URL: https://www.dontpayfull.com/
Submission: On May 27 via manual from IL — Scanned from IL

Summary

This website contacted 11 IPs in 2 countries across 7 domains to perform 52 HTTP transactions. The main IP is 104.18.9.199, located in and belongs to CLOUDFLARENET, US. The main domain is www.dontpayfull.com. The Cisco Umbrella rank of the primary domain is 510799.
TLS certificate: Issued by GTS CA 1P5 on May 18th 2024. Valid for: 3 months.
This is the only time www.dontpayfull.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 36 104.18.9.199 13335 (CLOUDFLAR...)
2 172.217.16.200 15169 (GOOGLE)
3 104.26.15.92 13335 (CLOUDFLAR...)
2 108.177.127.84 15169 (GOOGLE)
2 172.217.18.14 15169 (GOOGLE)
1 216.239.38.181 15169 (GOOGLE)
2 74.125.133.156 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
1 104.26.14.92 13335 (CLOUDFLAR...)
1 142.250.184.228 15169 (GOOGLE)
52 11
Apex Domain
Subdomains
Transfer
36 dontpayfull.com
www.dontpayfull.com — Cisco Umbrella Rank: 510799
static.dontpayfull.com — Cisco Umbrella Rank: 584268
cdn2.dontpayfull.com
cdn3.dontpayfull.com
cdn1.dontpayfull.com
cdn0.dontpayfull.com
media.dontpayfull.com — Cisco Umbrella Rank: 757013
687 KB
4 google.com
accounts.google.com — Cisco Umbrella Rank: 20
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
84 KB
4 plerdy.com
a.plerdy.com — Cisco Umbrella Rank: 60675
h.plerdy.com — Cisco Umbrella Rank: 59029
108 KB
2 google.co.il
www.google.co.il — Cisco Umbrella Rank: 28483
517 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
413 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
202 KB
52 7
Domain Requested by
13 static.dontpayfull.com www.dontpayfull.com
7 cdn2.dontpayfull.com
6 cdn3.dontpayfull.com
4 www.dontpayfull.com 1 redirects www.dontpayfull.com
3 cdn1.dontpayfull.com
3 h.plerdy.com a.plerdy.com
static.dontpayfull.com
2 cdn0.dontpayfull.com
2 www.google.co.il www.dontpayfull.com
2 stats.g.doubleclick.net www.googletagmanager.com
static.dontpayfull.com
2 www.google-analytics.com www.googletagmanager.com
static.dontpayfull.com
2 accounts.google.com www.dontpayfull.com
accounts.google.com
2 www.googletagmanager.com www.dontpayfull.com
www.googletagmanager.com
1 media.dontpayfull.com
1 www.google.com www.dontpayfull.com
1 analytics.google.com www.googletagmanager.com
1 a.plerdy.com www.dontpayfull.com
52 16

This site contains links to these domains. Also see Links.

Domain
help.dontpayfull.com
www.facebook.com
twitter.com
www.pinterest.com
www.instagram.com
Subject Issuer Validity Valid
dontpayfull.com
GTS CA 1P5
2024-05-18 -
2024-08-16
3 months crt.sh
*.google-analytics.com
WR2
2024-05-06 -
2024-07-29
3 months crt.sh
plerdy.com
GTS CA 1P5
2024-04-28 -
2024-07-27
3 months crt.sh
accounts.google.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
*.google.com
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-05-06 -
2024-07-29
3 months crt.sh
*.google.co.il
WR2
2024-05-06 -
2024-07-29
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.dontpayfull.com/
Frame ID: A14F2D84EC4A8E6862B5B991BE32DADC
Requests: 57 HTTP requests in this frame

Frame: https://www.dontpayfull.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Frame ID: A21785428D1DD08A79F8EFE32911DEAF
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

DontPayFull: Coupon Codes, Coupons, Promo Codes, Free Shipping and Discounts

Detected technologies

Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js

Page Statistics

52
Requests

96 %
HTTPS

0 %
IPv6

7
Domains

16
Subdomains

11
IPs

2
Countries

1149 kB
Transfer

2788 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://www.dontpayfull.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://www.dontpayfull.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js

52 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.dontpayfull.com/
143 KB
23 KB
Document
General
Full URL
https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.3.4
Resource Hash
c0da727d00556784de2cccb49fb59a6c44ada6045c13bc8e2c9cd2b27cc55fa5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
x-fancybox,x-requested-with
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
88a4c6bffa9ce3d7-TLV
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 27 May 2024 08:53:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-frame-options
sameorigin
x-powered-by
PHP/8.3.4
x-request-id
88a4c6bffa9ce3d7-TLV
bundle-fonts.min.css
static.dontpayfull.com/r2/dist/8399781/css/
63 KB
47 KB
Stylesheet
General
Full URL
https://static.dontpayfull.com/r2/dist/8399781/css/bundle-fonts.min.css
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe239eb1442fe5159af74940d064b9a32187cb5be2285acc3fe8ea38fe3028c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
age
305250
alt-svc
h3=":443"; ma=86400
x-request-id
88a4c6c3ea30e3d7-TLV
last-modified
Thu, 23 May 2024 14:00:09 GMT
server
cloudflare
etag
W/"0a240f9cea0b49210d634fd6c9cd22f5"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2678400
x-frame-options
sameorigin
cf-ray
88a4c6c3ea30e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
logo-white@2x.png
static.dontpayfull.com/static/images/logo/
5 KB
5 KB
Image
General
Full URL
https://static.dontpayfull.com/static/images/logo/logo-white@2x.png?v=8399781
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de47934ca3e150311474a52a5bd22bdf4db391d8a8b5954cc1704aea5c17fd5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
305250
alt-svc
h3=":443"; ma=86400
content-length
5281
x-request-id
88a4c6c3ea31e3d7-TLV
last-modified
Tue, 21 May 2024 11:31:02 GMT
server
cloudflare
etag
"664c85f6-14a1"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6c3ea31e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
giftbox.png
static.dontpayfull.com/static/images/menu/
854 B
1 KB
Image
General
Full URL
https://static.dontpayfull.com/static/images/menu/giftbox.png?v=8399781
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e85dc699dd88baa08cf48df64c7113b3d5f93b59ceee213b0ef3a28d38241fdc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
305250
alt-svc
h3=":443"; ma=86400
content-length
854
x-request-id
88a4c6c3ea34e3d7-TLV
last-modified
Tue, 21 May 2024 11:31:02 GMT
server
cloudflare
etag
"664c85f6-356"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6c3ea34e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
us-flag.png
static.dontpayfull.com/static/images/menu/
1 KB
2 KB
Image
General
Full URL
https://static.dontpayfull.com/static/images/menu/us-flag.png
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65c0e19c8568a5f44412daa4a10be2781a3c4e1baecdab09b50f1d2eb414b938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
911149
alt-svc
h3=":443"; ma=86400
content-length
1455
x-request-id
88a4c6c3ea36e3d7-TLV
last-modified
Wed, 15 May 2024 16:17:34 GMT
server
cloudflare
etag
"6644e01e-5af"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6c3ea36e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
amazon-discount-finder-desktop@2x.png
static.dontpayfull.com/static/images/banners/
143 KB
143 KB
Image
General
Full URL
https://static.dontpayfull.com/static/images/banners/amazon-discount-finder-desktop@2x.png?v=8399781
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f207e0bbd6718108755b2322a3279c8d4d5e5ceadde57d4e3ce8c80b42d25d8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
146202
x-request-id
88a4c6c3ea2ce3d7-TLV
last-modified
Thu, 23 May 2024 13:55:21 GMT
server
cloudflare
etag
"664f4ac9-23b1a"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6c3ea2ce3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
amazon-giveaway-desktop@2x.png
static.dontpayfull.com/static/images/banners/
160 KB
160 KB
Image
General
Full URL
https://static.dontpayfull.com/static/images/banners/amazon-giveaway-desktop@2x.png?v=8399781
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de37023628879a78bb691427a02fbaa146d8880fe24f4815424cc2b4416cb5fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
163451
x-request-id
88a4c6c3ea2fe3d7-TLV
last-modified
Tue, 21 May 2024 11:31:01 GMT
server
cloudflare
etag
"664c85f5-27e7b"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6c3ea2fe3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
bundle-wide.min.css
static.dontpayfull.com/r2/dist/8399781/css/
456 KB
62 KB
Stylesheet
General
Full URL
https://static.dontpayfull.com/r2/dist/8399781/css/bundle-wide.min.css
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57d8a07548e244f7154d7da633940fa1a8021c1b887af329e37b7c1c2c791f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
age
210475
alt-svc
h3=":443"; ma=86400
x-request-id
88a4c6c47af5e3d7-TLV
last-modified
Thu, 23 May 2024 14:00:10 GMT
server
cloudflare
etag
W/"32324692c3e0646ee3dfe31f78675f71"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2678400
x-frame-options
sameorigin
cf-ray
88a4c6c47af5e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
gtm.js
www.googletagmanager.com/
293 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W39QSQ
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
84584a45771bf0536e26ac62d83a15eb79d2d697390fac8aad4c5203f1b12c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103862
x-xss-protection
0
last-modified
Mon, 27 May 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 27 May 2024 08:53:46 GMT
main.js
a.plerdy.com/public/js/click/
7 KB
3 KB
Script
General
Full URL
https://a.plerdy.com/public/js/click/main.js?v=0.6351855472146655
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
539e8300c1f45dfbb7b18c4a476fb9d4d1463c2d41ee1607e38a37578ebb88b0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Fri, 17 May 2024 15:43:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66477b04-1a77"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GM5%2BtNN3qspiseVqa4mEfS3ZhaK1CFZPEUN7oQAZmCth1fuAi2t%2Fn4t4Ml4jp16NEk2KjxSeoEwFUE%2FYUn72pCeRNerZqQc90G9GpMU3kwktqvgb3X%2FNCVcekBzhHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
88a4c6c4ec391cbd-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
truncated
/
985 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbd9ed25fdeb37d78df45e286ad655f9c077bc22ccc5911f4d9ad9a9c73a129c

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/
66 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
dontpayfull.woff2
static.dontpayfull.com/static/fonts/
25 KB
26 KB
Font
General
Full URL
https://static.dontpayfull.com/static/fonts/dontpayfull.woff2?dopuko
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92e199e39acc060a0971a304bfebf09905f5b224bfddb80c3aee797fb34d5cad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Origin
https://www.dontpayfull.com
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
1862425
alt-svc
h3=":443"; ma=86400
content-length
26088
x-request-id
88a4c6c548290d8f-MRS
last-modified
Fri, 12 Apr 2024 15:09:02 GMT
server
cloudflare
etag
"66194e8e-65e8"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6c548290d8f-MRS
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
bundle.min.js
static.dontpayfull.com/r2/dist/8399781/js/
213 KB
69 KB
Script
General
Full URL
https://static.dontpayfull.com/r2/dist/8399781/js/bundle.min.js
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
666d3468054de1816837d7133421e1c38cf2693377bd795ce485696908f3ee26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
age
305250
alt-svc
h3=":443"; ma=86400
x-request-id
88a4c6c52bf4e3d7-TLV
last-modified
Thu, 23 May 2024 14:00:13 GMT
server
cloudflare
etag
W/"44fd651f5f7d976c900b812294c51d07"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2678400
x-frame-options
sameorigin
cf-ray
88a4c6c52bf4e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
polyfill.min.js
static.dontpayfull.com//static/js/vendor/webvitals/
1 KB
879 B
Script
General
Full URL
https://static.dontpayfull.com//static/js/vendor/webvitals/polyfill.min.js
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
685937ff39767ae1f10a5f27d9e9f2f35bf242f3de46994f04a1e4b9c7416108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
age
74405
alt-svc
h3=":443"; ma=86400
x-request-id
88a4c6c52bfae3d7-TLV
last-modified
Fri, 12 Apr 2024 15:09:02 GMT
server
cloudflare
etag
W/"66194e8e-496"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
x-frame-options
sameorigin
cache-control
public, max-age=2678400
cf-ray
88a4c6c52bfae3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
client
accounts.google.com/gsi/
218 KB
83 KB
Script
General
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.127.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
el-in-f84.1e100.net
Software
ESF /
Resource Hash
6be9f1b4887134a4863961b1aa969f20d75adc7eefa3e7cdbd33c90a1e72a121
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-L2KwQWhZZI6_Z13_X-AGYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
content-security-policy
script-src 'report-sample' 'nonce-L2KwQWhZZI6_Z13_X-AGYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 27 May 2024 08:53:46 GMT
detector.js
h.plerdy.com/public/js/click/
18 KB
5 KB
Script
General
Full URL
https://h.plerdy.com/public/js/click/detector.js?v=33
Requested by
Host: a.plerdy.com
URL: https://a.plerdy.com/public/js/click/main.js?v=0.6351855472146655
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab8c4850a44c19e7a37a2244215c12a96874e8aa8359f65ff5bc00214790d167
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15
cf-polished
origSize=28688
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 May 2024 15:42:57 GMT
server
cloudflare
etag
W/"66477b01-7010"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s6jbJN3yyddm%2BGIQWfITMIZCUngPnYpjY87RhuATS%2BVSxIsZlxbUnTv5Xph2816meabSjVXlnCPUbHrP5zY3SD7AfhKQPasuF5HzNjUgYX0YkUAhg%2BC1n2L%2BBZIg5w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
88a4c6c5fd6e1cbd-FRA
expires
Mon, 27 May 2024 08:53:54 GMT
truncated
/
15 KB
15 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

Referer
Origin
https://www.dontpayfull.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/
15 KB
15 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

Referer
Origin
https://www.dontpayfull.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/
16 KB
16 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

Referer
Origin
https://www.dontpayfull.com
Accept-Language
he-IL,he;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
font/woff2;charset=utf-8
truncated
/
598 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba1f60469f284be15bddac1e27536d0486dc4aa5d743dc93f03ffc2fc2299262

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
bundle.tracing.min.js
static.dontpayfull.com//static/js/vendor/min/
98 KB
30 KB
Script
General
Full URL
https://static.dontpayfull.com//static/js/vendor/min/bundle.tracing.min.js
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a730cc37df39ce3f4088212a7eca4411ab053e543633ad84d1c9646ac4c9c06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
age
1677695
alt-svc
h3=":443"; ma=86400
x-request-id
88a4c6c67e7ee3d7-TLV
last-modified
Fri, 12 Apr 2024 15:09:02 GMT
server
cloudflare
etag
W/"66194e8e-18617"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
cf-ray
88a4c6c67e7ee3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
owl.carousel.min.js
static.dontpayfull.com/static/js/vendor/min/
42 KB
11 KB
Script
General
Full URL
https://static.dontpayfull.com/static/js/vendor/min/owl.carousel.min.js?v=8399781
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
242e4d9f820834a3524c067b9b0245238d03f17add87cb0a345c83120e826ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
x-request-id
88a4c6c67e82e3d7-TLV
last-modified
Tue, 21 May 2024 11:31:02 GMT
server
cloudflare
etag
W/"664c85f6-a712"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
cf-ray
88a4c6c67e82e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
wvr.min.js
static.dontpayfull.com/r2/dist/8399781/js/
7 KB
3 KB
Script
General
Full URL
https://static.dontpayfull.com/r2/dist/8399781/js/wvr.min.js
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03156f43bb5f1fb6257687c60ad40be42dbb3a5c75783fb60d6c71750114ca60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
age
305250
alt-svc
h3=":443"; ma=86400
x-request-id
88a4c6c67e85e3d7-TLV
last-modified
Thu, 23 May 2024 14:00:12 GMT
server
cloudflare
etag
W/"355ed0b09b4d7baf60b3b5f5c4ef7d78"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=2678400
x-frame-options
sameorigin
cf-ray
88a4c6c67e85e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:46 GMT
main.js
www.dontpayfull.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/ Frame A217
Redirect Chain
  • https://www.dontpayfull.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://www.dontpayfull.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
8 KB
4 KB
Script
General
Full URL
https://www.dontpayfull.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ab9c82a1d36b0a148b4b2bde5caa0294a19624b91e7206e5a256ad4f7b2646e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
88a4c6c71f90e3d7-TLV
alt-svc
h3=":443"; ma=86400
x-request-id
88a4c6c71f90e3d7-TLV

Redirect headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/695da7821231/main.js
cache-control
max-age=300, public
cf-ray
88a4c6c6aecce3d7-TLV
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
88a4c6c6aecce3d7-TLV
main2.js
h.plerdy.com/public/js/click/
394 KB
100 KB
Script
General
Full URL
https://h.plerdy.com/public/js/click/main2.js?v=33
Requested by
Host: a.plerdy.com
URL: https://a.plerdy.com/public/js/click/main.js?v=0.6351855472146655
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.15.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8583dc573841d5c0f66f09a84dba9982cd7f07bebadb5a9b028833e6808f8379
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
strict-transport-security
max-age=31536000;
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
24
cf-polished
origSize=403372
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 17 May 2024 15:42:57 GMT
server
cloudflare
etag
W/"66477b01-627ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qrJFvIjf%2BjZjuh1O1Ai7d8BZnVc6Xy%2BV2owEd3p4eN4E8PqPzzzCJRgsBVqFNkpqS7x%2FIQ7ugDYLLXuHw6JK5%2BGH3fQuU2EIPOKxlXt6sZIWxKImg6LmeYLpq0RMgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400
cf-ray
88a4c6c6ee821cbd-FRA
expires
Mon, 27 May 2024 08:53:51 GMT
js
www.googletagmanager.com/gtag/
301 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NS4TR50W1B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W39QSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3a123f4d849599f8d24e436021c155d5bced56aa785433ff0e6c513f1d0d8da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
102425
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 27 May 2024 08:53:46 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W39QSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 27 May 2024 08:29:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1479
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 27 May 2024 10:29:08 GMT
88a4c6bffa9ce3d7
www.dontpayfull.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A217
0
381 B
XHR
General
Full URL
https://www.dontpayfull.com/cdn-cgi/challenge-platform/h/b/jsd/r/88a4c6bffa9ce3d7
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
content-type
text/plain; charset=UTF-8
cf-ray
88a4c6c89a17e3d7-TLV
alt-svc
h3=":443"; ma=86400
content-length
0
x-request-id
88a4c6c89a17e3d7-TLV
style
accounts.google.com/gsi/
534 B
610 B
Stylesheet
General
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.177.127.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
el-in-f84.1e100.net
Software
ESF /
Resource Hash
221b759ff0a3dde7704af0eef07b6ae0eeefd441c40e12e553d8b52bd392a93c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-p3Y2VokxmOkDwGsEQPSLcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
content-security-policy
script-src 'report-sample' 'nonce-p3Y2VokxmOkDwGsEQPSLcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 27 May 2024 08:53:47 GMT
collect
analytics.google.com/g/
0
258 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-NS4TR50W1B&gtm=45je45m0v890368181z86480087za200zb6480087&_p=1716800026199&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=293750156.1716800027&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.112%7CChromium%3B125.0.6422.112%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1716800027&sct=1&seg=0&dl=https%3A%2F%2Fwww.dontpayfull.com%2F&dt=DontPayFull%3A%20Coupon%20Codes%2C%20Coupons%2C%20Promo%20Codes%2C%20Free%20Shipping%20and%20Discounts&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1534
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NS4TR50W1B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 27 May 2024 08:53:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dontpayfull.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
57 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NS4TR50W1B&cid=293750156.1716800027&gtm=45je45m0v890368181z86480087za200zb6480087&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NS4TR50W1B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 27 May 2024 08:53:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dontpayfull.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/
42 B
409 B
Image
General
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NS4TR50W1B&cid=293750156.1716800027&gtm=45je45m0v890368181z86480087za200zb6480087&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1302863084
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 27 May 2024 08:53:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
3 B
212 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1075272275&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dontpayfull.com%2F&ul=he-il&de=UTF-8&dt=DontPayFull%3A%20Coupon%20Codes%2C%20Coupons%2C%20Promo%20Codes%2C%20Free%20Shipping%20and%20Discounts&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=375412183&gjid=1440435080&cid=293750156.1716800027&tid=UA-30038446-1&_gid=718005576.1716800027&_slc=1&gtm=45He45m0n71W39QSQv6480087za200&gcd=13l3l3l3l1&dma=0&z=2067130076
Requested by
Host: static.dontpayfull.com
URL: https://static.dontpayfull.com//static/js/vendor/min/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 27 May 2024 08:53:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dontpayfull.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
7 B
356 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-30038446-1&cid=293750156.1716800027&jid=375412183&gjid=1440435080&_gid=718005576.1716800027&_u=YCDAgEABAAAAAGAAI~&z=458444978
Requested by
Host: static.dontpayfull.com
URL: https://static.dontpayfull.com//static/js/vendor/min/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
fda80d24f1bfe5a68b5f719a1febecfe747c79720e3a26b4b78b6a42b67b37b7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 27 May 2024 08:53:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.dontpayfull.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
save_statistic
h.plerdy.com/click/admin/
176 B
617 B
XHR
General
Full URL
https://h.plerdy.com/click/admin/save_statistic
Requested by
Host: static.dontpayfull.com
URL: https://static.dontpayfull.com//static/js/vendor/min/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.14.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26de80fd42045d5791d6d6de4fc5644ac76bf38fe0c932b76e0cb3fcb22831ce

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CHTe%2FOQv8hQmAN1bW1JcmD90JClTCy2%2FkGHB1OIuFxFbN9fY6IWHc2f9tcIQCmyW2kxLIJ%2F6NLC67lPJgD1eXSfYhquJkuWTt%2FdL9bHs%2Fd1L527e1%2FRDizzhBFn4sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
88a4c6cb7f111c01-FRA
alt-svc
h3=":443"; ma=86400
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30038446-1&cid=293750156.1716800027&jid=375412183&_u=YCDAgEABAAAAAGAAI~&z=1849883457
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 27 May 2024 08:53:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.il/ads/
42 B
108 B
Image
General
Full URL
https://www.google.co.il/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-30038446-1&cid=293750156.1716800027&jid=375412183&_u=YCDAgEABAAAAAGAAI~&z=1849883457
Requested by
Host: www.dontpayfull.com
URL: https://www.dontpayfull.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 27 May 2024 08:53:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amazon.com.jpg
cdn2.dontpayfull.com/media/logos/size/180x180/
5 KB
5 KB
Image
General
Full URL
https://cdn2.dontpayfull.com/media/logos/size/180x180/amazon.com.jpg?v=20220503075117294939
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9bbfa84b3da2db1e40fe8d73042b4c0633397a9104eb8357db334ba3aad5db6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
5298
x-request-id
88a4c6cdba6ee3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"0dc77b70f08b651485f41aaf394de0ea83961955"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdba6ee3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
ebay.com.jpg
cdn3.dontpayfull.com/media/logos/size/180x180/
5 KB
6 KB
Image
General
Full URL
https://cdn3.dontpayfull.com/media/logos/size/180x180/ebay.com.jpg?v=20220509105513354935
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb3de0b54144cbbaea4ace6ea6d574affc9f5ce0b3d1eee90d08341399a5f82e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
5370
x-request-id
88a4c6cdca8ee3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"51e551745501013e22625d1395a12fc69883538f"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdca8ee3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
temu.com.jpg
cdn1.dontpayfull.com/media/logos/size/180x180/
8 KB
8 KB
Image
General
Full URL
https://cdn1.dontpayfull.com/media/logos/size/180x180/temu.com.jpg?v=20230419140020618555
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e718cdfdcb8f4e2ec7bb18761fe093e683f07d517d3fcf77399ed06f8b12afa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
7818
x-request-id
88a4c6cdba74e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"4c16bdd6b163fc5e77d6b13f769281e87be9a793"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdba74e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
walmart.com..png
cdn2.dontpayfull.com/media/logos/size/180x180/
4 KB
4 KB
Image
General
Full URL
https://cdn2.dontpayfull.com/media/logos/size/180x180/walmart.com..png?v=20220503152355580386
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bd48326f997c2db47e17cc9e4ab48bd1e6e9dfb6079a6c1bcf8962df4d4793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4238
x-request-id
88a4c6cdba64e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"c0051be6bd7d856ec3e879545955a9991cc37d47"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdba64e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
target.com.jpg
cdn2.dontpayfull.com/media/logos/size/180x180/
9 KB
9 KB
Image
General
Full URL
https://cdn2.dontpayfull.com/media/logos/size/180x180/target.com.jpg?v=20220510092445966948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb1fd07a84da81c4b540b059cb333a180b0debb96c0b4086a9f45dae4762fcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
8756
x-request-id
88a4c6cdba66e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"ddeda49eb0625e8298436221bf4ebe4f00053526"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdba66e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
bestbuy.com..jpg
cdn3.dontpayfull.com/media/logos/size/180x180/
6 KB
6 KB
Image
General
Full URL
https://cdn3.dontpayfull.com/media/logos/size/180x180/bestbuy.com..jpg?v=20220510092652034019
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43c9036558817fd04ead047e31a210b0eb6bd5eb8e43036177dee53e3b54eb3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
6282
x-request-id
88a4c6cdca88e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"d7a41e8fad7a0a6f7d7a3f1c9b43cd4f8bf70a58"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdca88e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
towerhobbies.com..png
cdn3.dontpayfull.com/media/logos/size/160x160/
8 KB
8 KB
Image
General
Full URL
https://cdn3.dontpayfull.com/media/logos/size/160x160/towerhobbies.com..png?v=20220512071821189188
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6672fe6e440536dc6aec09688b25af8cb618324023f7137690eecdf88f948e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
7990
x-request-id
88a4c6cdca8be3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"7ad64c1f5a68d7369970286ffa52130f92744827"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdca8be3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
friendsnyc.com.png
cdn1.dontpayfull.com/media/logos/size/160x160/
4 KB
5 KB
Image
General
Full URL
https://cdn1.dontpayfull.com/media/logos/size/160x160/friendsnyc.com.png?v=20230503075208268175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea0c947466b5b270bc9202cbb8c2b67eeaf528faf17c4488bf80bf46504f0a8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4563
x-request-id
88a4c6cdba6fe3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"92894a2316dfbb6260126349901d5a3324db4ada"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdba6fe3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
us.wananluxury.com..jpeg
cdn1.dontpayfull.com/media/logos/size/160x160/
3 KB
4 KB
Image
General
Full URL
https://cdn1.dontpayfull.com/media/logos/size/160x160/us.wananluxury.com..jpeg?v=20220321102130748591
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4f1d68276e7bef4e3396a70dd9aa8ce83df8f84f64075746b96a09756bccb19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
3521
x-request-id
88a4c6cdba72e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"ec45246eb2355e61123799afc08a8da1f7073f4c"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdba72e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
ironpandafit.com.jpg
cdn2.dontpayfull.com/media/logos/size/160x160/
6 KB
7 KB
Image
General
Full URL
https://cdn2.dontpayfull.com/media/logos/size/160x160/ironpandafit.com.jpg?v=20230919114003444100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7801a8a375feed3e21c12ede2a6f4335858c0c393cc713da4fbdffce57886b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
6503
x-request-id
88a4c6cdba68e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"15252479ef5933b06ed26747c040409bce0b9135"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdba68e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT
reverb.com.jpg
cdn2.dontpayfull.com/media/logos/size/160x160/
3 KB
4 KB
Image
General
Full URL
https://cdn2.dontpayfull.com/media/logos/size/160x160/reverb.com.jpg?v=20240416115947337459
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc3cf36eb961a11537fd04fd5547113f956c8645e77a653336f889de3eaeadb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
3461
x-request-id
88a4c6cebbe6e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"3cbc73ec7bdfeba1a7de2022de0fd71a74aba691"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cebbe6e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:48 GMT
us.ecco.com..jpg
cdn0.dontpayfull.com/media/logos/size/160x160/
4 KB
4 KB
Image
General
Full URL
https://cdn0.dontpayfull.com/media/logos/size/160x160/us.ecco.com..jpg?v=20220405093512881136
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b658225069f5b08da84ec8863a2ff0cc6a0e98b87e70ebf0bd73975ca2ef225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
3824
x-request-id
88a4c6cecc11e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"4d6145378d799396099088110eba8004fad842f8"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cecc11e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:48 GMT
alalastyle.com.png
cdn3.dontpayfull.com/media/logos/size/160x160/
3 KB
4 KB
Image
General
Full URL
https://cdn3.dontpayfull.com/media/logos/size/160x160/alalastyle.com.png?v=20240408043433787013
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26f101c11001a0efb6c1b9b96e1525b9f3e1cb70bda5564d22372b8d07a17e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
3401
x-request-id
88a4c6cebbeee3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"ca940dd318fdeab777b9c58eb37bbb6e60a9079b"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cebbeee3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:48 GMT
aroma360.com.png
cdn2.dontpayfull.com/media/logos/size/160x160/
3 KB
3 KB
Image
General
Full URL
https://cdn2.dontpayfull.com/media/logos/size/160x160/aroma360.com.png?v=20240221054636039884
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a64123d0ca9b253d733269ab9f4d7ecfbe813bb3cc8e563a8e2e3e69e0d708c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2853
x-request-id
88a4c6cebbf3e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"9b49072a677bed33949da50a47bde3b06ff19aa1"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cebbf3e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:48 GMT
dbjourney.com.png
cdn2.dontpayfull.com/media/logos/size/160x160/
6 KB
6 KB
Image
General
Full URL
https://cdn2.dontpayfull.com/media/logos/size/160x160/dbjourney.com.png?v=20230706034029037700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b14d7a2f285db9c58854147bc0d660cc65c6e7b1f6ff6656adfca0096ebd8ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
6012
x-request-id
88a4c6cebbf5e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"67c63de597f73e016890fd8988caa1ac6bd4c1d9"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cebbf5e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:48 GMT
theroomplace.com.jpg
cdn3.dontpayfull.com/media/logos/size/160x160/
4 KB
5 KB
Image
General
Full URL
https://cdn3.dontpayfull.com/media/logos/size/160x160/theroomplace.com.jpg?v=20220614073110229124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc1c0bead498c2ffef7a3367e6d60e833450ffd0c2e3b8bd320123b7029d8325
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4320
x-request-id
88a4c6cecbfee3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"c5fb73c32294008be4c7ed810228c8cda6d0677a"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cecbfee3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:48 GMT
escapecampervans.com.jpg
cdn3.dontpayfull.com/media/logos/size/160x160/
4 KB
5 KB
Image
General
Full URL
https://cdn3.dontpayfull.com/media/logos/size/160x160/escapecampervans.com.jpg?v=20190621131041632481
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a30c8a017cf2fd65160613d7c157e93ed9f89db914116fc31aed7de0708bb73b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4564
x-request-id
88a4c6cecc04e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"988ae8e506b53e7e950ac170d0b066e444225461"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cecc04e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:48 GMT
projectswatches.com.png
cdn0.dontpayfull.com/media/logos/size/160x160/
4 KB
5 KB
Image
General
Full URL
https://cdn0.dontpayfull.com/media/logos/size/160x160/projectswatches.com.png?v=20240229053250697774
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5017fe6b309cf85fe6b2b64e57c93d81b787051a046946ca3129b4c7ce3ec2ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4476
x-request-id
88a4c6cedc19e3d7-TLV
cf-bgj
h2pri
server
cloudflare
etag
"609af449b9d56e94afe90630429080e5b5fadd4a"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cedc19e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:48 GMT
truncated
/
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
favicon-32x32.png
media.dontpayfull.com/static/images/favicons/
1 KB
1 KB
Other
General
Full URL
https://media.dontpayfull.com/static/images/favicons/favicon-32x32.png?v=8399781
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.9.199 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
184a876e363ceb28217081e91fae4cb8196ea42dac8fe3e87bc912c82a9c4269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://www.dontpayfull.com/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 08:53:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
HIT
age
301805
alt-svc
h3=":443"; ma=86400
content-length
1097
x-request-id
88a4c6cdca91e3d7-TLV
last-modified
Tue, 21 May 2024 11:31:02 GMT
server
cloudflare
etag
"664c85f6-449"
x-frame-options
sameorigin
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2678400
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
88a4c6cdca91e3d7-TLV
access-control-allow-headers
x-fancybox,x-requested-with
expires
Thu, 27 Jun 2024 08:53:47 GMT

Verdicts & Comments Add Verdict or Comment

209 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| dataLayer string| _protocol object| plerdymainscript string| _site_hash_code number| _suid object| plerdyScript string| MAINPLERDYURL object| mainScriptPlerdy string| mainScriptPlerdy_host string| mainScriptPlerdy_host_tracker object| plerdy_config function| getUrlParameter function| $ function| jQuery function| ClipboardJS object| dpfads object| dpf object| webVitals function| changeProfileTab function| getPlerdy_PageUrl function| mobilecheck function| mobileAndTabletcheck function| plerdyGetOS function| plerdyGetBrouser function| ownKeys function| _objectSpread function| _defineProperty function| createApiReporter function| getDeviceInfo function| now function| round function| generateUniqueId object| wvr object| Sentry object| __SENTRY__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| default_gsi object| _F_toggles object| google object| __G_ID_CLIENT__ object| closure_lm_426928 object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| _0x2c7ca9 boolean| plerdyShowEventsPopup object| startSessionInPageTime boolean| eventHandledSessionInPageTime number| plerdyTypeTrack number| Plerdy_lastScrollTop number| Plerdy_lastScrollTop_2 number| pledyTimeOfClick number| PlerdyFormIsShowed number| PlerdyFormIsShowed_2 number| PlerdyFormIsShowedButtonLabel number| PlerdyFormIsShowedButtonLabel_2 string| initPlerdyUrlOriginal object| initPlerdyUrlOriginalO number| hoverActiveOnOff number| plerdy_click_number_on_page undefined| my_selector_generator number| on_off_mode_show undefined| old_device string| pageUrl object| parts string| plerdy_refferer string| part2 object| trfficSource object| object object| timeClose string| plerdyIframeData object| plerdyIframeDataHover function| plerdyReceiveMessage object| plEventsAll string| pageUrl2 number| plerdy_active_elements number| plerdy_inactive_elements object| position_array object| plerdy_real_elements number| plerdy_sc object| previous_data number| maxCntVl number| averageCntVl number| allCntVl number| ratioCntVl object| selectors object| selectors_hovers number| corector object| allS object| plerdySelectorsArray boolean| plerdy_path_ref undefined| url_ref_arr undefined| segments undefined| dataForshowPanel string| plerdyCurrencySales number| intervalPlerdycycleStopVar undefined| firstTime number| maxCntSelectorsPlerdy number| maxCntSelectorsPlerdy_critical boolean| plerdy_mouseSelect boolean| plerdyTypeShow string| plerdySalasCurrency number| maxCntVlHovers undefined| positions undefined| isScrolling number| timerFarBreakCykle function| plerdySourseBusterFunc string| plerdyVisitorId object| FingerprintJSPlerdy object| plerdySession string| sesNameP string| sesNamePuserSes undefined| plerdy_selectors_for_mouse_move object| cash_selectros_for_mouse_move object| plerdy_referrals number| plerdy_do_now function| plerdy_getHTML object| plerdy_scroll_cache object| plerdy_scroll_cache_send object| plerdy_scroll_dataOLD number| plerdy_scroll_data number| plerdy_on_off_send_scroll object| send_data function| _0x9b05 function| _0x2b9b function| init_click_count_plerdy function| checkUrlforBannersAkcia function| checkIprules function| unserialize function| checkUrlForHide function| checkUrl function| rtrim function| checkDevice function| fullPath function| sendDataForInitPlerdy function| setFormIframeStyles function| loadAddPlerdyScript function| hide_popupPlerdy function| plerdyAddMultipleListeners function| addPlerdyEvent1 function| on_plerdy function| addPlerdyStylesheetTag function| plerdyCheckElementAppear function| plerdyClearnUrlfunction function| addStyle_Plerdy function| createCORSRequest function| offset_pl function| selectDevise function| do_kostyl function| checkChildrenForAddDisplay function| plerdy_elem_over function| plerdy_elem_out function| inArray function| doWhenMouseOver function| addRemoveHeight function| plerdyClicksStyle function| sendToIframe function| getClassOrIdPlerdyEvent function| addEventCustomInCabinetPlerdy function| showHidePanel function| initFingerprintJSPlerdy function| plerdySessionFunctions function| plerdySeoAudit function| sendPlerdyDataToSeo function| sendSatistic_Before function| getCookiePlerdy function| plerdySerialize function| sendSatistic function| urlencode function| currentDate function| plerdy_filterNone function| plerdy_getAllComments function| plerdyAverageValue function| proccesVideoData function| initGaEvents function| plerdysend function| plerdyCommerse function| proccesConverssionData function| doPlerdyConvStep function| validConverssionURL function| getTrafficsPlerdyArr function| getDevicePlerdyArr function| plerdySeoRulesCheck function| plerdyDetectIfAlloved function| sendConv_v2 function| plerdyClearnWords function| plerdyClearnString function| getForLua function| plerdyGetImagesWithMissingAlt function| PlerdyRobots function| sendDataScroll function| doSeo function| addInPage function| detect function| makrPlerdyReal function| showMarkedSeoNum function| plerdyUnMakrWords object| plerdy_tags_arr function| CssSelectorGenerator object| __sentry_instrumentation_handlers__ object| gaplugins object| gaData string| seo_url number| seo_do_now object| owl

8 Cookies

Domain/Path Name / Value
www.dontpayfull.com/ Name: dpf
Value: 26e658ebf1ac05497b23a59bf08b8d4142ab0877s%3A32%3A%22bf91b87ca63c9cefb0fdf92888da178b%22%3B
.dontpayfull.com/ Name: AUTH_BEARER_DPF
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzUxMiJ9.eyJpYXQiOjE3MTY4MDAwMjYsImp0aSI6IkxoMVd1TUczSmwxWkswS1FUaVwvdTFsOGpDdUd0K2ZTQVFGUWVrcGhuQ09rPSIsImlzcyI6IiIsIm5iZiI6MTcxNjgwMDAyNiwiZXhwIjoxNzQ3OTA0MDI2LCJkYXRhIjoiW10ifQ.mpWKY74GljZ9V8DR2mQTWdz3nhmySFLOWmFkEYElY4NP5jeagdyY_m4apGTS_1cPI4xDkP_d1TgGj_IbIgQ0sGrlUEuXfTEQZqSsXvKvo9_5Rs6necsE8Gvdz-5wndqgbkH9mU7IBMGnEjprlrrEuMNGGeUaenFphIcpg6UsXgEeFsOT0qsZ2idYV1zL0NH2cYE5NCv9QQY_ZwiQF8S9MrXLPCVTP5nQxON8kU-Yrx1bseZinZh9vUk9pXd_yFfzjmKg2ESC_4ol6ymf7YK3VjB19OFg-r3rO3Mr2_GSmACJkgyiD3PbjEHPrjz8N-zx50Mq9zq0JgzSxUsS1nXK_Q
.dontpayfull.com/ Name: __cf_bm
Value: AFxKxfUnWabPo3uiYLwGyReTQ8x5ssDj7HBdRvVcdP4-1716800026-1.0.1.1-jC3KLP2.C6gVHFzz_Dypg20p6P9oTALn1pUlmLSGvEZbYq29AQMGbm_q_Nqhn1fjuIt4dhCQK__jTgvMtEJckw
.dontpayfull.com/ Name: cf_clearance
Value: RC1Pb.Kaeghimq60p23AHWxBOg3CxoiACRu_1gwUuaQ-1716800027-1.0.1.1-8RBbV0FKQ74pGAW_RoXFbqm.sa9s7.uzhRocIo5gJr1LcpAKdjj7JrwDxY4n3hwFfMpNpcOldwQeoGp8swWZfg
.dontpayfull.com/ Name: _ga
Value: GA1.2.293750156.1716800027
.dontpayfull.com/ Name: _gid
Value: GA1.2.718005576.1716800027
.dontpayfull.com/ Name: _dc_gtm_UA-30038446-1
Value: 1
.dontpayfull.com/ Name: _ga_NS4TR50W1B
Value: GS1.1.1716800027.1.0.1716800027.60.0.0

2 Console Messages

Source Level URL
Text
network error URL: https://h.plerdy.com/click/admin/save_statistic
Message:
Failed to load resource: the server responded with a status of 500 ()
other error URL: https://www.dontpayfull.com/
Message:
Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Frame-Options sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.plerdy.com
accounts.google.com
analytics.google.com
cdn0.dontpayfull.com
cdn1.dontpayfull.com
cdn2.dontpayfull.com
cdn3.dontpayfull.com
h.plerdy.com
media.dontpayfull.com
static.dontpayfull.com
stats.g.doubleclick.net
www.dontpayfull.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googletagmanager.com
104.18.9.199
104.26.14.92
104.26.15.92
108.177.127.84
142.250.184.228
142.250.186.163
172.217.16.200
172.217.18.14
216.239.38.181
74.125.133.156
03156f43bb5f1fb6257687c60ad40be42dbb3a5c75783fb60d6c71750114ca60
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
184a876e363ceb28217081e91fae4cb8196ea42dac8fe3e87bc912c82a9c4269
1b658225069f5b08da84ec8863a2ff0cc6a0e98b87e70ebf0bd73975ca2ef225
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
221b759ff0a3dde7704af0eef07b6ae0eeefd441c40e12e553d8b52bd392a93c
242e4d9f820834a3524c067b9b0245238d03f17add87cb0a345c83120e826ce6
26de80fd42045d5791d6d6de4fc5644ac76bf38fe0c932b76e0cb3fcb22831ce
2b14d7a2f285db9c58854147bc0d660cc65c6e7b1f6ff6656adfca0096ebd8ff
37bd48326f997c2db47e17cc9e4ab48bd1e6e9dfb6079a6c1bcf8962df4d4793
43c9036558817fd04ead047e31a210b0eb6bd5eb8e43036177dee53e3b54eb3c
4a64123d0ca9b253d733269ab9f4d7ecfbe813bb3cc8e563a8e2e3e69e0d708c
4fe239eb1442fe5159af74940d064b9a32187cb5be2285acc3fe8ea38fe3028c
5017fe6b309cf85fe6b2b64e57c93d81b787051a046946ca3129b4c7ce3ec2ac
5390e9facc0ddb3ebb2236c1c797ba47be28e4173b948f172d133e4f8ce5748e
539e8300c1f45dfbb7b18c4a476fb9d4d1463c2d41ee1607e38a37578ebb88b0
65c0e19c8568a5f44412daa4a10be2781a3c4e1baecdab09b50f1d2eb414b938
666d3468054de1816837d7133421e1c38cf2693377bd795ce485696908f3ee26
6672fe6e440536dc6aec09688b25af8cb618324023f7137690eecdf88f948e81
685937ff39767ae1f10a5f27d9e9f2f35bf242f3de46994f04a1e4b9c7416108
6be9f1b4887134a4863961b1aa969f20d75adc7eefa3e7cdbd33c90a1e72a121
84584a45771bf0536e26ac62d83a15eb79d2d697390fac8aad4c5203f1b12c1c
8583dc573841d5c0f66f09a84dba9982cd7f07bebadb5a9b028833e6808f8379
8a730cc37df39ce3f4088212a7eca4411ab053e543633ad84d1c9646ac4c9c06
8ab9c82a1d36b0a148b4b2bde5caa0294a19624b91e7206e5a256ad4f7b2646e
92e199e39acc060a0971a304bfebf09905f5b224bfddb80c3aee797fb34d5cad
a30c8a017cf2fd65160613d7c157e93ed9f89db914116fc31aed7de0708bb73b
a57d8a07548e244f7154d7da633940fa1a8021c1b887af329e37b7c1c2c791f6
ab8c4850a44c19e7a37a2244215c12a96874e8aa8359f65ff5bc00214790d167
aeb1fd07a84da81c4b540b059cb333a180b0debb96c0b4086a9f45dae4762fcd
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26f101c11001a0efb6c1b9b96e1525b9f3e1cb70bda5564d22372b8d07a17e5
ba1f60469f284be15bddac1e27536d0486dc4aa5d743dc93f03ffc2fc2299262
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c0da727d00556784de2cccb49fb59a6c44ada6045c13bc8e2c9cd2b27cc55fa5
cb3de0b54144cbbaea4ace6ea6d574affc9f5ce0b3d1eee90d08341399a5f82e
cc1c0bead498c2ffef7a3367e6d60e833450ffd0c2e3b8bd320123b7029d8325
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d9bbfa84b3da2db1e40fe8d73042b4c0633397a9104eb8357db334ba3aad5db6
dbd9ed25fdeb37d78df45e286ad655f9c077bc22ccc5911f4d9ad9a9c73a129c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de37023628879a78bb691427a02fbaa146d8880fe24f4815424cc2b4416cb5fa
de47934ca3e150311474a52a5bd22bdf4db391d8a8b5954cc1704aea5c17fd5b
e3a123f4d849599f8d24e436021c155d5bced56aa785433ff0e6c513f1d0d8da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e718cdfdcb8f4e2ec7bb18761fe093e683f07d517d3fcf77399ed06f8b12afa2
e85dc699dd88baa08cf48df64c7113b3d5f93b59ceee213b0ef3a28d38241fdc
ea0c947466b5b270bc9202cbb8c2b67eeaf528faf17c4488bf80bf46504f0a8f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f207e0bbd6718108755b2322a3279c8d4d5e5ceadde57d4e3ce8c80b42d25d8d
f4f1d68276e7bef4e3396a70dd9aa8ce83df8f84f64075746b96a09756bccb19
f7801a8a375feed3e21c12ede2a6f4335858c0c393cc713da4fbdffce57886b2
fc3cf36eb961a11537fd04fd5547113f956c8645e77a653336f889de3eaeadb2
fda80d24f1bfe5a68b5f719a1febecfe747c79720e3a26b4b78b6a42b67b37b7