830edbe4fdf6a92bc0954571b65ad1d2c402b61698cec80c2f783dcef8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18266
cf-request-id: 07f75afdab00004a550a162000000001
x-served-by: cache-fra19127-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlywd43gJpi3inDOawdpbuI5A"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddc4b284a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/yeni-tip-kasa-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 standart-kasa-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 17 KB
17 KB 60ms
57ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/standart-kasa-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01a23d9fe7e84ca5517b740fb31d9bd5f76b94dc5c26e9cc11d83730242451d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17076
cf-request-id: 07f75afdab00004a5516339000000001
x-served-by: cache-fra19127-FRA
timing-allow-origin: *
server: cloudflare
etag: "stly1Cu1dl3Oy75VbSAP5OPveQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddc4b2a4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/standart-kasa-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 altin-alim-satim-hesabi-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 51 KB
51 KB 60ms
58ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/altin-alim-satim-hesabi-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab95f5fb17d57d303dfb4fd72a1835efe2b1d38c0156a190c545ed02159b46e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 52341
cf-request-id: 07f75afdad00004a5518885000000001
x-served-by: cache-fra19123-FRA
timing-allow-origin: *
server: cloudflare
etag: "stly1I1CuBVdhOqjmg92G2aN8g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddc4b2b4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/altin-alim-satim-hesabi-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 yas-hesaplama-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/ 15 KB
16 KB 63ms
61ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/05/yas-hesaplama-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544c977ee4a1d8e5d6584b37a6e736487aea87b0f2d8de17d68d5bc9c6176cdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15775
cf-request-id: 07f75afdac00004a5534b21000000001
x-served-by: cache-fra19155-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyz_hePucOgIRKwykHhByCCQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddc4b2c4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/05/yas-hesaplama-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 sondaj-bitis-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/ 11 KB
12 KB 487ms
485ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/sondaj-bitis-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fe8b55a9178ed0a4a16b659667670837dcb183cbdfd8b1044882509d626335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:07 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11569
cf-request-id: 07f75afdac00004a55200b2000000001
x-served-by: cache-fra19141-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyXvVuQDm9MRKhCw1w0CNODw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddc4b2d4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/04/sondaj-bitis-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 akaryakit-kasa-programi-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/ 16 KB
16 KB 24ms
20ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/akaryakit-kasa-programi-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3698a0c8c0a13e71caabb75a78fe98c157be88b3b452c55848b319ced9aa42c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16123
cf-request-id: 07f75afdea00004a551c0a4000000001
x-served-by: cache-fra19144-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyWKI1Hy6QW1nF06YFb6TTEA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddcabc34a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/04/akaryakit-kasa-programi-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 pazarlama-programi-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/ 6 KB
7 KB 27ms
24ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/pazarlama-programi-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05bf459720ed04ab8ce8b6a7635b00babfa7d6586d7af2f5c9f2dbe1398da7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6552
cf-request-id: 07f75afdea00004a55531c3000000001
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlyz_DkLNU3dAOx7Doggkjh7g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddcabc74a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/04/pazarlama-programi-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 egim-yuzde-hesaplama-programi-364x205.png
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/ 12 KB
12 KB 23ms
22ms Image
image/png 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/egim-yuzde-hesaplama-programi-364x205.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9ac3bbfa442f2452814abde84637091fe42308b2202485c629a069627f85385

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12548
cf-request-id: 07f75afdea00004a5525096000000001
x-served-by: cache-fra19121-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlysEB9jsjPKJWXn7Fq2NF6jA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddcabc84a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/04/egim-yuzde-hesaplama-programi-364x205.png>; rel="canonical"
access-control-expose-headers: *

GET
H2 200 yeralti-emeklilik-hesaplama-programi-1-364x205.jpg
cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/ 8 KB
8 KB 21ms
21ms Image
image/jpeg 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.statically.io/img/paylas.cc/f=auto/wp-content/uploads/2020/04/yeralti-emeklilik-hesaplama-programi-1-364x205.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad809eccdd8b5444815657daf9875541b9465833f90a3ae2a8bc37347398cd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:06 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8297
cf-request-id: 07f75afdeb00004a55f9b90000000001
x-served-by: cache-fra19170-FRA
timing-allow-origin: *
server: cloudflare
etag: "stlydeGE1DTqJUXoqPvsUqh-gg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/jpeg
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 619f2ddcabca4a55-FRA
link: <https://paylas.cc/wp-content/uploads/2020/04/yeralti-emeklilik-hesaplama-programi-1-364x205.jpg>; rel="canonical"
access-control-expose-headers: *

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
38 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-108368586-5&cid=1456197807.1612051505&jid=1926105645&gjid=1610122085&_gid=796395185.1612051505&_u=aHDAAUABAAAAAC~&z=197004109

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 31 Jan 2021 00:05:06 GMT
content-type: text/plain
access-control-allow-origin: https://paylas.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 133 KB
47 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

722f834d0c44729d5535f864b0db96c363412148785466734983f6175b9e6e4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47560
x-xss-protection: 0
server: cafe
etag: 13820021645336652624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 31 Jan 2021 00:05:08 GMT

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46a12fc3545d335a084d4941332bd341cb2e440dc974b514333f937abceecfee

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e83cbf591d5702f6ae87608e7debc770083b3974966d8dbf659a5cae2589bb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87fda6e8eddb52a50ad73ec1a5ce6f4afbd8ef576092d2efe93cbc0e475d0774

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript

GET
DATA 200
OK truncated Show response
/ 2 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 22f83a03d17b9514de257afa6e24b40d241a3fa4c7f4b7ea396784daf24f4ab8

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: text/javascript

GET
H2 200 matchmedia.js Show response
cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/matchmedia/ 906 B
656 B 24ms
24ms Script
application/javascript 2606:4700:10::6816:475
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/js/paylas.cc/wp-content/themes/bimber/js/matchmedia/matchmedia.js

Requested by

Host: paylas.cc
URL: https://paylas.cc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:475 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9f23c7046dfde7c4e484704c1a7b263c1c2283ddd2c84e901917ca05f6f9ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-cache: MISS, HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 07f75b045c00004a555da80000000001
x-served-by: cache-sin18022-SIN, cache-fra19175-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"42-3sAxUMcQoeOeU46l5d5/1RZlMo4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
cf-ray: 619f2de6fe014a55-FRA
access-control-expose-headers: *

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/ 225 KB
84 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86255
x-xss-protection: 0
server: cafe
etag: 8534310779558063066
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Jan 2021 00:05:08 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame 3B2F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210127/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 30 Jan 2021 00:57:55 GMT
expires: Sat, 13 Feb 2021 00:57:55 GMT
content-type: text/html; charset=UTF-8
etag: 6748560809430760793
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4784
x-xss-protection: 0
age: 83233
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
616 B 121ms
81ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=paylas.cc&callback=_gfp_s_&client=ca-pub-8249307255832869

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

85afdab41b41cd7bbab86ef2894c623f42d3cbb404bde027de0fcfeaa8b0910d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
781 B 54ms
41ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=paylas.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
781 B 54ms
41ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=paylas.cc

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 852F 0
0 490ms
490ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=3607668361&adf=823446599&pi=t.ma~as.2209261955&w=1132&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1132x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508368&bpp=14&bdt=4588&idt=80&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6013404952971&frm=20&pv=2&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ee9y2UFl3M&p=https%3A//paylas.cc&dtd=97

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=3607668361&adf=823446599&pi=t.ma~as.2209261955&w=1132&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1132x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508368&bpp=14&bdt=4588&idt=80&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=6013404952971&frm=20&pv=2&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=234&ady=179&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=Ee9y2UFl3M&p=https%3A//paylas.cc&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 Jan 2021 00:05:08 GMT
server: cafe
content-length: 25751
x-xss-protection: 0
set-cookie: IDE=AHWqTUmDsKEG8PiIFR25706LKqzuJzhjNs1h3rDpILXv6xse0SxQ35u5-eGb0Apa; expires=Fri, 25-Feb-2022 00:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Jan 2021 00:05:08 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 37ms
36ms XHR
application/json 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210127&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca6c1483c785bd6db7795ec23bc5f42ed06e49d4153e4d5a73be46b70a2a3647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6762
x-xss-protection: 0

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c36a34cc0d1fba1f6684e46a84e23f1b3138df20e59d8f99679cd40588ed14e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611791148528130"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28336
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:05:08 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9BD7 0
0 286ms
286ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=1731778170&adk=1403243731&adf=410739056&pi=t.ma~as.1731778170&w=336&lmt=1612051508&psa=0&format=336x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508382&bpp=2&bdt=4602&idt=93&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4KU74WFCIy&p=https%3A//paylas.cc&dtd=97

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9051503930469074707/336x280/336x280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9051503930469074707/336x280/336x280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJvBmOzvxO4CFbNAFQgdXq4CQA&gqi=NPQVYMGdHpnI1fAP2eSq8Ag&layout=/sadbundle/%24csp%253Der3%24/9051503930469074707/336x280/336x280.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=1731778170&adk=1403243731&adf=410739056&pi=t.ma~as.1731778170&w=336&lmt=1612051508&psa=0&format=336x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508382&bpp=2&bdt=4602&idt=93&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=510&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=8192&bc=31&ifi=2&uci=a!2&fsb=1&xpc=4KU74WFCIy&p=https%3A//paylas.cc&dtd=97
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9051503930469074707/336x280/336x280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9051503930469074707/336x280/336x280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJvBmOzvxO4CFbNAFQgdXq4CQA&gqi=NPQVYMGdHpnI1fAP2eSq8Ag&layout=/sadbundle/%24csp%253Der3%24/9051503930469074707/336x280/336x280.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 Jan 2021 00:05:08 GMT
server: cafe
content-length: 34183
x-xss-protection: 0
set-cookie: IDE=AHWqTUkI95IcFk4mhzTnNKAoeTKTcDQjfYdkYZNcRFlcMjbnygIxhbD81n3jeXWu; expires=Fri, 25-Feb-2022 00:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Jan 2021 00:05:08 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame DCA7 0
0 373ms
373ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=1731778170&adk=1403243731&adf=1353977248&pi=t.ma~as.1731778170&w=336&lmt=1612051508&psa=0&format=336x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508385&bpp=1&bdt=4605&idt=96&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gkV5AZept0&p=https%3A//paylas.cc&dtd=100

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9051503930469074707/336x280/336x280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9051503930469074707/336x280/336x280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COuMmezvxO4CFalIFQgdQJAE2A&gqi=NPQVYPLRHoyC1fAPh6a8oAc&layout=/sadbundle/%24csp%253Der3%24/9051503930469074707/336x280/336x280.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=1731778170&adk=1403243731&adf=1353977248&pi=t.ma~as.1731778170&w=336&lmt=1612051508&psa=0&format=336x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508385&bpp=1&bdt=4605&idt=96&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=632&ady=1138&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&xpc=gkV5AZept0&p=https%3A//paylas.cc&dtd=100
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9051503930469074707/336x280/336x280.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9051503930469074707/336x280/336x280.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COuMmezvxO4CFalIFQgdQJAE2A&gqi=NPQVYPLRHoyC1fAPh6a8oAc&layout=/sadbundle/%24csp%253Der3%24/9051503930469074707/336x280/336x280.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 Jan 2021 00:05:08 GMT
server: cafe
content-length: 34471
x-xss-protection: 0
set-cookie: IDE=AHWqTUnVpMO4ThqY16SxVLxwWg-bgJbdu2FXCGFvc5Qa0QXDgaqoeoCYdMtEMKwxMfU; expires=Fri, 25-Feb-2022 00:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Jan 2021 00:05:08 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame AD14 0
0 315ms
315ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=1167091871&adf=383669989&pi=t.ma~as.2209261955&w=1200&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508385&bpp=1&bdt=4605&idt=103&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HlWIldhgD1&p=https%3A//paylas.cc&dtd=106

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=1167091871&adf=383669989&pi=t.ma~as.2209261955&w=1200&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508385&bpp=1&bdt=4605&idt=103&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8320&bc=31&ifi=4&uci=a!4&fsb=1&xpc=HlWIldhgD1&p=https%3A//paylas.cc&dtd=106
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 Jan 2021 00:05:08 GMT
server: cafe
content-length: 26122
x-xss-protection: 0
set-cookie: IDE=AHWqTUldWiuhPZnWwUdk6IJEoywsndvSpE4dHBckuFYWSyVJUdT2xJhlsLm8tl3W; expires=Fri, 25-Feb-2022 00:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Jan 2021 00:05:08 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9478 0
0 226ms
226ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=90&slotname=1570213802&adk=1407570446&adf=2318803929&pi=t.ma~as.1570213802&w=728&lmt=1612051508&psa=0&format=728x90&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508386&bpp=1&bdt=4606&idt=108&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Ka38TgJwnL&p=https%3A//paylas.cc&dtd=110

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3270837731991827017/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3270837731991827017/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJWjmuzvxO4CFdY6GwodImkPDg&gqi=NPQVYIifH4uB1fAP76mquAU&layout=/sadbundle/%24csp%253Der3%24/3270837731991827017/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=90&slotname=1570213802&adk=1407570446&adf=2318803929&pi=t.ma~as.1570213802&w=728&lmt=1612051508&psa=0&format=728x90&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&wgl=1&dt=1612051508386&bpp=1&bdt=4606&idt=108&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8192&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Ka38TgJwnL&p=https%3A//paylas.cc&dtd=110
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3270837731991827017/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3270837731991827017/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJWjmuzvxO4CFdY6GwodImkPDg&gqi=NPQVYIifH4uB1fAP76mquAU&layout=/sadbundle/%24csp%253Der3%24/3270837731991827017/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 Jan 2021 00:05:08 GMT
server: cafe
content-length: 35151
x-xss-protection: 0
set-cookie: IDE=AHWqTUkgRlXN_l4YirMyZ6abqxO2B4bhhTD5Qd7Lnh599LC_1HSnDdDd2MtSZqwN; expires=Fri, 25-Feb-2022 00:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Jan 2021 00:05:08 GMT
cache-control: private

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 31 Jan 2021 00:05:08 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 249F 0
0 162ms
162ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=919377124&adf=307756650&pi=t.ma~as.2209261955&w=1200&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508387&bpp=1&bdt=4607&idt=145&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280%2C728x90&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5FdqU10Zw&p=https%3A//paylas.cc&dtd=147

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&h=280&slotname=2209261955&adk=919377124&adf=307756650&pi=t.ma~as.2209261955&w=1200&fwrn=4&fwrnh=100&lmt=1612051508&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fpaylas.cc%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1612051508387&bpp=1&bdt=4607&idt=145&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280%2C728x90&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=200&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=8320&bc=31&ifi=6&uci=a!6&fsb=1&xpc=K5FdqU10Zw&p=https%3A//paylas.cc&dtd=147
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 Jan 2021 00:05:08 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: IDE=AHWqTUkKJPlnpsDqvT4c8rrH-iVDarbUdA3CTCyLRk-w6rxrjH18uwtfZFAno4RD; expires=Fri, 25-Feb-2022 00:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Jan 2021 00:05:08 GMT
cache-control: private

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
33 B 39ms
38ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpaylas.cc%2F&tn=DIV&id=eaa_sticky_ad_bottom&cls=eaa-wrapper%20eaa_sticky_ad_bottom%20eaa_desktop&ign=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jan 2021 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
71 B 39ms
38ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fpaylas.cc%2F&tn=DIV&id=eaa_sticky_ad_top&cls=eaa-wrapper%20eaa_sticky_ad_top%20eaa_desktop&ign=false

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jan 2021 00:05:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 7DAE 0
0 314ms
314ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&adk=1812271804&adf=3025194257&lmt=1612051508&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaylas.cc%2F&ea=0&flash=0&pra=7&wgl=1&dt=1612051508388&bpp=1&bdt=4608&idt=153&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280%2C728x90%2C1200x280&nras=1&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&dtd=158

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-8249307255832869&output=html&adk=1812271804&adf=3025194257&lmt=1612051508&plat=1%3A16809992%2C2%3A16809992%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fpaylas.cc%2F&ea=0&flash=0&pra=7&wgl=1&dt=1612051508388&bpp=1&bdt=4608&idt=153&shv=r20210127&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=1132x280%2C336x280%2C336x280%2C1200x280%2C728x90%2C1200x280&nras=1&correlator=6013404952971&frm=20&pv=1&ga_vid=1456197807.1612051505&ga_sid=1612051508&ga_hid=679171235&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C44734255&oid=3&pvsid=3563683974881735&pem=921&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=6&uci=a!6&fsb=1&dtd=158
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 31 Jan 2021 00:05:08 GMT
server: cafe
content-length: 44313
x-xss-protection: 0
set-cookie: IDE=AHWqTUmtGRIJzoNiMgS2KfDZeKHCri3vzKvjQ5xi2gc8qxs_9JgZAKcpjuvCYp3P; expires=Fri, 25-Feb-2022 00:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 31 Jan 2021 00:05:08 GMT
cache-control: private

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame A517 0
0 6ms
6ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sat, 30 Jan 2021 12:27:41 GMT
expires: Sun, 30 Jan 2022 12:27:41 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 41847
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
225 B 43ms
39ms Image
image/gif 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210127&jk=3563683974881735&bg=!6-il6KvNAAXyQKAs8jsAKQB2-DxadureQqm0gu5TDAa4fdCe_bhSMpP_vF9ws-vlhB6dTsCsuMe4AgAAAMJSAAAAYmgBBwoAqIc8k12Ih691TnDi6Ob7LRb4Iapv0DSXFdShIF9ZREKzctZ7dlP1HGxLJgq63vlSZYZZ0JE9KQhstL6lwTXcQYvLfPcoNJ10_fzF8PPgouA8vHHvjxNTXSTcjrYCohCs0yrQ2xRcvo4aae8fCmsDxej1f-bkpCSHdw_zgr70siKtSTynjnuckrq-Hc2LoprF2tfWFYaTXx7Eug3-eRv3i7XnwWP4jF1sYZkBxprF3o5IH2DA0srDbfzOr21kJ_rFBeLM0lhYKBb4ewbhyB1D-yO0FS2HJj3TZpumXUKAp8hKkrglH7FxO-9ZN_62zKtjoeJA9eCuGYLHJD2XGx0Gi3thPhqGgdlpVNPdBQCvXyNAtTBV98eSmIEvvUfUSdg36PEtdgVBCpgz_uDrAiDUKYtl2QIZM2cfehgo5GZUkHoBGoyG0GO2nRT66BW3cc761cZ0Xa4u8s-LkJsjifGOcvxKR3Eaz4CsD4tE7L23wDfpXNU_skW1dgZHd7P61YpFAZMEHYmndjGak1nx4Ps-eEq-OTL1Krn9fnsRL-FjRPOI8TpGa7xCO7a8XtWpi_B5DumIcwpHIDJ9JYkGd_G1-JO_1muWrRf5inJcZSnX1zCeZCDhET4fLxRp5abwe-aCwcrnGYrQaYlIBQw8YKgBI9vvzNup4UnOg4-mUnzQz1NRLetvTJHqPiRXv8NY0kDPN-2pzuGs9k2XOHUQv5jWP_2j-OE2WsjKLvYlyPgfz33xNPuFNSjJCd86S-krZUG2VFarFoGgCOUrgR7y5B-BNDHwO-Q3XRQfgzKy21L4Q5-jAt6JK-Cl0ByZ57i1ylOJV7g

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Jan 2021 00:05:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/ 142 KB
51 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/reactive_library_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b610af5760be130959cb2fa1bb3210c35ea7fc93cc2fd09ebeadcdd130f2f192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://paylas.cc/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 31 Jan 2021 00:05:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 52097
x-xss-protection: 0
server: cafe
etag: 15838340550375950805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Jan 2021 00:05:09 GMT

GET
H3-Q050 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/ Frame C404 0
0 11ms
9ms Document
text/html 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210127/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210127/r20190131/zrt_lookup.html?fsb=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://paylas.cc/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmDsKEG8PiIFR25706LKqzuJzhjNs1h3rDpILXv6xse0SxQ35u5-eGb0Apa; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://paylas.cc/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 30 Jan 2021 11:39:30 GMT
expires: Sat, 13 Feb 2021 11:39:30 GMT
content-type: text/html; charset=UTF-8
etag: 6748560809430760793
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4784
x-xss-protection: 0
age: 44739
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.paylas.cc/	1970-01-19 16:30:43	Name: __cfduid Value: d7022946735c6292daed3614597cd4ea31612051505
.paylas.cc/	1970-01-19 15:48:57	Name: _gid Value: GA1.2.796395185.1612051505
.paylas.cc/	1970-01-20 09:18:43	Name: _ga Value: GA1.2.1456197807.1612051505
.paylas.cc/	1970-01-19 15:47:31	Name: _gat_gtag_UA_108368586_5 Value: 1
paylas.cc/	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.statically.io/wp/c/5.6/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.statically.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
paylas.cc
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.paylas.cc
142.250.185.194
2606:4700:10::6816:475
2606:4700:3033::6815:10f8
2a00:1450:4001:801::2003
2a00:1450:4001:809::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:821::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::9b
2a00:1450:400c:c00::9c
01a23d9fe7e84ca5517b740fb31d9bd5f76b94dc5c26e9cc11d83730242451d2
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05bc0c050cebeb769623444bdb968199a9338d53ab2b9cf739fa2e5f41daf424
05bf459720ed04ab8ce8b6a7635b00babfa7d6586d7af2f5c9f2dbe1398da7bf
08ae724b050fc30cf882578f9ad3fdfe8a1487fac9a385c3883634916cf2d881
08d76847bf78c620e7823f1eb92c1b7689ea5087cbfa4f8df8c49981f5839a71
0a08d51c4d3bb6e480a9d1c15eead0d989ecf10433c67cc5865dc546fc3c6ceb
0a98bc6280a9d7b76a94af5836805e6a503718b1f730b5b4d9f8d4a045d1426a
0c4acce3075a37daa739aa0b14a531001f95d4e713c6d0c32ced35e43e056741
0d31316e0fe2f8234880b6c68ac7aafd9f0ea137a711d8052d05a2fd5f3ca500
0da5259c785f10af603c11fce61e4ba3bf638637de20fe6f64aa0510cf7fbf6f
0fe8b55a9178ed0a4a16b659667670837dcb183cbdfd8b1044882509d626335f
17a2009602b1e5cea444e155c37372a40699d25a4f126a5b20f6717beb64e33c
196d444f28cc50fd900d9f761ac23efbb140c492b920921ff3e491326198eb48
1a9328556f63942f9089a040bd722c33207fb02d13db175e06a780a98477a567
1ab95f5fb17d57d303dfb4fd72a1835efe2b1d38c0156a190c545ed02159b46e
22f83a03d17b9514de257afa6e24b40d241a3fa4c7f4b7ea396784daf24f4ab8
26fc542578cd8edf6c9779068bf4cd9d9d9e21270646568fc8401e584565f666
2e4fd4a7e8c3d71dc45afe3817f4a837bb6cb4f3a0e2f56778ea17feb9a85c1e
2e66ce2eadd79bca0080194f87dbf2f1d01bbf996241615de43d94dfc7eb1d0d
30cd961db82d46c3ac5c6a4abb291fcdc9e1bd4ded973363d2c8dad8039bf3df
324dbc3f38a9f0a20763e0c0d817aadea2b441e2b872b81c69f453857da67489
325e36bfd0f1d6dd2e8f06bf0ca02240ba139d6b7131d658cace3f22a48f383c
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
3698a0c8c0a13e71caabb75a78fe98c157be88b3b452c55848b319ced9aa42c8
3c53a78aa78c129596570e6919f034004d73ae707a6c5955ab2b360e31afbb38
3caff329d1e76a3a9a8ab8030abed403362ee5490631d7bb9774372388198763
3e83cbf591d5702f6ae87608e7debc770083b3974966d8dbf659a5cae2589bb1
423f99e6781c0eacc11765b0cd629ad2d5a0ec4edd9b57f6d9ee0d2ff3852a99
42a14793a7233c1e69ce5f779629a325271ecf78a05b782c6b1b0cab4e81904e
43f3fac46ba9fbab6916820bc2f32cbbe73696fdfb6b70feb015d91664927c37
46a12fc3545d335a084d4941332bd341cb2e440dc974b514333f937abceecfee
4dc9c239931effb2183adb19e90f60c5cc009ddca45024fc7325d82e3c08d40c
4ebc4bb249121e853396a59bc235a0d33786cb2e8376a8b8249ca69a5a6ee295
544c977ee4a1d8e5d6584b37a6e736487aea87b0f2d8de17d68d5bc9c6176cdb
5609fcce1905c2636b01c4213c8ca1060d06587244cf16d8a0aee56dcd82cc89
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61860eb0af368075cd1201457d143552abf04c8841bf218653813317e9c3f11d
64c8551c397b1915ef17010eca19e10f01083601d6e0f81b2bef6a081a2f69c1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd9f45985a0e7c5dad574f6229a0420eae084a7e0b8c4e27fd86bf5376593ef
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
722f834d0c44729d5535f864b0db96c363412148785466734983f6175b9e6e4c
758990d012d05cedd7416c43e1491d82030640f727b01ca2678908a2ba41978f
77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe
7be717bbc67636660bafd66159898f6be44728a4faa8f4e8ec49dd600936e8ad
80f6df81380466af12e411fe992318b338f4d4e661f03d0a4687198f059cd688
8263a88fba85996d9b77d3098948f82b38da0655317680e0c6bbb59b9c0b03c9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85afdab41b41cd7bbab86ef2894c623f42d3cbb404bde027de0fcfeaa8b0910d
87fda6e8eddb52a50ad73ec1a5ce6f4afbd8ef576092d2efe93cbc0e475d0774
8878852b14429128f5348d48c739e235a57d6eee4eea22a87645e0cba6dc4085
8c155dcec144583a390e6cdbe615024a30d88003f0131f4510159f80c602f4fb
9147e058187507beec428be95c999f47f5a51a1df8d805ebbea8729a13cf8931
955c98325a7e06af12c0e9a93a342ce5abe84b545e181ca0bdf110a1b5331139
9a65a31267c9cb46c78918037f3bb7922a71b37163e8d1c7cc2154682888a0ca
9c7bd3dadf6edc19d3b8876a8e2b0b0ae6b54f403d7e987ec82b041128cfdd35
9dbbdfedbc6ce8ebad500036a3a93140213364f54dfd9b3348d714b9b4bd8447
a29227cef345d6a5b7194d86326bee3feb2f945c9f584a3a01d6d697aa287e22
a71d75e9e83cd1be2fa6553ce689441a8be58574d9734eefbfeed29e9178ab5d
a78e9bc9ef66efd4c9d5e5f5860952a1c191f05fe6435c97b14fb89fb7a453ac
aabc30ee10c2b23a718fe443f43b051563fa5c58aa4b48cb64155a424e451468
ac7f11986f311aec18f6e8346a0c2448ed4a523a16761ecd652a9707792282fa
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af6a6221e0f64c0ee6eb242ee1f4102c6cc7113c7fd822907e0e3fc5b38c134c
b3839d1fd6a0f3cc33df554d9267e9e1ab2f7eeba46695e1bc9c411b8359cb2e
b5abbc93d709aaa8506017e4b5ca786bf323ad2a1dd2205e78bf122ccb22d6ac
b610af5760be130959cb2fa1bb3210c35ea7fc93cc2fd09ebeadcdd130f2f192
b8a2e83955a77d82c9fd99a3a9595609f8fc55b956262bb10102982ccdc02305
b8e149178358873942c6a434f9ae62dd952769a87c2abdf7e659c129acd398fd
b9ac3bbfa442f2452814abde84637091fe42308b2202485c629a069627f85385
b9f23c7046dfde7c4e484704c1a7b263c1c2283ddd2c84e901917ca05f6f9ca3
bad809eccdd8b5444815657daf9875541b9465833f90a3ae2a8bc37347398cd1
c21b72cdf0c1a6d07ad8122033cd6efc91442d69924f2d05f8e85009fb1d7e3c
c36a34cc0d1fba1f6684e46a84e23f1b3138df20e59d8f99679cd40588ed14e2
c421fa94220ecc78ab2044859a8b3bf54380a2dafded1a9f74fb84733b7921bb
c76ad830edbe4fdf6a92bc0954571b65ad1d2c402b61698cec80c2f783dcef8e
ca6c1483c785bd6db7795ec23bc5f42ed06e49d4153e4d5a73be46b70a2a3647
cf1fc6ff953ad6ad61a388420fe3a33af0aae598c6fee873ab7a5036b1dbad15
d603b6e5c404d28a9f1c12bb0b57d8c9967836a8f53cce046a2ab3fd1f3b2f52
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7eabc7f05a63848ca0cf3d821014400d89e413dd6d11de71620a36cb655f99b
e91c0cdaaf3c96c15bca3130b80c11456577bbc4b0a3178f73598052d8212018
ea1546779b8210e51e58f95dfcc8fea3cc18dff2aa2520b51a219fb3621d2f9c
eed6da3f7f04f8e892edcdf9006bee09231e427420e024f8636b7f0a7d3dd3f0
ef3b7340a92a945218d6136cbe704d801a91be64bf31d750c4a2cf68ea230264
f76aea67e899437122e8fc336e08e2df7cf6d386dc132fae727a417b92a4c005

paylas.cc Open in urlscan Pro 2606:4700:3033::6815:10f8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

100 %HTTPS

92 %IPv6

12 Domains

15 Subdomains

13 IPs

3 Countries

967 kBTransfer

2245 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

paylas.cc Open in urlscan Pro
2606:4700:3033::6815:10f8 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

100 %
HTTPS

92 %
IPv6

12
Domains

15
Subdomains

13
IPs

3
Countries

967 kB
Transfer

2245 kB
Size

5
Cookies

102 HTTP transactions
6 data transactions