payshadow.com Open in urlscan Pro
2606:4700:3036::ac43:c5fb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://payshadow.com/
Submission: On January 24 via automatic, source certstream-suspicious (January 24th 2021, 4:51:12 pm UTC)

Summary HTTP 27 Redirects Links 1 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3036::ac43:c5fb, located in United States and belongs to CLOUDFLARENET, US. The main domain is payshadow.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 14th 2020. Valid for: a year.

This is the only time payshadow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
24	2606:4700:303... 2606:4700:3036::ac43:c5fb		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4001:c1a::5f		15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003		15169 (GOOGLE) (GOOGLE)
27	3

24 2606:4700:3036::ac43:c5fb (United States)

ASN13335 (CLOUDFLARENET, US)

payshadow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4001:c1a::5f (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	payshadow.com payshadow.com	604 KB
2	gstatic.com fonts.gstatic.com	24 KB
1	googleapis.com fonts.googleapis.com	730 B
27	3

	Domain	Requested by
24	payshadow.com	payshadow.com
2	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	payshadow.com
27	3

This site contains links to these domains. Also see Links.

Domain
zynimus.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-14` - `2021-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://payshadow.com/
Frame ID: 9921E72BE840488EEC0991E9C58C2089
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
meta generator /^WordPress ?([\d.]+)?/i
headers link /rel="https:\/\/api\.w\.org\/"/i
html /<link [^>]*href=(?:"|')[^"']*elementor\/assets/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

27
Requests

100 %
HTTPS

100 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

629 kB
Transfer

1866 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://zynimus.com/
Title: Zynimus Company

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
payshadow.com/ 1 MB
224 KB 462ms
434ms Document
text/html 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b90f74d10cc29b625e798fbd1687a8a355907df9c4c051b1b3ba76389a25f23b

Request headers

:method: GET
:authority: payshadow.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:49 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d1039115737a4c152be2e2214cac3cfee1611507048; expires=Tue, 23-Feb-21 16:50:48 GMT; path=/; domain=.payshadow.com; HttpOnly; SameSite=Lax
link: <https://payshadow.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 07d6e7392e00004a7a95170000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H6KUdnfW3%2FDNayMR%2FhEif8Y9idLj%2Bsc%2FpAM4UY1sXYdTwTMSaBU7B8OyseP0wI4TOre3HIiRj%2FaRyevCyjrIeVtjNQ6Y11Ca1LokjjlnkbMJZZmTXu6Y6ejN"}],"group":"cf-nel","max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 616b416eaa734a7a-FRA
content-encoding: br

GET
H2 200 style.min.css
payshadow.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 646ms
644ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"d293-5b4e645cad6a1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2F001IjMdMbCzjfrl9LbNVG3gxrZ228JH1AwqIjTX6191WnbMWUPhHXSq8DsBBNCszpdEbezL9hW%2BTB9lk%2BGYJtehk41JT7v3hJAzs733WpomMqRz9WLeqFfy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bb44a7a-FRA
cf-request-id: 07d6e73ae800004a7a2fa2a000000001

GET
H2 200 theme.min.css
payshadow.com/wp-includes/css/dist/block-library/ 2 KB
927 B 794ms
792ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.3
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"8aa-5b4e645cad6a1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZQCKF0FfidJ4QPPRi1b5W%2BdEBkvks6mX5lkC2p0VxjxvvlgXDWYSwdSTiZJpGFcaNdiMecXohrAreygCi9m%2F%2BWiwLQJagFSNiwpyxvLav1xyohtDLrYm9Q4W"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bbc4a7a-FRA
cf-request-id: 07d6e73ae900004a7ab4016000000001

GET
H2 200 dashicons.min.css
payshadow.com/wp-includes/css/ 58 KB
35 KB 2899ms
2897ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-includes/css/dashicons.min.css?ver=5.5.3
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"e681-5b4e645cad6a1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ugh1R98zND04hfxFpPGnBMG0cptw70%2BFu2N5KUhJITmH8eidOtveYozhYM%2F%2BlPUFzJ0gTztrj7ESlGQ189qkyGWCfL80Q%2FmYrw1c3AHfJKde10mLe2hP7dd8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bbe4a7a-FRA
cf-request-id: 07d6e73ae900004a7a83b0c000000001

GET
H2 200 css
fonts.googleapis.com/ 5 KB
730 B 116ms
113ms Stylesheet
text/css 2607:f8b0:4001:c1a::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700|PT+Serif:400,700

Requested by

Host: payshadow.com
URL: https://payshadow.com/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4001:c1a::5f , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

792f177574d384eb75717fd3371bb6f8678e6f9a241531781b9f64979471ab1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jan 2021 16:50:49 GMT
server: ESF
date: Sun, 24 Jan 2021 16:50:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jan 2021 16:50:49 GMT

GET
H2 200 bootstrap.min.css
payshadow.com/wp-content/themes/medical-circle/assets/library/bootstrap/css/ 118 KB
18 KB 383ms
381ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/assets/library/bootstrap/css/bootstrap.min.css?ver=3.3.6
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"1d970-5b4e65427a639-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AlalYDkGLvjsMvUme0JjH%2FqeqivPbQrB5JA0L%2F%2FcDhvTQ7bab5Ac70HD%2BCzUZKXuThW38%2BnT%2Fo89xtrGhXfQF2vEY%2BRO1jwbgpPVTi24vwwk6WFBG9j%2BhbPy"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bc04a7a-FRA
cf-request-id: 07d6e73ae900004a7a398df000000001

GET
H2 200 font-awesome.min.css
payshadow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 30 KB
7 KB 3077ms
3075ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"7917-5b4e645c92120-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tqA5T7zUEjJt79NaCzoeZToNOV31s80f5ifjwyoUB0E07SkyUBpmHjrHNuHd9wMp8XOCRd2khVzOxysjw0hmXN6iYg%2FrwSTovdYsOey1Y8iTADX4UFxqUyBq"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bc14a7a-FRA
cf-request-id: 07d6e73ae900004a7aadb71000000001

GET
H2 200 slick.css
payshadow.com/wp-content/themes/medical-circle/assets/library/slick/ 2 KB
765 B 304ms
302ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/assets/library/slick/slick.css?ver=1.3.3
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"6f0-5b4e65427a639-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=maYYQ7wTNtt1sp5hoOnGSx3zAqu39ynQz1v12p%2FTTeb4cxUdxnyFV2Tf3GDcc21FstThZuJrHiOW7VFLiGBpsw10mqkoM0kh%2B8daudJCRqZAWw4Y8KAN8dLC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bc24a7a-FRA
cf-request-id: 07d6e73ae900004a7ab4905000000001

GET
H2 200 magnific-popup.css
payshadow.com/wp-content/themes/medical-circle/assets/library/magnific-popup/ 7 KB
2 KB 528ms
526ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/assets/library/magnific-popup/magnific-popup.css?ver=1.1.0
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1155981e8193622f58553eed0bba2fa43512af362a3d54dedef64c46970bb371

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"1c86-5b4e65427b5d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vzS65iBpDhDcks9BzTqgCKelO2bm5ZdN3dKYIKPONJaT6CIGobr6LI7oNoF8Ts78VycUZ%2BNgmVnoeHaaRcZ15qEGhGG%2FTrru1WMwF9AR91CZDwqK125T2gXo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bc44a7a-FRA
cf-request-id: 07d6e73aea00004a7a4a310000000001

GET
H2 200 style.css
payshadow.com/wp-content/themes/medical-circle/ 44 KB
10 KB 299ms
297ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/style.css?ver=5.5.3
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6813582fa4caa1afdb79d84cb27f0b33430391d38c9324862bacfc63520b70b6

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"b1ad-5b4e65427b5d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2AZBRerhit5a54KW%2FTl49PsgFsX5D1dGEtVIMc5cO%2FzVgh1DX%2BN6jzYdonOL70eFK7NlpWupbFkYcDwT2Izv%2Fy2AUYkVFkI4jV93LlzrMnqEpENkYAmWvFt6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bc84a7a-FRA
cf-request-id: 07d6e73aea00004a7a8b39a000000001

GET
H2 200 gutenberg-front.css
payshadow.com/wp-content/themes/medical-circle/acmethemes/gutenberg/ 1 KB
628 B 302ms
301ms Stylesheet
text/css 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/acmethemes/gutenberg/gutenberg-front.css?ver=1.0
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc75347a61a0374d716f4bad4e784f7952de2edd25a786d9f9f307e47bf571be

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:49 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"467-5b4e6542738d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VOXUs9poMEiz%2B8k%2BDL%2FGoFx%2BVVEY%2Bezy5T%2Fw1HWT4njfSE7lFRDadjjKVC95pOXVx%2FyHl%2FWSfsWN09QFU%2BmtiguQkFT%2F5v24dhE3rAL%2BINYmt9Af0KeXnk8S"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bca4a7a-FRA
cf-request-id: 07d6e73aea00004a7a2f358000000001

GET
H2 200 jquery.js Show response
payshadow.com/wp-includes/js/jquery/ 95 KB
32 KB 1903ms
1902ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:51 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"17a69-5b4e645cae641-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UM5Q9yENilBWJDZl0hOH0DkQtwFgbVjA6dqiKeDB8hRqyfH69DITCvsYiE91u1krdeGZWp1rrUJtbc%2BnO8FZSbYABw9LCy41DP9oJeNqw57N18wuvo0wiI6M"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41717bcd4a7a-FRA
cf-request-id: 07d6e73aea00004a7a7921d000000001

GET
H2 200 wp-emoji-release.min.js Show response
payshadow.com/wp-includes/js/ 14 KB
5 KB 541ms
541ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"37a6-5b4e645cae641-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bmemKG%2Bi9n3fLJln5xBeI%2BKZ3rGVnOnZ8WUmcR6JpGyB2cWwEVqaIfxlISbX8i0d4L3mNb9pbzaJJuXa2h%2Fge2J1KCP4xepAmZhsbYrLNUhPYPZfpJrcnHUh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b4193bc604a7a-FRA
cf-request-id: 07d6e7505000004a7aad9be000000001

GET
H2 200 payshadow-ff_white-bg_small.png
payshadow.com/wp-content/uploads/2020/11/ 10 KB
11 KB 2353ms
2352ms Image
image/png 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payshadow.com/wp-content/uploads/2020/11/payshadow-ff_white-bg_small.png
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1009c119553b9d1c93486e8a4a23c09e39e78a6c04afa1df8f28e01dc0cc0b

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:54 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 04:47:54 GMT
server: cloudflare
etag: "29e6-5b4e72161d0c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ztTSJ79DMN8YWPw6WR6mbMDaadrvKPdpYsDHLMkNCBCgfd5OYVpL5RH650N%2BtbRwj2%2FMbEvnwJrU%2BuatasAR%2BC10D%2FdV8v%2FZ3xmo0%2B4Edaaffl7JeDBCdGKo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
accept-ranges: bytes
cf-ray: 616b4184ff7d4a7a-FRA
content-length: 10726
cf-request-id: 07d6e7472100004a7a39a64000000001

GET
H2 200 slick.min.js Show response
payshadow.com/wp-content/themes/medical-circle/assets/library/slick/ 42 KB
10 KB 907ms
906ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/assets/library/slick/slick.min.js?ver=1.1.2
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05c732e60d7db00915ae57acdd91c0e13e223e1358f7ed657b750be9c6d3a5aa

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:52 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"a68b-5b4e65427b5d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UB6DRa7tF0KZatonpVx355IqL5ibns77NY21rF9C0UtkW1tLVJcBwGNxX15FwwpJHNa4CqIxan2b3Y0oDiWFHuPHrzi2ve76qwfRjCqQOyJQICC1whV03EU%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41839b1c4a7a-FRA
cf-request-id: 07d6e7466e00004a7a70830000000001

GET
H2 200 skip-link-focus-fix.js Show response
payshadow.com/wp-content/themes/medical-circle/acmethemes/core/js/ 879 B
681 B 933ms
933ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/acmethemes/core/js/skip-link-focus-fix.js?ver=20130115
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cbee9510ad8a23ed22cba8e5597618cd88ad910384ad9c3c5ca41f89760ad3e

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:53 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"36f-5b4e6542738d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wf5znHYjZZNKAn80D53S9mqHZ4PcJn2XLfPxR%2FrCU%2FnIdXhXTlpCptUr9D5mjDnw5USUhFrczuVQ%2FtluKLkRHZTiVglcCFnryJRxkItl4bnTU7sTe81jLdm4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b4184ae7b4a7a-FRA
cf-request-id: 07d6e746ec00004a7a5b05e000000001

GET
H2 200 bootstrap.min.js Show response
payshadow.com/wp-content/themes/medical-circle/assets/library/bootstrap/js/ 36 KB
10 KB 1912ms
1910ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/assets/library/bootstrap/js/bootstrap.min.js?ver=3.3.6
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"90b5-5b4e65427a639-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X6rfcLE7sa4ekZAaowjXWF9OH0Xx1svf0wiYewJ%2FUFu8QuaDwG4hCnivC8J4PoKTk4BJJIc73X9e%2BSngpJ7ZgqalDla4NGxmyuT35YZrhKTkCKWUUQq2A2Iq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b4184df014a7a-FRA
cf-request-id: 07d6e7470900004a7aa7908000000001

GET
H2 200 wow.min.js Show response
payshadow.com/wp-content/themes/medical-circle/assets/library/wow/js/ 8 KB
3 KB 2385ms
2384ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/assets/library/wow/js/wow.min.js?ver=1.1.2
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e24c7119a49df5d48c34b8f684c0e24318999bedd46ee116522009e5f2b87162

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"20eb-5b4e65427b5d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uaNg%2FnkAeHVWj2Xa%2F3JNOQlghaBhXDVhzeU8R3dlYeY%2FrTodakON2dp6seT%2F%2BVtnqI1Ee2y%2F20a9cL76RH%2BSkjqucvoH%2B0scJZiYnuJzn%2BJTfNVGbvW%2Bbxrk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b4184df044a7a-FRA
cf-request-id: 07d6e7470900004a7a41148000000001

GET
H2 200 jquery.magnific-popup.min.js Show response
payshadow.com/wp-content/themes/medical-circle/assets/library/magnific-popup/ 20 KB
7 KB 2272ms
2271ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/assets/library/magnific-popup/jquery.magnific-popup.min.js?ver=1.1.0
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"4efb-5b4e65427b5d9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tqVxDZIbZ2wbVBv5VZRDqKArsft5Gp1Es%2FiaBB7FaTBh%2BkpkJCmKYGBqLfRpPXNewEZL4LYM%2Bw6PofLXaGZMdLwfn36%2BAcnBdFORknRcTLGZTkQI15hoGSUk"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b4184df064a7a-FRA
cf-request-id: 07d6e7470500004a7aa8ad6000000001

GET
H2 200 medical-circle-custom.js Show response
payshadow.com/wp-content/themes/medical-circle/assets/js/ 7 KB
2 KB 1714ms
1713ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/themes/medical-circle/assets/js/medical-circle-custom.js?ver=1.0.1
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d736219b5b44b3b40b39a166ec0183e108b6613cc9269f475f8ff3f251bb27cb

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:50:30 GMT
server: cloudflare
etag: W/"1ae5-5b4e6542786f9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ptmR7BtUDEVopYduBVGsPzlY2UBTzILwTwIw0iiR5g45%2FD1Z9mIY6IJ9hK0zVITCbGGzzHHlJoHwE7Q3Clu7eQBlT5i8ElsDJzRIuw7IHEad5ktD0R6OJMZP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b4184df084a7a-FRA
cf-request-id: 07d6e7470500004a7a2fbcb000000001

GET
H2 200 imagesloaded.min.js Show response
payshadow.com/wp-includes/js/ 5 KB
2 KB 767ms
766ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"15fd-5b4e645caf5e1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mfWYSCQro4ety7VNER2%2B5lG%2B4lM6TnUyZ0LUAd7DzZHgxt0Y%2BAt%2FlX8ZnCK8NvxBOCjWIdzFJ74DW6G14M7RXDV5kMiX6IyeMoIQk2B6jOVj%2BFzlpmPxRhuP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b419069b34a7a-FRA
cf-request-id: 07d6e74e4400004a7a31bee000000001

GET
H2 200 masonry.min.js Show response
payshadow.com/wp-includes/js/ 24 KB
7 KB 809ms
808ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"5e4a-5b4e645caf5e1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tEW0mYdOvE13F6oZuCeatC%2FmdIDUHx0et6cmcN%2BAzuvTXqCFLkzRC7KiUuvtLs7s%2B3udT647WQbaq0Wg%2BMS8NqF%2FGrJbEVa8WiQax3VsxTTvwzqd424a8oD%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b4190cb254a7a-FRA
cf-request-id: 07d6e74e8000004a7a92851000000001

GET
H2 200 wp-embed.min.js Show response
payshadow.com/wp-includes/js/ 1 KB
992 B 468ms
468ms Script
application/javascript 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: W/"59a-5b4e645caf5e1-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CdJClz1JjvJt5ftlkx7vymG3hEDMEv%2F1nt4ghdtJeYi63UPzJ1EUXMAdDfJ3jjQZCULlr4QIv%2FALxlfcYU9qTPDbysV75yrY8SL7zNIH1WtkwmNVfBitPizz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-ray: 616b41930a3a4a7a-FRA
cf-request-id: 07d6e74fe600004a7a8b22c000000001

GET
H2 200 cropped-pexels-negative-space-34577-scaled-1.jpg
payshadow.com/wp-content/uploads/2020/11/ 133 KB
133 KB 2646ms
2646ms Image
image/jpeg 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://payshadow.com/wp-content/uploads/2020/11/cropped-pexels-negative-space-34577-scaled-1.jpg
Requested by: Host: payshadow.com
URL: https://payshadow.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ae22826f11ef0b0773d9965417a1246d09adeffb686fee3e58a72c61802e4d

Request headers

Referer: https://payshadow.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:54 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 04:31:44 GMT
server: cloudflare
etag: "21316-5b4e6e79802ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=57d9gPqlhramxFQCHHYsSUz85FGuSUb7%2FnrY1vJLRw6Z90Pus%2B202c%2FMjg0vSXpszKWOAxnRe%2FDCHvmKdazth9wJ8B%2BPEae7K5dcr%2BtuG0CYab9weYiudMB5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
accept-ranges: bytes
cf-ray: 616b4184ff794a7a-FRA
content-length: 135958
cf-request-id: 07d6e7471f00004a7a4429f000000001

GET
H2 200 EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2
fonts.gstatic.com/s/ptserif/v12/ 13 KB
13 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr-_dSb_.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|PT+Serif:400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://payshadow.com
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700|PT+Serif:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 21:30:54 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:05:28 GMT
server: sffe
age: 242398
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13280
x-xss-protection: 0
expires: Fri, 21 Jan 2022 21:30:54 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v12/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700|PT+Serif:400,700

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://payshadow.com
Referer: https://fonts.googleapis.com/css?family=PT+Sans:400,700|PT+Serif:400,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 04:59:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:37 GMT
server: sffe
age: 388263
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11504
x-xss-protection: 0
expires: Thu, 20 Jan 2022 04:59:49 GMT

GET
H2 200 fontawesome-webfont.woff2
payshadow.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/ 75 KB
76 KB 1769ms
1769ms Font
application/octet-stream 2606:4700:3036::ac43:c5fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://payshadow.com/wp-content/plugins/elementor/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: payshadow.com
URL: https://payshadow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c5fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Origin: https://payshadow.com
Referer: https://payshadow.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/font-awesome.min.css?ver=4.7.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:50:54 GMT
cf-cache-status: MISS
last-modified: Wed, 25 Nov 2020 03:46:29 GMT
server: cloudflare
etag: "12d68-5b4e645c92120"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=biJnO33q%2Bxy6pGtgX9EbouwdVJ4r3Ox0j1pYQJq7kUnMR9XO7d5VSsgJAEDQYIPHXws8Tlgh30tNjKky%2F6lfj%2FrX%2BGau6DRCDA%2Bn9ObGlu5WOZ2eykRE1hfl"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"max_age":604800,"report_to":"cf-nel"}
accept-ranges: bytes
cf-ray: 616b4184ef294a7a-FRA
content-length: 77160
cf-request-id: 07d6e7470d00004a7aad8c7000000001

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| localize object| typeformEmbed function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Typed object| jQuery112407040615046209542 object| __SECRET_EMOTION__ function| Plyr object| FullCalendarLocalesAll function| moment object| FullCalendar object| FullCalendarDayGrid object| FullCalendarTimeGrid object| FullCalendarList boolean| isEditMode object| ea function| WOW object| eb_wow object| wp boolean| typeformEmbedIsloaded object| twemoji

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.payshadow.com/	1970-01-19 16:21:39	Name: __cfduid Value: deb9a397cd7aaf5068df4611637009d611611507052

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
payshadow.com
2606:4700:3036::ac43:c5fb
2607:f8b0:4001:c1a::5f
2a00:1450:4001:801::2003
05c732e60d7db00915ae57acdd91c0e13e223e1358f7ed657b750be9c6d3a5aa
1155981e8193622f58553eed0bba2fa43512af362a3d54dedef64c46970bb371
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f1009c119553b9d1c93486e8a4a23c09e39e78a6c04afa1df8f28e01dc0cc0b
3cbee9510ad8a23ed22cba8e5597618cd88ad910384ad9c3c5ca41f89760ad3e
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
6813582fa4caa1afdb79d84cb27f0b33430391d38c9324862bacfc63520b70b6
6d6cd55572e8be7aa03c122e0ef98bf72d91a2caa2dddfe3c7c5b50f67d2bd07
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
792f177574d384eb75717fd3371bb6f8678e6f9a241531781b9f64979471ab1a
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
b0a45cd5aed66e27bd8ee861d0e3b782c8e79849bde32f90f078b9f2451a36f2
b90f74d10cc29b625e798fbd1687a8a355907df9c4c051b1b3ba76389a25f23b
bb74816a9aaed49f7b58ffbfead623f50686271a551d77a3ed95a56a56e40dbf
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
d736219b5b44b3b40b39a166ec0183e108b6613cc9269f475f8ff3f251bb27cb
dc1a3a3bf97eada084f65b5d87085ddb8d3a76a9e450c6a41211e1698048de91
dc75347a61a0374d716f4bad4e784f7952de2edd25a786d9f9f307e47bf571be
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e24c7119a49df5d48c34b8f684c0e24318999bedd46ee116522009e5f2b87162
f6ae22826f11ef0b0773d9965417a1246d09adeffb686fee3e58a72c61802e4d
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869