paybyplatema.site Open in urlscan Pro
2606:4700:3030::ac43:b3fd Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://paybyplatema.site/
Effective URL:
https://paybyplatema.site/
Submission: On November 14 via manual (November 14th 2023, 11:39:44 am UTC) from GB — Scanned from GB

Summary HTTP 23 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3030::ac43:b3fd, located in United States and belongs to CLOUDFLARENET, US. The main domain is paybyplatema.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 10th 2023. Valid for: a year.

This is the only time paybyplatema.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:1fd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2606:4700:303... 2606:4700:3030::ac43:b3fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
7	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2606:4700:303... 2606:4700:3033::ac43:b1d6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	6

1 2606:4700:3037::6815:1fd7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

paybyplatema.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3030::ac43:b3fd (United States)

ASN13335 (CLOUDFLARENET, US)

paybyplatema.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

alterassumeaggravate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:b1d6 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	paybyplatema.site 1 redirects paybyplatema.site	139 KB
7	alterassumeaggravate.com alterassumeaggravate.com — Cisco Umbrella Rank: 795106
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 26862	1 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2462	246 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	74 KB
23	5

	Domain	Requested by
13	paybyplatema.site	1 redirects paybyplatema.site
7	alterassumeaggravate.com	paybyplatema.site
2	youradexchange.com	paybyplatema.site
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	paybyplatema.site
23	5

This site contains links to these domains. Also see Links.

Domain
generatepress.com
youradexchange.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-10` - `2024-02-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
alterassumeaggravate.com R3	`2023-09-16` - `2023-12-15`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://paybyplatema.site/
Frame ID: E8BD7F1A5704D0CFC6B68DE44BD9BCDB
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PayByPlateMa com Pay Online Toll Bills in Massachusetts

Page URL History Show full URLs

http://paybyplatema.site/ HTTP 301
https://paybyplatema.site/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

23
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

213 kB
Transfer

686 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://generatepress.com/
Title: GeneratePress

Search URL Search Domain Scan URL

URL: https://youradexchange.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://paybyplatema.site/ HTTP 301
https://paybyplatema.site/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
paybyplatema.site/
Redirect Chain

http://paybyplatema.site/
https://paybyplatema.site/

97 KB
22 KB

455ms
362ms

Document
text/html

2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d68eeac7280bbce5bca3380a3e3fb83d76fa6d9455256514b518f8d53dd3d683

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 825ef98e9d7960ea-LHR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 Nov 2023 11:39:36 GMT
expires: Tue, 14 Nov 2023 11:39:36 GMT
last-modified: Tue, 14 Nov 2023 08:07:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7T%2FWMX59b6ubNHUSc13dYiUNUXQBnRBhT4zilkbIcTJreS3gBeOZerr%2BjuwZWL8yYpl5MBxcUhxaNhLY3z6tllX0j3DUOncxmJLDfD7wXNhiwGEOajwM9Jm%2FD9I2jAszoGbVDEmzcOWzAqY2z%2BSDRg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding

Redirect headers

CF-RAY: 825ef98daf9160e1-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 14 Nov 2023 11:39:35 GMT
Expires: Tue, 14 Nov 2023 12:39:35 GMT
Location: https://paybyplatema.site/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8h0WN7JFZGXiPNY9EpHb5jkD7MKIhOWKkBWsiNMNO88GLVTqdRDFsM6Z5JljdqcERLOBjlG%2FTXyzbgy5EskQe51NPi%2B09Y8T2TdMTb3SEy0feHPqXep8rhZ7kIFcmb3F%2BjDmNsljDVNFAkeL6mkIw%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 9defd14727dc5509bc7e9c47a661a1d4.css
paybyplatema.site/wp-content/cache/min/1/ 141 KB
22 KB 344ms
343ms Stylesheet
text/css 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/wp-content/cache/min/1/9defd14727dc5509bc7e9c47a661a1d4.css
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b594e352a998f1b2fd11d624592f614e471ac60b9265461455bba798abd8f92

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 09 Nov 2023 15:09:58 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=144375
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8vtlC4Pqf9JNP1h%2F%2Fsc%2BwOAIGGoduGTyv1Qc3AnI3xWtRVA4BCYyOBCKIyFb%2FmJ5QC268RHx2eGQWl38jYEVCmgxxtOMcTuDsKNZ5%2BXhMkHpV29rxLR3aUw0VswJJgJmYIhZlBt8sgQnUbtNpS0Fmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000,public
cf-ray: 825ef990e81860ea-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Nov 2024 15:10:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
74 KB 182ms
68ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BR9S49MX8J

Requested by

Host: paybyplatema.site
URL: https://paybyplatema.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9cde9e0c2fcf009040449976d133a9623613fc41879b7bae9341d19743a735b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75275
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 11:39:36 GMT

GET
H3 200 atg.js Show response
paybyplatema.site/wp-content/cache/min/1/script/ 192 KB
59 KB 166ms
166ms Script
application/javascript 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/wp-content/cache/min/1/script/atg.js?ver=1699542598
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 829e125510e3447784a90698a8982c5ac20b0bcff82776b7115b6e75f048d2e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 15:09:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FJZYmFDIMhP8vctltrgh1ZHvP8yY0vd%2BPyFhylNkh7YAl%2BIw7RHROFzfIT%2BaV25HrSEoTcRLtiKNDZHnut2%2BXY4vHeE%2Fepmt2YUYcY6AN3DttEOPvCIkWGDMREcgP2J9VA0psixpRZ2lFQdmIbYLEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
cf-ray: 825ef992af288892-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Nov 2024 15:11:12 GMT

GET
H/1.1 403
Forbidden b233f1a8a86af17492dd04a1da354e1e.js
alterassumeaggravate.com/b2/33/f1/ 0
0 1997ms
122ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://alterassumeaggravate.com/b2/33/f1/b233f1a8a86af17492dd04a1da354e1e.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 11:39:38 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H3 200 tag.min.js Show response
paybyplatema.site/wp-content/cache/min/1/pfe/current/ 13 KB
6 KB 150ms
150ms Script
application/javascript 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/wp-content/cache/min/1/pfe/current/tag.min.js?ver=1699542599
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98a810dbf7bb30a707296aed5f070b52dc1d69c36fd72801a6f8838a852a951b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Nov 2023 15:09:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCMC5S1WFflRxI%2FiX5uUtu1Ys5SU5xqjHF%2B1M%2BGz94lqUmQyBZzmpG8ewGBBFilDRYOJudDSNRu4E5MSdFZLNme8iPPjJC0o1AprtpTyC3tZ68rG2bGRVKFKBoXO77a5Ov3TyzpSHk5Cb4N0u4rL%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
cf-ray: 825ef99f887e8892-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Nov 2024 15:11:12 GMT

GET
H2 200 email-decode.min.js Show response
paybyplatema.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 45ms
45ms Script
application/javascript 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://paybyplatema.site/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: paybyplatema.site
URL: https://paybyplatema.site/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 16:24:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"654bb64b-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRElOmSk02rSg5kPelvKbhuNOydY%2B6lw10j%2FH9qggpDl0ULLXpc490GIiDyQkpnBHr5%2BG%2BjsvwrtpWkUQPJTYhlVLTDQcaWYWPv%2FHd08%2FluJEZWfZ62mS151fsf9WHB3G%2B%2FADUOVwYrdpC3n1qr0Vw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 825ef990f84060ea-LHR
expires: Thu, 16 Nov 2023 11:39:36 GMT

GET
H3 200 menu.min.js Show response
paybyplatema.site/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 144ms
144ms Script
application/javascript 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.1
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 16:14:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTnmW64Oom4W%2FT9v0RnbBeIbF0b1m9IYzY9Y%2BpCEq8RrlA6LgthI5x5q2QDvPDN4eAxWSsfDrLqMz3YoQYRNRa9mt8W2vmk10Ac9RvkwvZ6hosVMBCQXlItwcIPp3uQMrnGnRuC%2BrZNgyONfYg5jFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
cf-ray: 825ef99f88808892-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 01 Nov 2024 08:16:19 GMT

GET
H3 200 main.min.js Show response
paybyplatema.site/wp-content/plugins/luckywp-table-of-contents/front/assets/ 4 KB
2 KB 152ms
152ms Script
application/javascript 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.js?ver=2.1.4
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Oct 2022 08:55:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Gl%2BeOcc3%2FARCYYDg8eERgpeJuL77g8M7RiddOWMoN%2BPMJQdZGClSiqMMJuoquEqkCV1OhFHuJh8rlckrSkte%2FMOfhTbtZgc92PTNqiS2jVLnkF3PusD9kiWjI2sIcLmehpZO8M4l6nhInV%2BbtTsSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
cf-ray: 825ef99f88838892-LHR
alt-svc: h3=":443"; ma=86400
expires: Thu, 31 Oct 2024 23:01:00 GMT

GET
H3 200 lazyload.min.js Show response
paybyplatema.site/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 150ms
150ms Script
application/javascript 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:38 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 14 Oct 2022 09:02:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C2oYoeO5ROMVYN5HDe9xGtUu9e9E66jgLB87WHHOfPlTUqhfDaQkWLhLrPqd%2FT2ZPb4ALf8582TRYoKS4Un6nrpwrML5i6GmTkWnPJBxdGqulFPve01EA9dqJWsjU5XM7jl%2BrvtEtBUoanK%2FFJkYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000,public
cf-ray: 825ef99f88848892-LHR
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Nov 2024 15:10:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
246 B 182ms
62ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BR9S49MX8J&gtm=45je3b81v895380464&_p=1699961976789&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1279459790.1699961977&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699961976&sct=1&seg=0&dl=https%3A%2F%2Fpaybyplatema.site%2F&dt=PayByPlateMa%20com%20Pay%20Online%20Toll%20Bills%20in%20Massachusetts&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=952
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BR9S49MX8J
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 11:39:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://paybyplatema.site
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden 103f872def2557028e4aca50c4daff0f.js
alterassumeaggravate.com/10/3f/87/ 0
0 1973ms
118ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://alterassumeaggravate.com/10/3f/87/103f872def2557028e4aca50c4daff0f.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://paybyplatema.site/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 14 Nov 2023 11:39:38 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
alterassumeaggravate.com/d3b70164122317877867615a5af5346f/ 0
0 121ms
121ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://alterassumeaggravate.com/d3b70164122317877867615a5af5346f/invoke.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://paybyplatema.site/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 14 Nov 2023 11:39:38 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/ 0
0 124ms
123ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://paybyplatema.site/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 14 Nov 2023 11:39:38 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/ 0
0 120ms
119ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://paybyplatema.site/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 14 Nov 2023 11:39:39 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H/1.1 403
Forbidden invoke.js
alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/ 0
0 121ms
121ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://paybyplatema.site/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 14 Nov 2023 11:39:39 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e4bc7471e8d5c9614661963fcf0ccfc099b453002038ee10ec959865090a272

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 403
Forbidden invoke.js
alterassumeaggravate.com/d3b70164122317877867615a5af5346f/ 0
0 122ms
121ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://alterassumeaggravate.com/d3b70164122317877867615a5af5346f/invoke.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.19.5 /
Resource Hash

Request headers

Referer: https://paybyplatema.site/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Tue, 14 Nov 2023 11:39:39 GMT
Server: nginx/1.19.5
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 449484ab26ae1c9a26f67a55178263739728f52f5f5216404b9bedd7ad1b19d3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa5d38d8dd788a7073ab05056519d051d868404e2c8cb86fb6bad41d998aa0dd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e60121b86fd8bda3b4139629557bcc9a64bc1212cdd6598d617df14d94d70443

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b5d010d3c42031d70e42f3092acbe30996a28236bbc378512e998af0c2e89d8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0a8645b47eb56d2e735c2f51bed87db4a48f81f2e41b4e1d5f39140dc79274e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 czcf.php Show response
youradexchange.com/ad/ 204 B
662 B 268ms
154ms Fetch
text/html 2606:4700:3033::ac43:b1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/ad/czcf.php?cz=owybh2ufgq&chmob=%3F0
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/wp-content/cache/min/1/script/atg.js?ver=1699542598
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:b1d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135d2cb4d2c2261a402b8f7175aa76df28721b6ac9bedd8baad3bfe87885c631

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:39 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lkk4EefSFaRXF2PbMTH68JJCQrUMULiFFyVe65Wv3NIJxrhLoL7t3HGHMdIux5KX4R%2BNIVBAC%2FV6OdCU0Ly1s8QzSi217b0hErpJU1r2OqFSh833XYletaTmPqV7B48NYgNqpDEsM4%2FtDEWLmuVl19o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cf-ray: 825ef9a4c94624ef-LHR
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 200 paybyplatema.jpg
paybyplatema.site/wp-content/uploads/2023/10/ 21 KB
21 KB 145ms
145ms Image
image/jpeg 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://paybyplatema.site/wp-content/uploads/2023/10/paybyplatema.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fea20f71235ee7955f3fd0ca12ad15499e92e50a847527c41db626fec1ee0fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:39 GMT
cf-cache-status: HIT
last-modified: Fri, 27 Oct 2023 08:38:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EANxhv4em5YriSyqttdWD61W4IYRfN2mKpV9CQf9SpS8ZyaFMAxH06YleRe%2BGVCVQlZ5Xap6m7bpP4puAPJGKybj9OjUDA2KPfjL%2B3jMQQTL6zTeQEzWmZfO61CczOAzQdOJMYvY3CO6zUtb4dZUZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
cf-ray: 825ef9a41e658892-LHR
alt-svc: h3=":443"; ma=86400
content-length: 21239
expires: Sun, 10 Mar 2024 07:39:39 GMT

GET
H3 404 ut.js
paybyplatema.site/script/ 0
0 249ms
249ms Script
text/html 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/script/ut.js?cb=1699961979579
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/wp-content/cache/min/1/script/atg.js?ver=1699542598
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 14 Nov 2023 11:39:39 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oPjsMFWqroWaY1w1PjUgj%2BPguv8EosEwu6mmPE6XoccXj76NUFRcz10VrKfHzpnVFXtK6pbJT8ClIu9CJJRDcwVri9En2oicfgxISnrC0GqvS7YiLH8pBSPM%2FUq%2B2eze1FLrzd4jDTvcSrcxJ5r6Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 825ef9a47eea8892-LHR
link: <https://paybyplatema.site/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 204 display.php Show response
youradexchange.com/n/ 0
469 B 343ms
201ms Script
text/plain 2606:4700:3033::ac43:b1d6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/n/display.php?r=6949546&atag=1&aggr=2&czid=owybh2ufgq&ppv=1&srs=d3d6317f3743d146530b1ebc39ae0b6d
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/wp-content/cache/min/1/script/atg.js?ver=1699542598
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:b1d6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 11:39:40 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-allow-methods: GET, POST, OPTIONS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T6CCzwH9Y1aNYpPiCruFW1dT6MobFLHFOfufqXdfJFaQCPcRtw80S0oI%2Fmr34CbMGBQpBlFNJBmtRMlfn7%2FnL1eodY5HToYcUXwuK3AhDtXM18EpdltgxF3VGXuXqqhWPit4UK5uWPLw4EmcjOO6%2F1c%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 825ef9a6bfb595f6-ARN
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

GET
H3 404 ippg.js
paybyplatema.site/script/ 0
0 212ms
212ms Script
text/html 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/script/ippg.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/wp-content/cache/min/1/script/atg.js?ver=1699542598
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 14 Nov 2023 11:39:39 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idiO5vpf4v0o0h7hP9hegfmXFu73OGOWZYgwk88NBEqvelU2Nvzf8PgNjdXitWQjI7HQkowfASj2Hhs%2BxV5KZ4BbGgdbZXhEl58AaxAQow%2BEYDIb%2BENZnwfNdBs%2BKHiaSbcCRWmCg1U3pqo9lUhS2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 825ef9a5c8978892-LHR
link: <https://paybyplatema.site/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3 404 suv5.js
paybyplatema.site/script/ 0
0 239ms
239ms Script
text/html 2606:4700:3030::ac43:b3fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paybyplatema.site/script/suv5.js
Requested by: Host: paybyplatema.site
URL: https://paybyplatema.site/wp-content/cache/min/1/script/atg.js?ver=1699542598
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:b3fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://paybyplatema.site/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-ua-compatible: IE=edge
date: Tue, 14 Nov 2023 11:39:39 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NY1ZSRIoznsXRoa5b3rjWsWhv7hTgm%2B4NyioVZScz1ixwIK1uIiQS7BMpm4UUiHIuA%2F44ZtZ4u6txSOoJ2XKLBPQYh3N7rKQhulJGg%2FJPfAXnnUEIfEPYOB3rjCjHLY%2Bjyt0HthIBiQ24N%2Fk1VyyuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate, max-age=0
cf-ray: 825ef9a5c8998892-LHR
link: <https://paybyplatema.site/wp-json/>; rel="https://api.w.org/"
alt-svc: h3=":443"; ma=86400
expires: Wed, 11 Jan 1984 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.paybyplatema.site/	1970-01-21 01:48:41	Name: _ga_BR9S49MX8J Value: GS1.1.1699961976.1.0.1699961976.0.0.0
			.paybyplatema.site/	1970-01-21 01:48:41	Name: _ga Value: GA1.1.1279459790.1699961977

22 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://paybyplatema.site/(Line 91) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/10/3f/87/103f872def2557028e4aca50c4daff0f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://paybyplatema.site/(Line 91) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/10/3f/87/103f872def2557028e4aca50c4daff0f.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://alterassumeaggravate.com/10/3f/87/103f872def2557028e4aca50c4daff0f.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/d3b70164122317877867615a5af5346f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/d3b70164122317877867615a5af5346f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://alterassumeaggravate.com/b2/33/f1/b233f1a8a86af17492dd04a1da354e1e.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://alterassumeaggravate.com/d3b70164122317877867615a5af5346f/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://alterassumeaggravate.com/c66d4a55a2c58bb312b1ffebcda49b63/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/d3b70164122317877867615a5af5346f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	(Line 8) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://alterassumeaggravate.com/d3b70164122317877867615a5af5346f/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://alterassumeaggravate.com/d3b70164122317877867615a5af5346f/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://paybyplatema.site/script/ut.js?cb=1699961979579 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paybyplatema.site/script/ippg.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://paybyplatema.site/script/suv5.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alterassumeaggravate.com
paybyplatema.site
region1.google-analytics.com
www.googletagmanager.com
youradexchange.com
192.243.59.20
2001:4860:4802:32::36
2606:4700:3030::ac43:b3fd
2606:4700:3033::ac43:b1d6
2606:4700:3037::6815:1fd7
2a00:1450:4001:82b::2008
135d2cb4d2c2261a402b8f7175aa76df28721b6ac9bedd8baad3bfe87885c631
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
1b5d010d3c42031d70e42f3092acbe30996a28236bbc378512e998af0c2e89d8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
3fea20f71235ee7955f3fd0ca12ad15499e92e50a847527c41db626fec1ee0fd
449484ab26ae1c9a26f67a55178263739728f52f5f5216404b9bedd7ad1b19d3
7b594e352a998f1b2fd11d624592f614e471ac60b9265461455bba798abd8f92
829e125510e3447784a90698a8982c5ac20b0bcff82776b7115b6e75f048d2e6
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8e4bc7471e8d5c9614661963fcf0ccfc099b453002038ee10ec959865090a272
98a810dbf7bb30a707296aed5f070b52dc1d69c36fd72801a6f8838a852a951b
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
9cde9e0c2fcf009040449976d133a9623613fc41879b7bae9341d19743a735b9
aa5d38d8dd788a7073ab05056519d051d868404e2c8cb86fb6bad41d998aa0dd
d0a8645b47eb56d2e735c2f51bed87db4a48f81f2e41b4e1d5f39140dc79274e
d68eeac7280bbce5bca3380a3e3fb83d76fa6d9455256514b518f8d53dd3d683
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60121b86fd8bda3b4139629557bcc9a64bc1212cdd6598d617df14d94d70443

paybyplatema.site Open in urlscan Pro 2606:4700:3030::ac43:b3fd Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

100 %HTTPS

83 %IPv6

5 Domains

5 Subdomains

6 IPs

2 Countries

213 kBTransfer

686 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

paybyplatema.site Open in urlscan Pro
2606:4700:3030::ac43:b3fd Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

213 kB
Transfer

686 kB
Size

2
Cookies

23 HTTP transactions
6 data transactions